More information on the vulnerability described in ms99-061, a problem in IIS that causes it to parse invalid escape sequences, allowing a carefully made string to bypass IDS systems, ISAPI filters, and extension handlers. Includes a perl script to test for vulnerability.
0af787a2fcf7d7bcecc7e44df69fa355
Unixware 7 Vulnerability - Any local users can exploit a bug in rtpm to gain "sys" privileges.
dc5157ba332062731fdd37db19b42be8
Recovery of supposedly erased data from magnetic media is easier than what many people would like to believe. A technique called Magnetic Force Microscopy (MFM) allows any moderately funded opponent recover the last two or three layers of data written to disk. Wipe repeadetly overwrites special patterns to the files to be destroyed, using the fsync() call and/or the O_SYNC bit to force disk access.
03801d2c129176cc8c8ff4e750c80805
reltunnel - Offers a reliable data channel over unreliable protocols.
db713577d622abe5e061982b86ed7c4e
icmptunnel encapsulates data in ICMP frames. The usual mode of operation is tcp/ip forwarding, one icmptunnel will be set up on a blocked machine (behind a firewall) listening on TCP/IP port X. The other icmptunnel will be set up on a nonblocked machine (somewhere on the internet) connected to a local service (such as port 23, telnet). Data received on the blocked machine's tcp/ip socket will be encapsulated in an ICMP packet of users choice (ICMP_ECHO, ICMP_ECHOREPLY, ICMP_TIMESTAMP, etc..) and sent to the nonblocked machine. This machine will identify the packet as encapsulated data, decapsulate the data and forward it on to its tcp/ip socket connected to the telnet daemon. The telnet daemon responds with some data, icmptunnel on the nonblocked machine encapses the packet and sends it back to the blocked machine (ICMP type still user definable).
42309dc861af6796a0ee4d06984ebcb7
LinGate is a powerful network gateway software. It provides security to your networks, allowing access to external world in safe and secure manner. LinGate has access control mechanism to restrict access to its services. It can even perform different services for requests from different IPs on the same LinGate port. Once setup, LinGate requires no operators, and can be configured remotely using KLinGate interface which will be designed for KDE and jLinGate which will be designed for the Java platform.
b82ae4a15df5a69710d62b56e9085e07
Firewalking is a technique developed by Mike Schiffman and David Goldsmith that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. Firewalk the tool employs the technique to determine the filter rules in place on a packet forwarding device. The newest version of the tool, firewalk/GTK introduces the option of using a graphical interface and a few bug fixes.
e222016631ddfd01cba80cab5cd33fc3
Fork Bomb Defuser is an easily loadable kernel module for Linux which detects, logs, and disables "fork bombs". It allows you to configure max_forks_per_second and max_tasks_per_user parameters at module load time. Any possible fork bomb that attempts to spawn a huge number of processes simultaneously is detected in real time, and the fork bomb is disabled.
29aacdaef35afbdb93bff75b6e7b3f70
Secure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.
8070983234f1a872b969f8eebe24b84d
Secure Sunos shell script. Disables a few commonly exploited holes.
f4ec0bd154fbbbf50b9727e2a1fa3ef6
Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols.
8a382764349adc3024def56646ea0c6e
Every single file available on buffer overflow mentions that strcpy(), etc, but for some reason no one has noticed that 'cin >>' is also a problem. cin is an extremely commonly used function in C++ code, and it ought to be more widely known that the favoured use of it is insecure. Ditto for improper use of an ifstream.
b9f09e2d2c2843651733abc21aa18851
Forbidden Knowledge issue 8 - Interesting Wardialling Results, HTTP Basic Authentication explained, Dialout/PPP on Shiva LANRovers, PHEAR Advisory Re: Divine forces, Buffer Overflow Explained, Introduction to Assembly Programming, and Fun with "Trojan" Wingates.
a6c2cdd1bda5ba03ce3bc2683411a830
The Real Log Clean for Linux OS - Cleans logs under linux and tests the attributes in Ext2fs.
dbd6606e2994ca3e4d84c89d8cee0ab9
Nsat is a fast bulk security scanner designed for long-range scans written in C++ which scans and audits about 60 different services and 170 cgis with different scan intensity. Updates in this version include detection of sendmail 8.9 remote exploitability, more CGI scripts that can be used in MDAC IIS attack, improved rpc service and -backdoor scanning, all latest solaris RPC vulnerabilities added, and detection of trinoo distributed DoS masters with default ports.
e0e7d20e0ad494af311058b36dd20698
Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt. Source / Binary for exploit here.
38e52c5c3607f0cd918cfd6604e7b858
SAINT (based upon SATAN) is a free network security scanner which runs on UNIX platforms. This release includes all of the new checks found in SAINT 1.4.1 beta 1, with additional checks for sadmind, Trinoo, DRAT backdoor, SSH, and QPOP vulnerabilities. This release also fixes a number of bugs that were present in earlier versions.
3b86fb134a24ccb19c04e0b89704befe
A vulnerability in IBM's Network Station Manager will allow any local user to gain root privileges.
bf4c29643b28eef63979f695dcd4d707
A vulnerability in "/usr/local/bin/pis" on SCO UnixWare will allow any user to create arbitrary files with group "sys" privileges. A full root compromise is then trivial.
e041e1e1fc5536685b28d5c0674b30c9
VeteScan is a bulk vunerability scanner containing programs to scan Windows NT and UNIX systems for the latest trojans/remote exploits, a scanner for the vulnerabilities of single hosts (with or without host checking), a tool for scanning multiple hosts, a scanner for class A/B/C networks, and fixes for various vulnerablities.
25c2e484c721f631f9b36f45634f4d88
The Vetestcl package contains various TCL scripts with the same functionality found in the VeteScan package. You can load the scripts within an Eggdrop bot to make sure none of your channel operators or hosts running IRC bots suffers from security vulnerabilities present in the operating system or user space applications.
7c8dddb187fae79c55cebfc97c0bf5a5
w3-msql (miniSQL 2.0.4.1 - 2.0.11) Solaris x86 remote exploit. Distribution of miniSQL packet (http://hughes.com.au) comes with a cgi (w3-msql) that can be xploited to run arbitrary code under httpd uid.
cd3db9407a6bef2ee1beb8a86d09f94d
Redir is a port redirector. Its functionality basically consists of the ability to listen for TCP connections on a given port, and, when it recieves a connection, to then connect to a given destination address/port, and pass data between them. It finds most of its applications in traversing firewalls, but, of course, there are other uses. It can run under inetd or stand alone (in which case it handles multiple connections). It is 8 bit clean, not limited to line mode, is small and light.
4342fadac30504c86c8db7beefe01995
5ESS maintenance docs part ii
c3203f9134e0b1d6c43fd1a3b94f939e
More 5ESS Documentation
ac8c7354dfb0b283de3e3455c63723cf