IE4 Persistent Connection Bug - Microsoft Internet Explorer 4.0 ignores certain HTTP/1.0 instructions, manifested when using proxy connections, and consequently leaves MSIE users open to various attacks.
68b2aa03c3a2ccbc58f6770cadaf04e36cc53f629e3494934c7d399f086c4b41
Javascript security bug in Internet Explorer 4.01 (patched), circumvents "Cross-frame security" and opens several security holes.
7227b448af3c5ef0eee755f1fa66d2c1d4b4400b036c4138d64e3ddd002a156b
Bug in Internet Explorer 4.01 (patched) allows "window spoofing". Example exploit code included.
0b2ab3f0132b2fc54770b55d039b580dac7c035f985f03a438663ddaa610f04a
Bug in Internet Explorer 4.x (patched) allows reading of local files and sending them to an arbitrary server. Example exploit code included.
5916233223b5e5bc31f55023b0812bae98d5c70fa3ab07dc14a34bddd7a6a54e
nt4-ole-clipboard-password.txt
4077885c7d49e6b40e94b1815328896d1c1d68974aa6362151fbae4f7ef0423f
Exploit code to crash (BSOD) Windows98 machines with malformed packets.
eae8fd559fb1979118ac1c6195952919073e50c9f7be32ae90a32db923d5932e
PADLOCK-IT v1.01 contains numerous security holes and improperly manages passwords, making for a very unsecure implementation of the Twofish encryption algorithm.
c38a94329ea92d8f5dd5c2d3c70347785d9d8ea9241027546f6eac17314e04bd
UNIX shell script version of the FrontPage _vti_pvt/service.pwd exploit.
3d41b06172527ad234af3d3a0ace29bf25a2505bf70c8e3252852c82146bd595
pop-spoof.pl v0.01 - Local POP3 spoofer: Most email clients these days have the ability to cache passwords and other details (Netscape users look at pref.js explorer registry). Spoof a pop server and edit the prefs.js or registry to try and check 127.0.0.1 and run this Perl script to get the passwords in clear text.
a75ae0370bc2a1ccf96bf370003c745a0fd946f7d2fec37b567a0d50a5977433
pop-spoof.zip v0.01 - Zipped version of the above perl script.
e69e59a302e03503429c654ad8d58151f051c8f5674363609381eb1871fdace3
ANTI-prym/h4g1s portshell code - bind a shell to port 46256 (0xb4b0 =)). Only 135 bytes!
a2bb3ceb776354e64168df2d3af744f22783f91ba17f6ff7fdbd0932419b30d3
Yet another Quake2 buffer overflow remote Denial of Service attack discovered.
6b5bdca434af2334a0b5141c0e101f99822f7dc628513fce0fb193beefb5c545
More Quake2 buffer overflows, security holes, Denial of Service attacks, and other nuisances.
8c04039c526aed615c8f713d7626199bdc20c7cefdf31738bcde1eae56e5dcf2
Quakenbush Windows NT Password Appraiser software sends users password hashes and even plaintext passwords out through the Internet, regardless of firewall rules.
1c8af51b12b6d745cf6013df3d5a7e38a7194174382a59ffba2407bcf308f873
rpcbind.txt
6039cf8680ae1e7617ad8ba7cf6c54eb106603e92a7f6822f5bf22274b4cef44
shell-modem-access.txt
e3406fb049443cc3472f93819819e2acc9d264bf6a81d075bec9528344418b6f
Buffer overflow in Solaris 2.6, 2.7 /usr/bin/lpstat allows root compromise.
b231b6fd8fda318eb7eae4d0017a06065e9eaa28749b6c49c8957da4cc457c8e
sscan v0.1a - The son of mscan is here! Much more powerful though, sscan has been created with self-replication (integration into internet worms), configurability, and expandibility in mind. A built in scripting language allows anyone with *no* programming knowledge to add vulnerability checks in a matter of seconds. OS fingerprinting is done with both tcp/ip stack id, and more traditional methods as well.
ce687399f502df76e8c8a58efee41bf909720db7748cb276ce787ddcc7f3fb47
SSH 1.x and 2.x Daemon bug allows users with expired accounts to log in via ssh, even when access has been denied to other services, such as telnet and ftp.
5ba4dbf5c007ccead811a1d50111023721da4c9343ecdd3d3f860ba1ed144071
sshdwarez.c
634497acfb8a4e314c60f1ef43d3590c86dde6a0c4ca3ee596dc5e1fd521d695
CERT Advisory CA-99-01-Trojan-TCP-Wrappers - Copies of the source code for the TCP Wrappers tool (tcpd) were modified by an intruder and contain a Trojan horse. CERT notes that "A number of FTP servers" had the trojan version of this program available for download. This is your wake-up call to verify all mission critical files you download, and preferably ALL software (when possible) - use CERT
cd3e798f58838cdde6d4f760743da045defdb5d79821c2b3cde388269757792c
Backdoored TCP Wrapper source code discovered. Although only 52 people downloaded this code from ftp.win.tue.nl (all have been notified), this notice serves as an excellent reminder that you should ALWAYS verify the PGP and file signatures of ANY software that you download. The backdoor exploit code is included in this file.
a957392590d362be395e630aab84e8b236d0fd35d861f8d84187a21850ff0c4e
Retrieves netbios name from remote Windog (as described in Hobbit's document cifs.txt). Several bugfixes in this release, including timeouts.
3b04370a8747b81989de7c2310d18411dc665a4f919b2838b27b00a23040f00c
Trojan (backdoored) version of util-linux-2.9g found on ftp.win.tue.nl, further emphasizing security problems associated with end user not performing authentication/signature checking of all files downloaded from remote locations. The exploit code inserted into the trojaned version of util-linux2.9g is included.
87fd454c548ef69516744c6fdd836985031f0547b4d041990306e8a6a300f037
More WebRamp M3 remote network access bugs/insecurities. This file includes the default login/password, and even a couple of suggestions for malicious uses.
0082dccae34cda6cfecad4c659263e798ae6da23f121244778b95b28f0100a2c