LCAP allows a system administrator to remove specific capabilities from the kernel in order to make the system more secure. LCAP modifies the value in the sysctl file /proc/sys/kernel/cap-bound. "Capabilities" are a form of kernel-based access control. Linux kernel versions 2.2.11 and greater include the idea of a "capability bounding set," a list of capabilities that can be held by any process on the system. If a capability is removed from the bounding set, the capability may not be used by any process on the system (even processes owned by root).
edb32e99b551c63232a70becda1a62fbc922d7883cc1bb1302be3d7f5d792200
Some versions of sshd1 are vulnerable to a remote buffer overflow, which can be combined with the RSAREF2 overflow, to execute arbitrary code remotely as root. Only versions of SSH compiled with RSAREF support, via the --with-rsaref option, are vulnerable to these issues. Other RSAREF2 applications are affected.
f8d0a4b036ddcd842dc5c19afc94f555fd3931ad6c7512901d5dcbe2760b8794
Dragonmount Networks has released Part 1 of Using Lookout, which gives an overview of how the Lookout program can be used to quickly test servers for the presence of buffer overflows by taking you through a routine example.
29af8aa269b9de7ff54d1b8593f69425bbc591f9ac74957ead8c9f7b27f6ef7f
Sadmind Solaris RPC tiny Scanner. Scans a specific host or a class C network.
01a80ba07a7acbb574bdf002310c1e6a3ff2cd8f30947f31ed1e76c33da1e2a7
Bastille Linux aims to be the most comprehensive, flexible and educational Security Hardening Program for Red Hat Linux 6.0. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
0157e5820abda5d50159a5546bec25dade504002dbe7226d95887561337e6ba4
TTYSnoop allows you to snoop on login tty's through another tty-device or pseudo-tty. The snoop-tty becomes a 'clone' of the original tty, redirecting both input and output from/to it.
645f9c174f2d1785a2f333a585175212ba3e8911c69e62d555fc2ab92dd815d8
UssrLabs found a Local/Remote DoS Attack in War FTP Daemon 1.70 the buffer overflow is caused by a Multiple connections at the same time.
4fe5c91f900a82f28a23b3518e64d52b7b78204ea047b6da7a1533bda5ab17be
Linux FreeS/WAN provides IPSEC (IP Security, which is both encryption and authentication) kernel extensions and an IKE (Internet Key Exchange, keying and encrypted routing daemon) as well as various rc scripts and documentation. This lets a bright Linux sysadmin build VPN's gateways out of even old 584 and 486 PC Clone boxes. The 1.00 version is known to inter-operate with other IPSEC and IKE system already deployed by other vendors such as OpenBSD.
054d8b09de714971a401948e9a71c8a35a96cd5ccb7b9c26397800af53980e0d
rlinetd is intended to be a furiously over-featured inetd replacement. It supports various features such as resource limits, renicing, interface binding, chrooting, capability support, per-service instance counts, direct tcp_wrappers interfacing, native IPv6 support and the Linux Socket Filter. Requires tcp_wrappers.
a0b5c7fa887a9008917caeb9e488e3fd13cfd80d0cac32918ee78865b7a0c734
hip sits on a port and when it gets a telnet connection, it asks for a key. If that key is correct, your ip address is added to /etc/hosts.allow. If it is incorrect, you are disconnected. hip logs all connections, succesful connections, and failed connections via syslogd.
e70f36d15ea73362f6ea128ffd0179a27f2ba47ecbd2924a8fbd9ecf1a07a204
The stunnel program is designed to work as SSL encryption wrapper between remote client and local (inetd-startable) or remote server. The concept is that having non-SSL aware daemons running on your system you can easily setup to communicate with clients over secure SSL channels. stunnel can be used to add SSL functionality to commonly used inetd daemons like POP-2, POP-3 and IMAP servers as well as standalone daemons like NNTP, SMTP and HTTP without changes to the source code.
