Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:54:58 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1668181605&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20Windows%20ME%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Fme%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1668181605.1338191698.1338191698.1338191698.1%3B%2B__utmz%3D32867617.1338191698.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/31310/Yahoo-ducky.txt http://packetstormsecurity.org/files/31310/Yahoo-ducky.txt http://packetstormsecurity.org/files/31310/Yahoo-ducky.txt.html Sun, 06 Jul 2003 19:29:49 GMT Yahoo Messenger 5.5 and below suffers from a buffer overflow that was originally discovered and fixed in May of 2002, but has since resurfaced. Systems Affected: Windows NT/2000/SP1/SP2/SP3, Windows ME, Windows 95/98, Windows XP. http://packetstormsecurity.org/files/30554/sd2002.zip http://packetstormsecurity.org/files/30554/sd2002.zip http://packetstormsecurity.org/files/30554/sd2002.zip.html Wed, 04 Dec 2002 08:05:04 GMT Secure Data 2002 is the start of a new line of security tools by Security Storm. Secure Data 2002 brings an easy to use interface to the best encryption technologies. From XOR to Blowfish to RC4 and many more Secure Data 2002 is the easy way to encrypt and decrypt sensitive data using common encryption technologies and a passphrase of your choice. Secure Data 2002 is compatible with Windows 9x, Windows Me, Windows NT, Windows 2002, and Windows XP. http://packetstormsecurity.org/files/29810/ms02-054 http://packetstormsecurity.org/files/29810/ms02-054 http://packetstormsecurity.org/files/29810/ms02-054.html Fri, 04 Oct 2002 07:00:07 GMT Microsoft Security Advisory MS02-054 - On Windows 98 with Plus! Pack, Windows Me and Windows XP, the Compressed Folders feature has an unchecked buffer in the program that handles the decompressing of files from a zipped file, allowing code of the attackers choice to run. http://packetstormsecurity.org/files/29676/ss2002-setup.msi http://packetstormsecurity.org/files/29676/ss2002-setup.msi http://packetstormsecurity.org/files/29676/ss2002-setup.msi.html Tue, 30 Jul 2002 21:24:37 GMT Server Scan is a simple tool for detecting web servers on a network. Created originally to detect unauthorized web servers on a network, server scan can serve many purposes from detecting unauthorized web servers to checking what types of web servers are running on your network. Server Scan is compatible with Windows 95, Windows 98, Windows Me, Windows NT 4, Windows 2000, and Windows XP. http://packetstormsecurity.org/files/25563/ms01-059 http://packetstormsecurity.org/files/25563/ms01-059 http://packetstormsecurity.org/files/25563/ms01-059.html Fri, 21 Dec 2001 07:50:09 GMT Microsoft Security Advisory MS01-059 - Two unrelated buffer overflows have been found in the Microsoft UPnP service. A overflow in the NOTIFY directive allows remote attackers to execute arbitrary code. The second vulnerability crashes the machine. Windows ME and XP include native UPnP services; Windows 98 and 98SE do not include a native UPnP service, but one can be installed. Microsoft FAQ on this issue available here. http://packetstormsecurity.org/files/25408/ms01-054 http://packetstormsecurity.org/files/25408/ms01-054 http://packetstormsecurity.org/files/25408/ms01-054.html Fri, 02 Nov 2001 05:28:21 GMT Microsoft Security Advisory MS01-054 - A vulnerability in the UPnP service which is enabled by default on Windows ME and XP allows for a remote denial of service attack causing slow performance to system failure. This vulnerability is exploited over TCP ports 1900 and 5000. Microsoft FAQ on this issue available here. http://packetstormsecurity.org/files/24961/antexp.zip http://packetstormsecurity.org/files/24961/antexp.zip http://packetstormsecurity.org/files/24961/antexp.zip.html Wed, 11 Jul 2001 08:09:19 GMT Advanced NT Security Explorer (ANTExp) is an application for Microsoft Windows NT, Windows 2000 and Windows XP system administrators for finding holes in system security. It analyses user password hashes, and tries to recover plain-text passwords. If it's possible to recover the password in a reasonable time, the password should be considered to be insecure. ANTExp is very fast - tries about 900,000 passwords per second on a Pentium-III/450 CPU. Tested on Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP. http://packetstormsecurity.org/files/24624/lc3setup.exe http://packetstormsecurity.org/files/24624/lc3setup.exe http://packetstormsecurity.org/files/24624/lc3setup.exe.html Thu, 12 Apr 2001 20:47:26 GMT L0phtCrack 3 15 day trial - L0phtCrack is an NT password auditing tool. It will compute NT user passwords from the cryptographic hashes that