Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:52:21 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1813326839&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20BSD%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Fbsd%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1813326839.1338191541.1338191541.1338191541.1%3B%2B__utmz%3D32867617.1338191541.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/108695/bsdpm.c.txt http://packetstormsecurity.org/files/108695/bsdpm.c.txt http://packetstormsecurity.org/files/108695/BSD-x86-execve-bin-sh-c-etc-master.passwd-setreuid-0-0-Shellcode.html Mon, 16 Jan 2012 02:40:55 GMT 94 bytes small BSD/x86 execve ('/bin/sh -c "/etc/master.passwd"') setreuid(0,0) shellcode. http://packetstormsecurity.org/files/108199/linux-telnet-telnet_encrypt_keyid.rb.txt http://packetstormsecurity.org/files/108199/linux-telnet-telnet_encrypt_keyid.rb.txt http://packetstormsecurity.org/files/108199/Linux-BSD-derived-Telnet-Service-Encyption-Key-ID-Buffer-Overflow.html Wed, 28 Dec 2011 17:19:49 GMT This Metasploit module exploits a buffer overflow in the encryption option handler of the Linux BSD-derived telnet service (inetutils or krb5-telnet). Most Linux distributions use NetKit-derived telnet daemons, so this flaw only applies to a small subset of Linux systems running telnetd. http://packetstormsecurity.org/files/108166/dsa-2375-1.txt http://packetstormsecurity.org/files/108166/dsa-2375-1.txt http://packetstormsecurity.org/files/108166/Debian-Security-Advisory-2375-1.html Mon, 26 Dec 2011 15:36:21 GMT Debian Linux Security Advisory 2375-1 - It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges. http://packetstormsecurity.org/files/107020/libdvdcss-1.2.11.tar.gz http://packetstormsecurity.org/files/107020/libdvdcss-1.2.11.tar.gz http://packetstormsecurity.org/files/107020/libdvdcss-1.2.11.html Wed, 16 Nov 2011 03:57:26 GMT libdvdcss is a cross-platform library for transparent DVD device access with on-the-fly CSS decryption. It currently runs under Linux, FreeBSD, NetBSD, OpenBSD, BSD/OS, Solaris, BeOS, Win95/Win98, Win2k/WinXP, MacOS X, HP-UX, QNX, and OS/2. It is used by libdvdread and most DVD players such as VLC because of its portability and because, unlike similar libraries, it does not require your DVD drive to be region locked. http://packetstormsecurity.org/files/106996/fwlogwatch-1.3.tar.gz http://packetstormsecurity.org/files/106996/fwlogwatch-1.3.tar.gz http://packetstormsecurity.org/files/106996/Firewall-Log-Watch-1.3.html Tue, 15 Nov 2011 05:42:24 GMT fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface. http://packetstormsecurity.org/files/106589/regcomp-memory.txt http://packetstormsecurity.org/files/106589/regcomp-memory.txt http://packetstormsecurity.org/files/106589/BSD-libc-regcomp-3-Memory-Management-Recursion.html Fri, 04 Nov 2011 15:20:33 GMT Recursion and bad memory management in BSD's libc/regcomp(3) can cause denial of service conditions. http://packetstormsecurity.org/files/99951/ipcomp.c http://packetstormsecurity.org/files/99951/ipcomp.c http://packetstormsecurity.org/files/99951/BSD-IPcomp-Kernel-Stack-Overflow-Testcase.html Fri, 01 Apr 2011 20:46:49 GMT This exploit demonstrates the BSD IPComp kernel stack overflow testcase. http://packetstormsecurity.org/files/99950/ipcomp-nested.txt http://packetstormsecurity.org/files/99950/ipcomp-nested.txt http://packetstormsecurity.org/files/99950/BSD-IPComp-Expansion-Of-Arbitrary-Nested-Payload.html Fri, 01 Apr 2011 20:44:28 GMT BSD derived RFC3173 IPComp encapsulation will expand an arbitrarily nested payload. http://packetstormsecurity.org/files/94600/fwlogwatch-1.2.tar.gz http://packetstormsecurity.org/files/94600/fwlogwatch-1.2.tar.gz http://packetstormsecurity.org/files/94600/Firewall-Log-Watch-1.2.html Mon, 11 Oct 2010 05:29:32 GMT fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface. http://packetstormsecurity.org/files/89881/unixasm-1.4.0.tar.gz http://packetstormsecurity.org/files/89881/unixasm-1.4.0.tar.gz http://packetstormsecurity.org/files/89881/Unixasm-Assembly-Components-1.4.0.html Tue, 25 May 2010 04:33:05 GMT A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today. http://packetstormsecurity.org/files/89660/prdelka-vs-APPLE-chpass.txt http://packetstormsecurity.org/files/89660/prdelka-vs-APPLE-chpass.txt http://packetstormsecurity.org/files/89660/Apple-10.6.3-chpass-BSD-Insecure-Temp-File-Creating-In-etc.html Wed, 19 May 2010 04:57:31 GMT Apple Mac OS X versions 10.6.3 and below suffer from a chpass BSD insecure temp file creation in /etc vulnerability. A user can create a file with rw perms in /etc as owner and populate it with arbitrary data. This could be utilized to fill the disk or write configuration file information that could be combined with another flaw to elevate local privileges. http://packetstormsecurity.org/files/88830/bsdx86-bindshell.c http://packetstormsecurity.org/files/88830/bsdx86-bindshell.c http://packetstormsecurity.org/files/88830/167-Bytes-BSD-x86-Bindshell.html Fri, 23 Apr 2010 04:43:45 GMT 167 bytes small BSD x86 bindshell shellcode that spawns on port 2525. http://packetstormsecurity.org/files/82280/describe.rb.txt http://packetstormsecurity.org/files/82280/describe.rb.txt