SuSE Security Advisory SuSE-SA:2001:04 - SSH1 allows remote users to brute-force passwords without getting noticed or logged, SSH session key recovery, and remote root compromise. Switch to openssh.
61675fb7a2bba6039f31869677773990330a6bcd84a7b6edd2504dd0848668b3
Rampage.c reads from a list of routers and uses them to ping-flood a single host. Logs into the routers and uses the ping command.
f3f2f0025c62ed4a19d95e933bc254c07baf7bce8a3d13a6c85af5f4677eaaac
The Ultimate Bulletin Board System allows remote users to get the username and pass of anyone that is a registered user of a ubb forum that has html enabled and uses cookies to store the username and passwords of the users.
9d5082efd21f409b5ad3daca83e818ef19b075ca500641904a82ae2d168d2cb3
Crypto-gram for February 15, 2001. In this issue: Hard-Drive-Embedded Copy Protection, An Intentional Backdoor, The Doghouse: NASA and eTrue, A Semantic Attack on URLs, E-mail Filter Idiocy, Air Gaps, and Internet Voting vs. Large-Value e-Commerce.
b0b49966a2d150c0a44f721540654f4d81304aea8b42eaa28021ffddd0f33b1f
Microsoft Security Advisory MS01-009 - The PPTP service in Windows NT 4.0 has a flaw which allows remote attackers to crash the service via a malformed packet. Microsoft FAQ on this issue available here.
9f459f1211e41897038aebbe45c2bfbccf92f8c2231699929744255277097d75
Crypto-gram for January 15, 2001. In this issue: A Cyber UL?, Solution in Search of a Problem: SafeMessage, A Social Engineering Example, The Doghouse: Gianus Technologies, NIST Crypto Update, Code Signing in Microsoft Windows, and PGP Broken with keystroke recorder.
0c33f46f08e82b8305be0f5faa977094e7924be590044355b4e2dff66f92a763
Autoscan scans for valid NUAs using the autonet x25pad gateway, logging valid NUAs that refuse connection (requiring a valid NUI to connect), freely available NUAs (accepting reverse charging) and Calls Cleared 0-67 (DTE, subaddress specification needed).
9b63dbeddbacc6e694e2152f78223667e7721b72279b8ded41e6ea2e7262d986
Winject is a low-level packet builder/injector for win9x dialup users. It allows you to create custom packets with real or spoofed IP addresses.
99cffe5119a662438d31a5cab15b939fbae6037e0d8c6283a474cd5e75810780
Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.
856388fdb60fceada9640e0d10c25e996715547dacd237f053a88ead71a31fd5
RootJail is a small program designed help run dangerous or unreliable services more securely. It works like init in that it spawns processes and watches for them, respawning them upon death. If the child is misbehaving, in that it's dieing repeatedly, it is then disabled. In addition, it uses chroot to prevent the service from accessing files outside its directory.
f14c215e289b83e4f719c437b6a098129af4ad8b0ac8cd219d08173d1840f163
Ramenfind v0.4 is a local Ramen worm detection and removal tool. Final release unless problems are found.
320257e648f002eda11a46020e3a2f7c6a850a287966cd4d5c4b549e73b7ac8e
Microsoft Security Advisory MS01-010 - Windows Media Player 7 has a vulnerability in the skins feature which manifests itself when a Windows Media Player skin (.WMZ) file is downloaded from an untrusted website. Java code can be used to read and browse files on a local machine. The vulnerability stems from the fact that "skins" are downloaded to a known location on a victim's computer and are stored in a .zip package. If the .zip package contained a Java class (.class) file, any Java code in this class can be executed under the local computer security zone, taking arbitrary action on the user's machine. Microsoft FAQ on this issue available here.
aa001023b4b36b589fc75bf5d0b2ab730e136efc4e831a9d8dacbeb1217084a7
FreeBSD Security Advisory FreeBSD-SA-01:25 - Systems which have installed the optional Kerberos IV distribution are vulnerable to attacks via the telnet daemon due to an overflow in the libkrb KerberosIV authentication library and improper filtering of environmental variables by the KerberosIV-adapted telnet daemon.
f9a7aa773a778f96ba38dd1ff4ca14f8f41dbeeb995305ea23832d652efb4616