GnomeICU v0.96.1 remote dos exploit. Sends a message with uin=0000000 causing a seg fault. Tested on GnomeICU 0.95->0.96.1 on RH 7.0, Slackware 8.0.
6c7a971a62cffc000b5fbfe560a6c6266cee3054efb33e5fa8c904d551d9a46d
FreeBSD Security Advisory FreeBSD-SA-02:08 - A race condition during exec allows local root compromise. A race condition exists in the FreeBSD exec system call implementation. It is possible for a user to attach a debugger to a process while it is exec'ing, but before the kernel has determined that the process is set-user-ID or set-group-ID. All versions of FreeBSD 4.x prior to FreeBSD 4.5-RELEASE are vulnerable to this problem. The problem has been corrected by marking processes that have started.
e39b7337b2653475b68a0ab6e1689bf3692bf6483d1a3ef99c45b26407ae0464
There is a remotely exploitable buffer overflow in ICQ v2001A and below. Attackers that are able to exploit the vulnerability can execute arbitrary code with the privileges of the victim user. There are 122 million vulnerable clients. Full details are discussed in VU#570167. An exploit is known to exist. Voice Video & Games plugin installed with AOL Mirabilis ICQ Versions 2001B Beta v5.18 Build #3659 and prior is also vulnerable.
b76478c875f3e3639885e152c0e431077274669ba8875919014f2fd0c3eb15c4
This document describes buffer overrun vulnerabilities on Sun Microsystems SPARC machines. We will begin by examining the SPARC architecture, looking at the registers and the stack. We will then go on to see exact how buffer overrun vulnerabilities occur and how control over the processes execution is gained under SPARC and then detail how, from here, the vulnerability can be exploited to gain control over the computer by looking at exploit code that spawns a shell under Solaris.
ea2827088b20a431d2ee4be68183cd2ee8cf525ff70d198af4b747cffecabe5c
Windows 2000 Format String Vulnerabilities - Includes detailed discussion of how format string bugs in fprintf(), vprintf() and sprintf() calls they are created, discovered, and exploited.
cc470ec4478e27b35f145967b8b7096795122256fa90b4a6e74a53055431fa40
trNkit v1.0 -Release- (beta). Includes patched versions of du, locate, netstat, ps, pstree, top, w, and who.
fb11308261e9f479a6f9cbbb82668d53c8a257caa0245ec4fb24c3d7a47feca1
Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities. This is the OpenBSD/NetBSD/FreeBSD version.
a41da9d3a7d03e2b9b5480072c1510ef16c9c55fc612653d20e1fdc5b8265a9b
APG (Automated Password Generator) is the tool set for random password generation. Includes built-in ANSI X9.17 RNG (Random Number Generator)(CAST/SHA1).
aad730fb3f171a82fe650f3f6a998bcdbdf74beec5b1d358d936be43a9be071a
The Leviathan Auditor is an enumeration and penetration testing tool which runs on and against Microsoft machines. It dumps Users, Groups, Services, Shares, Transport devices and MAC addresses over port 139 or 445. It enumerates RPC portmapper entries over port 135 and also tries to exploit MS SQL servers if it is presented. With its built-in SQL Server exploit you can execute remote commands as Local System. Source code is freely available on demand.
3863c6f29cd341d1958cccd0e9cfa0ecd21e76b0b7745b4f16997e6203c5b2f3
Deltaflown , it is a ICMP/TCP/UDP packet forger which is very easy to use. It is coded in C and it can be compiled on a linux machine or on another UNIX if you change the name of headers.
272f40e310301484bfbd2ebfbf84e05c16b9b67ec0f402fecc53c21b932812d4
55hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user.
fb723aa7785e3130278d7ec8ff23e3a0e2b718012bbe3d2bb35b612d4c64a2b8