http://packetstormsecurity.org/files/82280/RealServer-Describe-Buffer-Overflow.html Tue, 27 Oct 2009 22:18:44 GMT This Metasploit module exploits a buffer overflow in RealServer 7/8/9 and was based on Johnny Cyberpunk's THCrealbad exploit. This code should reliably exploit Linux, BSD, and Windows-based servers. http://packetstormsecurity.org/files/81452/glibc-format.txt http://packetstormsecurity.org/files/81452/glibc-format.txt http://packetstormsecurity.org/files/81452/BSD-libc-strfmon-Multiple-Vulnerabilities.html Sat, 19 Sep 2009 16:45:54 GMT BSD libc (strfmon) suffers from multiple vulnerability. http://packetstormsecurity.org/files/80534/bsd-setusercontext.txt http://packetstormsecurity.org/files/80534/bsd-setusercontext.txt http://packetstormsecurity.org/files/80534/BSD-setusercontext-Vulnerabilities.html Sun, 23 Aug 2009 16:56:05 GMT Various BSD derived operating systems suffer from various vulnerabilities due to the setusercontext() function. http://packetstormsecurity.org/files/72021/unixasm-1.3.0.tar.gz http://packetstormsecurity.org/files/72021/unixasm-1.3.0.tar.gz http://packetstormsecurity.org/files/72021/unixasm-1.3.0.tar.gz.html Tue, 18 Nov 2008 01:08:31 GMT A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today. http://packetstormsecurity.org/files/71719/vmware-guestescalate.txt http://packetstormsecurity.org/files/71719/vmware-guestescalate.txt http://packetstormsecurity.org/files/71719/vmware-guestescalate.txt.html Sat, 08 Nov 2008 01:56:46 GMT By exploiting either of the VMware flaws described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaws have been proven exploitable on x64 versions of Windows, and they have produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of these flaws on x64 versions of Linux. http://packetstormsecurity.org/files/70643/vmware-emulation.txt http://packetstormsecurity.org/files/70643/vmware-emulation.txt http://packetstormsecurity.org/files/70643/vmware-emulation.txt.html Mon, 06 Oct 2008 22:43:37 GMT By exploiting the VMware flaw described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaw has been proven exploitable on x64 versions of Windows, and it has produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of the flaws on x64 versions of Linux. http://packetstormsecurity.org/files/69854/unixasm-1.2.0.tar.gz http://packetstormsecurity.org/files/69854/unixasm-1.2.0.tar.gz http://packetstormsecurity.org/files/69854/unixasm-1.2.0.tar.gz.html Thu, 11 Sep 2008 05:31:39 GMT A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today. http://packetstormsecurity.org/files/69736/ttyrpld-2.52.tar.bz2 http://packetstormsecurity.org/files/69736/ttyrpld-2.52.tar.bz2 http://packetstormsecurity.org/files/69736/ttyrpld-2.52.tar.bz2.html Mon, 08 Sep 2008 15:28:55 GMT ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.). http://packetstormsecurity.org/files/66472/ttyrpld-2.51.tar.bz2 http://packetstormsecurity.org/files/66472/ttyrpld-2.51.tar.bz2 http://packetstormsecurity.org/files/66472/ttyrpld-2.51.tar.bz2.html Mon, 19 May 2008 18:52:33 GMT ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.). http://packetstormsecurity.org/files/63407/unixasm-1.1.0.tar.gz http://packetstormsecurity.org/files/63407/unixasm-1.1.0.tar.gz http://packetstormsecurity.org/files/63407/unixasm-1.1.0.tar.gz.html Fri, 08 Feb 2008 21:36:38 GMT A collection of shellcode for various platforms bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today. http://packetstormsecurity.org/files/62219/ttyrpld-2.50.tar.bz2 http://packetstormsecurity.org/files/62219/ttyrpld-2.50.tar.bz2 http://packetstormsecurity.org/files/62219/ttyrpld-2.50.tar.bz2.html Wed, 02 Jan 2008 19:47:22 GMT ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.). http://packetstormsecurity.org/files/61389/rathole-1.2.tar.gz http://packetstormsecurity.org/files/61389/rathole-1.2.tar.gz http://packetstormsecurity.org/files/61389/rathole-1.2.tar.gz.html Fri, 30 Nov 2007 06:51:07 GMT RatHole is a unix backdoor which compiles cleanly on standard Linux and OpenBSD (probably other BSD flavors also) without additional libraries. It features blowfish encryption, process name hiding and definition of a preferred shell. It spits no error messages (like for sockets already bound) because it is supposed to be stealth. When a client connects to the backdoor a new shell process and two pipe files are created. The I/O of the shell is duped to the pipes and the daemon encrypts the communication. http://packetstormsecurity.org/files/60934/11.14.07-3.txt http://packetstormsecurity.org/files/60934/11.14.07-3.txt http://packetstormsecurity.org/files/60934/iDEFENSE-Security-Advisory-2007-11-14.3.html Thu, 15 Nov 2007 02:20:14 GMT iDefense Security Advisory 11.14.07 - Local exploitation of a heap based buffer overflow in Apple Inc.'s OS X may allow an attacker to execute arbitrary code in kernel context. The vulnerability exists within a function responsible for allocating an mbuf. mbufs are a BSD concept, long used by BSD kernels to allocate buffers for storing network related data. iDefense has confirmed the existence of this vulnerability in Mac OS X 10.4.10, Workstation and Server editions. Previous versions may also be affected.