Socks5 v1.0r10 remote buffer overflow exploit. Tested against Turbolinux 4.0.5 and Redhat 6.0.
1a9303c0f97246dd3156fb56a5fa42a61bf599c1860acd6a5af0eb6f7dfe2135
Defcom Labs Advisory def-2000-02 - The Cisco Catalyst 2900XL and 3500XL series switches web configuration interface lets any user execute any command on the system without supplying any authentication credentials if no enable password is set.
fb3eb565b332a1d4716df6739f52f1c56170f54af3e8c1051420af084f828026
AOL Instant Messenger contains a caching vulnerability where once you have logged onto AIM with a screenname, you can permanently login with that screenname.
082713c2e36c75c665e6bb56ba99874d4c5196b712c54fcc9aafe49eff7eae7f
BSDI Elm 2.4 local buffer overflow exploit. Tested on BSDI/3.0, gives a group mail shell.
6a330ce2fc59bf584d239c77e5b345d9e7bb1abdf51acce4a1c2b43634c09ae2
Crypto-gram for November 15, 2000. In this issue: Why Digital Signatures Are Not Signatures, SDMI Hacking Challenge, Microsoft Hack (the Company, not a Product), and more.
dc772bbdbf2bb21adfae614b25f3926130299781ac432ce3c9207ebb4138a35b
Phf remote buffer overflow exploit for Linux x86. This is unrelated to the well known bad filter problem.
dda637097e40cd9c4bab46146c697ddeda5528f58361e4794448e0c9456e6f07
The ip-masq-log patch can be used on a masquerading firewall (NAT) to keep a log of all the outgoing masqueraded TCP connections. It's even possible to log the name of the user who has opened the connection. This can be a useful security tool for many small networks that are hidden by a masquerading box if users cannot be totally trusted.
741989f2edf1072b9ed32f11850fff07fe8300d84ec840403a40e921f48f2f4f
BestCrypt (Windows Version) creates and supports encrypted virtual disks and these disks are visible as regular disks with correspondent drives. The data stored on a BestCrypt disk is stored in the container file. A container is a file, so it is possible to backup a container, move or copy it to other disk (CD-ROM or network, for instance) and continue to access your encrypted data using BestCrypt.
18d5003961b0ca6fc8851cd3062c6d7b94d9b40f9864ec6afaab65bc013e0a65
BestCrypt (Linux Version) creates and supports encrypted virtual disks and these disks are visible as regular disks with correspondent drives. The data stored on a BestCrypt disk is stored in the container file. A container is a file, so it is possible to backup a container, move or copy it to other disk (CD-ROM or network, for instance) and continue to access your encrypted data using BestCrypt.
355fe6fcb9db7a0509759e2ffaa8871eacb8f6a8ea1aff2460287cdc252b9ff5
A Win32 networking API called NetUserModalsGet() requires no authentication, just the establishment of a NULL NetBIOS session. This API function can be used to get the system-wide password policy information (intruder lockout, the depth of the password history, minimum password length requirements, the name of the PDC, and so forth) from Windows NT and Windows 2000 machines. Because it's RPC-based, like all the net functions, it can be executed remotely (providing the relevant ports are not blocked by an intermediate router or firewall). A tool called ChkLock is available to use this function and retrieve sensitive information from remote computers.
e5142bbf12038e1ffedc5b956b2dcf8df1d3fdf0899d8c4da7e509726cbe01b5
PaX is an implementation of non-executable pages for IA-32 processors (i.e. pages which user mode code can read or write, but cannot execute code in). Since the processor's native page table/directory entry format has no provision for such a feature, it is a non-trivial task. The project was designed to provide Linux with protection from buffer overflows. Making parts of the memory pages read/write access enabled, but not executable provides the protection.
faea474553fd29e84faa95776278103cf2b75309de15c8d6b107fc9b912fa570
This utility was originally designed to upgrade the Microsoft Outlook PST format to version 19. One of its side effects, however, is that it can strip out the PST (Outlook) password. This can therefore be used to recover passwords you may have forgotten on your PST files.
8c304c157729e8e6c951ba86b9f18849f725504b825605170531a530c77cd6c7
Gethead.pl is a simple scanner written in perl to retrieve the remote http server version.
97c4a31267be99f1635bb28f0e228ecc16229a6103041a8e77bb0956887a87a0
Libtrace is a library for Linux which helps debug in circumstances where it is not possible to run gdb, such as multithreaded programs. The library provides functionality to print function backtrace information, similar to that obtained with the bt command in gdb.
7f59f3c8bb133fe2ebc0fdd5fbc43fdb2414c1477cd93b07c224dc2319914ae4
SuSE Security Advisory - Several recent issues are covered in this advisory, including a gpg, bind8, pine, gs, global, tcpdump, tcsh, and the module package.
82bf75c1a50e52d7b78b11de64063c4c43581207d3fefd769ecbd34f0c751039
Gnomehack v1.0.5 local buffer overflow exploit which gives a egid=60 (games) shell if gnomehack is sgid (2755), tested on Debian 2.2. The same bug also affects Nethack.
816be742420d036d0db3dc9087eb0fb8b2fcf51694ed67304fa2c176d19a55ca
Voyant Technologies Sonata Conferencing vulnerability report - Local and remote vulnerabilities have been found in both the Solaris and OS/2 hosts, including reused default passwords, poor file permissions, a lack of host hardening, account enumeration, and an insecure X console.
a8e729c47d2cec5776df25793904a78c510a9d33109cf09b1c50ec0743406e0e
Computer Crime Law Archive Volume 3 (v1.1) - Tutorial on state computer crime laws for Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, North Carolina, North Dakota, Nebraska, and Nevada.
369ceb24931488eaecd0186e78c9c57d782e0d3554d915ddf17cdd3598ba1f9d
FreeBSD Security Advisory FreeBSD-SA-00:70 - The firewall deny feature in ppp(8) is broken in recent releases, accidently accepting all packets. Thus, users who are using the deny_incoming functionality in the expectation that it provides a "deny by default" firewall which only allows through packets known to be part of an existing NAT session, are in fact allowing other types of unsolicited IP traffic into their internal network.
bf75016fdfea8f24b3b567d3785ad4b397a9101963c3f7d83f7f046f2f3ed3b3