87e119f77885eb423fc2bd2d3ef1ad954e153a13cd90944d517fae0c73622e5d
SFS is a network file system that provides strong security over untrusted networks. At the same time, SFS goes to great lengths to prevent security from hurting performance or becoming an administrative burden. SFS is also a global file system. Users can access any server from any client in the world, and share files with anyone anywhere. There is no need to rely on system administrators or trusted third parties to coordinate the sharing of files across administrative realms. Thus, SFS provides convenient file sharing over the Internet even where security is not a priority.
febe984ca610aa5d321e23eac13504e78add07a053b402d77a52d2b782d1d7f2
tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between hosts on the Internet. Because the tunnel appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This tunneling allows VPN sites to share information with eachother over the Internet without exposing any information to others. A single tinc daemon can accept more than one connection at a time, thus making it possible to create larger virtual networks, because some limitations are circumvented. Currently only Linux/x86 platforms (with kernel versions of 2.1.80 and above) are supported; a FreeBSD port is possible, research is currently being done.
f8a0c5f41401c6ecfc960f971ff548980c4797026bdf03ced1c60e1054d91417
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
6eb641e31d7baa9ee2449a9cdfbff47e791081d51e1e3c1fcdacf22612d5f93d
G2S is a smart all-in-one front end between clients and servers applications. Its main features are (or will be) : Portability, opposed to ISS xinetd, Robust super-server (inetd) replacement, TCP-Wrappers integrated with paranoid DNS checks and support for broken or fake name servers, Handy but detailed log files, Support for various rotocols : raw IP, ICMP, GGP, TCP, EGP, PUP, UDP,RDP..., IPv6 compliant, IPv6 to IPv4 gatewaying, and Support for RBL maps for automatic spam filtering.
7595cc83b8883fc5c7e284fb96adc57157dd3a393a64fb5e8ff4d1b2491fa1a6
HP-UX's wu-ftpd advisory, only 2 months late.
acf06413a1c2a5e37989519457b2e03ec294549859255fd8618555645ac7481a
sadmindex - i386 Solaris remote root exploit for /usr/sbin/sadmind. Tested and confirmed under Solaris 2.6 and 7.0.
919febf8476775414985f61514eacb43aa1821422016026451ad20f16fb62911
sadmindex - SPARC Solaris remote root exploit for /usr/sbin/sadmind. Tested and confirmed under Solaris 2.6 and 7.0.
196eda0c3347ef56a67b27125b8b617bf684f8578d287869f81b8fc38d268331
Mass scanner for rpc.sadmind.
4553affbbbc9c859f5f17852168d375c2e99edecc319476f4920add223dcae19
Certain versions of Solaris ship with a version of sadmind which is vulnerable to a remotely exploitable buffer overflow attack. Advisory by Alfred Huger
b67b24a58f09ccb33c44515104ebe4f95d111c6a0fd71af7c651a4b4bf8ae19f
Whois.CGI - ADVISORY (hhp) Hole in several known/unknown vulnerabilities in Whois CGI packages. Affected are Whois Internic Lookup version 1.0, CC Whois Version 1.0, and Matt's Whois Version 1. These versions allow execution of commands due to lack of shell escape character parsing.
2360cca9573c4bd4934cb2e44e71bf956a22efa26aedae17ea0768db32124048
Patch advisory for Sun Microsystems. Please read for details.
1e247b81791467a138617b07258d4a9df23dbb3bed2ceebc5baf12e11e3ff7d0
Winfingerprint 22: Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controlller), BDC (Backup Domain Controller), NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER, WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, E numerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes.
41e792a00e1dd84ab451c8605d1426cf8bd6926889bbb1f8adff02449534565d
ISS has discovered a remotely exploitable buffer overflow condition in the Solaris Snoop application. Snoop is a network sniffing tool that ships with all Solaris 2.x operating systems. This overflow allows a knowledgeable attacker to seize control of the Snoop application. Solaris 2.4, 2.5, 2.5.1, 2.6, and 2.7 were found to be vulnerable. Patches available here.
a1d2755292b515270cb0dd4ff0785d9a6d748540e6a896312a75cc12a04ea23b
Rules for the Snort IDS to detect trinoo. This rules work only as long as the ports/passwords/protocol aren't changed.
9fcda51f95f3667603e76ac938fe89c545edda9dc68c9f6af095f4f059bf4f97