A popular CGI web page acess counter, version 4.0.7 by George Burgyan permits execution of arbitrary commands as a result of unchecked user input. Commands are executed as the same permission of the webserver.
94ace7ee3453cc97474d0f764a764949d5e6287f3e4ff04fcae1b290ca7c34b5
oot-Tail v0.0.6 is a program which tails a text file and displays the information directly to the root window of your desktop transparently, which means without window frames or windows. It is an extremely handy program for monitoring /var/log/secure and /var/log/messages while you run X. This program will even trail different files and display them in different colors.
2478abda73cd314182f5e2d0083718db379b0f9ae53ceb39004d4adc2287b22d
KSnuffle is a network packet sniffer for KDE. It supports multiple concurrent sniffers, packet filtering (aka tcpdump), event triggers and commands, text and binary logging (and replay), remote sniffing (via a demon process), and dynamically loadable plugins. Network traffic is displayed graphically and in detail; supplied plugins summarise traffic by direction (incoming, outgoing), source, and destination.
a9033b5c56e9381653e48ca7618a3f9b81550031dff190ee10fa20f83f6488df
syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
890f68aa9253e3f8c5a5749cbedc3fa19ca80a9714f27d9e447564a08dfe09e0
Lance Spitzners investigation of some mystery packets - contains some good insight by many people in the security field attempting to identify which tool created the packets.
e72c12e1acb37e79161699a3b751dc1477a3d0997d232b544f067e7d9795cbb4
seraph.c checks a local system for uid bits, world writable files/directories, floating files, and stores them into logs. Basically a little c program that does some find commands.
a9d0612830fd1e0ab4734a28e28c37e6e8ac345d666d2573e90cc7c32fb77d64
CERT Advisory CA-2000-08 - Inconsistent Warning Messages in Netscape Navigator. A flaw exists in Netscape Navigator that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. Within one Netscape session, if a user clicks on "continue" in response to a "hostname does not match name in certificate" error, then that certificate is incorrectly validated for future use in the Netscape session, regardless of the hostname or IP address of other servers that use the certificate.
0f92b5f91c8d367d803b053a382ed8d03f57a06c09529a5caeeee1a67dc70fa4
Elm v2.5 buffer overflow exploit which provides a gid=12 shell if /usr/bin/elm is SGID. Tested on elm 2.5PL1-3, on Red Hat. Perl script to find offsets included.
de3ca64288f925a9826cafbf271fc6605aa272bb27361e89cf5913320a7c513f
Elm v2.4 buffer overflow exploit which provides a gid=12 shell if /usr/bin/elm is SGID. Tested on Slackware 3.6, elm 2.4PL25. Perl script to find offsets included.
03d1978ea3b8ab5173fda42c7786dc04993514aae31b5c97466470d36a8dddcf
FreeBSD-SA-00:20 - The MIT Kerberos 5 port version 1.1.1 and earlier contains remote and local root vulnerabilities. Note that the implementations of Kerberos shipped in the FreeBSD base system is not the MIT version and not vulnerable to these problems. However, a very old release of FreeBSD dating from 1997 (FreeBSD 2.2.5) did ship with a closely MIT-derived Kerberos implementation ("eBones") and may be vulnerable to attacks of the kind described here.
4f55ecf6320468d66123267409375a0ace13858593f9a6d9bf1e9f89ace29546
FreeBSD-SA-00:19 - A bug in the BSD kernel allows local users to cause every process on the system to hang during exiting. An undocumented system call is incorrectly exported from the kernel without access-control checks, allowing for a denial of service attack. Kernel patch included for FreeBSD.
45e3f6b40d7341db9e1de883923c171e91c998be44dc982602439178f3b0113b
Microsoft Security Bulletin (MS00-036) - Patch available for "ResetBrowser Frame" and "HostAnnouncement Flooding" vulnerabilities. Microsoft has released a patch for two security vulnerabilities, one affecting Microsoft Windows NT 4.0 and Windows 2000, and the other affecting Windows NT 4.0 only. The vulnerability allows malicious users to make it difficult or impossible for other users to locate services and computers on a network; in the worst case, it could allow him to provide incorrect information about the same services and computers. The "ResetBrowser Frame" vulnerability allows a malicious user to shut down browsers on his subnet, or, in the worst case, to shut down all browsers and declare his machine the new Master Browser. Microsoft FAQ on this issue available here.
c6fc4716f985dcbf872cadc9bd8ee789148379268cddce015426bbef65d4c28f
SuSE Security Advisory - gdm prior to 2.0beta4 allows remote root compromise. Gdm is the GNOME replacment for xdm, handling graphical console and network logins. The gdm code, that process' logins over the network, could be tricked into writing data from the network right into the stack. This condition exists while gdm is running with root privileges and before the user is authenticated. Other distributions are affected as well. SuSE security site here.
b72a3c3c3aa5a34597dc9a0e68ba79f13b25815e8ef3f544fb17b99017973c2e
Securax-SA-03 - Ezboard v5.3.9 remote dos attack via wildcards in URL.
ed822a1fc27e53ef490ca1eaffb4b388a0110ab561a1a5b201ae6e3397654cf5
solaris 2.7 lpset local exploit, i386.
82677b09b51b7eeb5f50474a25d70291b3e7b4d5eae939b2f28a8b28490519fa