Tcpip_lib V2 is a library for Windows 2000 which allows arbitrary packet creation. It uses sockets 2 and opens up a raw socket, allowing you to send raw IP headers, do IP spoofing, and play with the nuts and bolts of networking protocols.
bad93d8385ce011dece39cbad3f694eb
ISS Security Advisory - Multiple vulnerabilities on all platforms and versions of Check Point FireWall-1. Follow-up to the July 26, 2000 Black Hat briefings presentation by Thomas Lopatic, John McDonald, and Dug Song.
17c9e5528333af366a2e2e60ca498cec
Batchfile for Windows NT with Internet Information Server. This script automates jobs. If there is an attack on your server, starting this script manually enables you to see if something has happened.
b63d3c72c3d0154a22cf68f1759e87d2
Sqlpoke is a NT based tool that locates MSSQL servers and tries to connect with the default sa account. A list of SQL commands is executed if the connection is successful. Win32 source included.
a4f3749f32c8b2d7a9ef6a5c248b8a69
USSR Advisory #53 - Malformed Embedded Windows Media Player 7 "OCX Attachment" Vulnerability. The USSR Team has found a problem in the Windows Media Player 7 ActiveX control, which could be used in a denial of service attack against RTF-enabled e-mail clients such as Outlook 2000 and Outlook Express.
06dfbf213f68be2321c46e728d82b239
Microsoft Security Bulletin (MS00-068) - Patch Available for "OCX Attachment" Vulnerability. Microsoft has released a patch for a security vulnerability in Microsoft Windows Media Player (WMP) 7 but primarily affects e-mail applications. This vulnerability would enable a malicious user to create an e-mail that, when closed after being read, would cause the e-mail application to fail. A FAQ regarding this vulnerability is available here.
ac2edef4c56fdee27b21b0d2a513191b
Denial of service for NetcPlus BrowseGate 2.80 for Windows NT and 2000 when you sned more than 8000 characters in a GET / http-request, causing the system to crash.
a2100c2a0c80d3fcea1fabfd6045a871
Proof of Concept. There exists a vulnerability in Pine 4.21 involving the portion of code in charge of peroidically checking email when a pine client is open.
b7115bbb7e207427f5ee4e871fc64243
This hole is for the control panel of all Alabanza based resellers/hosts. There could be more bugs. This is serious enough since you can delete all resold domains for a particulr webhosting company. You can also change the default MX and CNAME records of all associated domains.
8954700dd8b0841c63a25bde1ce7c323
A problem lies in that there is a Java SNMP MIB Browser Object ID parsing problem which can cause a Denial of Service. Platforms affected are: HP9000 Series 700/800 running HP-UX releases 10.XX and 11.XX, Sun Microsystems SOLARIS releases 2.X, plus under Microsoft Windows NT4.X/ Windows 2000 running NNM 6.1, NNM 5.01, and NNM 4.11.
e32f3a8daf4f641f23ef28f9a0cc3f49
Klogd Local Exploit. Envcheck is a Linux/x86 kernel module which strips dangerous environment variables before executing a new program, and which can be used to log these probably threatening events. However, a recent format string handling bug in klogd allows an attacker to overflow its buffer and execute arbitrary code.
ae1866895abb656a027e84a2cb34fb67
Caldera Advisory - There is a format bug in the LPRng printer daemon that could possibly be exploited to obtain root privilege. This problem is particulary severe because it can be exercised remotely.
26cd8be0af17378747b6027a9f5f7674
Snorticus is a collection of shell scripts designed to allow easy managment of Snort sensors. It allows you to routinely collect Snort sensor data, analyze the data via SnortSnarf, and easily maintain rule files.
89cca73c48f8b2da94bfbba6ca02c400
A simple ICMP Source Address spoofing utility. A smurfing utility that also comes with log parsers, etc.
c57805d12736bf818de591baab2714fe