iisex.c is a remote command execution exploit for Microsoft IIS 4.0 and 5.0, as discussed in iis-unicode.txt which attempts to provide an interactive cmd.exe shell.
4750ce76fa11a85f6f1ef97478408066fedff3d6adc705ce98126be2563f7cf6
Godmessage Creator allows you to implement the Godmessage IV activeX attack with any binary you supply. Archive password is set to p4ssw0rd. Use at your own risk.
8b751618680d29f8d2831c34ab44c59ad158f04b6ca06ab2dc7bf54d2d4588e6
Red Hat Security Advisory - A local security hole has been found in GnoRPM due to insecure temp file handling.
d484269415fd23af6271b90b6a96a8bf90b91f1e7aaa58b0b16ce78876b0e252
/usr/sbin/userhelper / kbdrate local root exploit - works only at console. Works well for people you know.
f306e4b3197582d95675db9964fb45bc371416bf6ee9795a7888f293e8872bc3
Dafinger.pl attempts to find valid logins on hosts which run a finger service by guessing common user names.
6d3af756916b44a5a8ac832750e947c87afeeb71ab8ead63340b4bd1f2ec398d
Slackware Linux's ppp-off command uses /tmp insecurely by writing ps output to /tmp/grep.tmp, allowing an unprivileged user to overwrite any file as root.
1e2516ab243a13e088be91f759a25f88ce099f7410487a4e595a22b99aeb688c
USSR Advisory #55 - A buffer overflow has been discovered in HyperTerminal which can cause arbitrary code from a HTML mail message to be executed via a telnet: URL, as described in here.
85ca8996cd03accb38cdecb208c7ce2df6f76e5c8106f0d4a14a2bdfa8b528fc
Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
58d37442f50e88aa2e4c0f0ae4c0a1fe63bef24975555d4b2b8f126acc97c632
DNS Spy v 2.2 is a shell scripted DNS lookup scanner for class C networks which uses the host command.
64ab5933273234e032683c7bfeba9215aef8356ee7c6f85a756073d7c425881e
USSR Advisory #54 - TransSoft's Broker FTP Server versions prior to v4.3.0.1 contains a buffer overflow which results in denial of service. Fix available here.
f9f7ee2052ff2f54cc841d28d2c8aeb4d677ca0e0a287718e145b7322f9a35f3
The Half-Life Dedicated Server for Linux v3.1.0.3 and below contains a remotely exploitable buffer overflow. Exploit code available here.
321410a4245baf94d24899baac40728a163cf83df38b90575b4aac920f73f359
Auction Weaver LITE 1.0 - 1.04 contains remote vulnerabilities which allow users to read any file on the filesystem, and delete arbitrary files. Fix available here.
7321c9d080577203ab8456a7016142136aeefd6b6f8b4e04f589c76bd7ab1aa9
Atstake Security Advisory (updated) - iPlanet's iCal, a multiplatform calendaring server, introduces a number of vulnerabilities to the system in which it is installed on. These vulnerabilities, ranging from poor file permissions to insecure programming practices allow local attackers to obtain root access, and remote attackers to monitor keystrokes. Includes obtain-ics.sh, a simple proof of concept local exploit.
9cb5d1d8417dd354b9437abf1dbd4e8347b3b25d0144afcd99dc883675a69423
Red Hat Security Advisory - Potential security problems in ping have been fixed. An 8 byte buffer overflow was fixed, a static buffer overflow was fixed, and root priviledges are now dropped after acquiring a raw socket.
48ed726f392d820a268f5a923b847720b6b6045ad3de9acb60f37da02749ed8e
Georgi Guninski security advisory #24 - IE 5.5, Outlook, and Outlook Express has a serious security vulnerability which allows remote users to read local files, arbitrary URLs, and local directory structure after viewing a web page or reading HTML message. The problem is that you are allowed to specify an arbitrary codebase for an applet loaded from here.
4c84e6a9bab5f1f849dc508650403150f24b823501e7ecc02ccf5a7182a26dbc