remote bind 4.9.x exploit Example for FreeBSD. bug in: bind/named/ns_req.c:req_inquery().
4acad7f7f93b04c0a7f0d62fa91d01af27211872b858473b8eb810848d404a39
windsock is a very limited SOCKS version 4/5 proxy server, written in Java.
86fa7c72ef15f9773743b5516a5883354cc4c3f17d6b585eaecb9f3279c86071
PMFirewall is an Ipchains Firewall and Masquerading Configuration Utility for Linux. It is designed to allow a beginner to build a custom firewall with little or no ipchains experience. This firewall should work for most Workstations, Servers, and Dual NIC routers using either a dialup or LAN setup. It is restrictive to outside attacks while still being as transparent as possible to those inside.
df83e20adc1eef6235d392662ec61467b1dc2168f504ba4f827996b6ada189fb
The version of xmindpath shipped with FreeBSD 3.3 has a local buffer overflow. Exploit gives euid uucp.
5d52e1a5419ac5a1c0569f83febf0226fe7e2f7a12ae55f4a5ede2a4ea222568
The version angband shipped with FreeBSD 3.3-RELEASE has a buffer overflow vulnerability. Exploit yields egid of group games.
44b73b99876799ae46c66c8fa966417aafad596ff1a5346c51c0eae2a3e456e5
Delegate 5.9.0 remote exploit for FreeBSD 3.2.
c8b15f8cc3129759828d662578ab2d94ba4d1d03a02a5fce93716cbfba60a526
gdc exploit for gated-3.5.11 included on Freebsd-3.3 instalation CD yields euid=0(root). By default, only group wheel (or whatever your trusted gated group is) and root can run gdc.
daf532f5a241b630b4257fee36d298e5ae539656328096a75c7b55b9f5f48468
aproxy is a multi-client application to forward TCP connections from (local) listening ports to remote targets somewhere in your network. aproxy works with all TCP-services that use a single TCP-Connection for client/server communication. The following protocols have been tested: telnet, SMTP, SSH, POP, IRC (without support for DCC), and HTTP. aproxy also supports a console mode, which can be accessed by telnet. At the console you can add/delete listening ports and targets, get informations about the server, save you configuration, etc.
b47800e977799118343c728e46ef6dce0f277a737bdb2cb0b6d1bea9623331ff
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time.
e57e7ff68ccaceb484504ebed07bbdc13a37b3091157cb054ed61a6ef973d4d1
Several security holes were found in the "su" program along with the iaf library. Patches available. SCO security website here.
ec4eadb13cc03cf523bccbfc1197865d81ac3c8211b99dd82f23acaa211dd32b
Netscape Communicator 4.x will allow javascript code in one netscape window to read data from another browser window, even if the two windows are pointed at different domains. Demonstration here.
78532de37047a0f01fce8f4aff77ba175cc8163011408ee025f978c0e9cea369
There is a vulnerability in Oracle Web Listener where a resource can be accessed when is shouldn't be able to be accessed.
edbaf44df750aefe719e9ff3f21674bad0f77af1f4d13f12053ddc777bd9e89b
GateKeeper 3.2 s a little bit of JavaScript code that you can use to restrict access to some or all of your web pages without the need for CGI scripting or server based authentication methods. Access is via password.
92c863807dd22c0c7cacbf8c1d74050e896aa77310ed0210f0ca781fa5114d91
Fire Gnome (aka gfirewall) is a GTK-based GUI for configuring a firewall.
8ded10463eabc719fc37a082ba7b475bca5caf109ce6952a65f81eb05dd3a1cd
[ WINDOWS SECURITY ALERT ] Information on the recent vulnerabilities in IE5, Mail-Gear, BisonWare FTP, WorldClient Server.
19f84145b8db494b6b00f02f331b4414db2c5349a936842614575475e05be31e
Microsoft has released a patch for a security hole in Windows 95 and 98 caused by a legacy mechanism for caching network security credentials. The vulnerability could allow a user's plaintext network password to be retrieved from the cache.
191ffc7ff529646eb7252c915ef1644371a77c490f85ab98107e413015c032bd
Microsoft has released a version upgrade that eliminates a vulnerability in Microsoft ie5. A vulnerability in an optional component could allow a malicious user to gain additional privileges on a Windows NT machine that allowed him or her to create or change files.
31aa683bc641a85e973f3b0c37c05f4ffb19067f8909f6401e37983acd5780a2