are stored by the NT operation system. L0phtCrack computes the password from a variety of sources using a variety of methods. Uses include recovering a forgotten password, ensuring that users use strong passwords, retrieving the password of a user in order to impersonate them, or migrating NT users to another platform such as Unix. Tested on Windows 98SE, Windows ME, Windows NT, and Windows 2000. http://packetstormsecurity.org/files/24543/ms01-019 http://packetstormsecurity.org/files/24543/ms01-019 http://packetstormsecurity.org/files/24543/ms01-019.html Wed, 28 Mar 2001 20:14:13 GMT Microsoft Security Advisory MS01-019 - Compressed folders, included with Windows ME and Plus 98, has an implementation flaw which records the plain text password used to encrypt the folder in c:\windows\dynazip.log. Microsoft FAQ on this issue available here. http://packetstormsecurity.org/files/24063/ms01-001 http://packetstormsecurity.org/files/24063/ms01-001 http://packetstormsecurity.org/files/24063/ms01-001.html Sat, 13 Jan 2001 18:29:30 GMT Microsoft Security Bulletin (MS01-001) - The Web Extender Client (WEC), a component that ships as part of Office 2000, Windows 2000, and Windows Me, does not respect the IE Security settings regarding when NTLM authentication will be performed - instead, WEC will perform NTLM authentication with any server that requests it. If a user established a session with a malicious user's web site - either by browsing to the site or by opening an HTML mail that initiated a session with it - an application on the site could capture the user's NTLM credentials. The malicious user could then use an offline brute force attack, or with specialized tools, could submit a variant of these credentials in an attempt to protected resources. Microsoft FAQ on this issue available here. http://packetstormsecurity.org/files/23737/ms00-091 http://packetstormsecurity.org/files/23737/ms00-091 http://packetstormsecurity.org/files/23737/ms00-091.html Sun, 03 Dec 2000 02:35:06 GMT Microsoft Security Bulletin (MS00-091) - Microsoft has released a patch that eliminates a security vulnerability in Microsoft Windows NT 4.0 and a recommended workaround for Windows 95, 98, 98 Second Edition, and Windows Me. The vulnerability allows malicious users to pause networking or sometimes crash the entire system by sending a flood of specially malformed TCP packets to port 139. Microsoft FAQ on this issue available here. http://packetstormsecurity.org/files/23474/netsec36.txt http://packetstormsecurity.org/files/23474/netsec36.txt http://packetstormsecurity.org/files/23474/netsec36.txt.html Tue, 31 Oct 2000 18:47:41 GMT Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: The phpinfo() function in PHP gives out lots of server information, NAV misses certain folers, JRun problems with web-inf directory, JRun 2.3 arbitrary file retrieval and command execution, Microsoft Session ID cookie marking bug patch, Hotjava Browser 3.0 Javascript bug, Windows ME printer sharing vulnerability, SuSE ncurses vulnerability, NetBSD global 3.55 vulnerability, NetBSD GNU CFEngine remote vulnerability, Cisco VCO/4000 SNMP bug, PAM_MYSQL local and remote bugs, cisco catalyst 3500 xl remote command execution. Security news: Virus threats getting worse, final vote on secret searches expected, protecting freedom of expression, islamic attackers crash israeli web sites, global hacker agreement could affect bug hunters, and more. http://packetstormsecurity.org/files/23455/devicelock.zip http://packetstormsecurity.org/files/23455/devicelock.zip http://packetstormsecurity.org/files/23455/devicelock.zip.html Tue, 31 Oct 2000 00:10:44 GMT Devicelock gives network administrators control over which users can access what removable devices (floppies, Magneto-Optical disks, CD-ROMs, ZIPs, etc.) on a local computer. It can protect network and local computers against viruses, trojans and other malicious programs often injected from removable disks. This version is for Windows 2000/NT. Windows ME version available here. http://packetstormsecurity.org/files/23317/ms00-075 http://packetstormsecurity.org/files/23317/ms00-075 http://packetstormsecurity.org/files/23317/ms00-075.html Sun, 15 Oct 2000 17:56:32 GMT Microsoft Security Bulletin (MS00-075) - Microsoft has released a patch that eliminates the "Microsoft VM ActiveX Component" vulnerability in Microsoft virtual machine (Microsoft VM) for Windows 95, 98, Windows Me, Windows NT 4.0, and Windows 2000. If a malicious web site operator coaxes a user into visiting his site, the vulnerability allows him to take any desired action on a visiting user's machine by using ActiveX controls which are marked unsafe for scripting. Microsoft FAQ on this issue available here.