CERT Advisory CA-2002-31 - BIND 8 has vulnerabilities that may allow remote attackers to execute arbitrary code with the privileges of the user running named which is usually root, or with the privileges of vulnerable client applications. The other vulnerabilities will allow remote attackers to disrupt the normal operation of DNS name service running on victim servers.
52bed20a304c98d442c6acd76de1296d8c5b8bf6427430451ecb349e59661f20
Fire and Water Toolkit is a powerful and comprehensive toolkit for network assessment and defense. It scans and maps networks, checks for web vulnerabilities, and includes a powerful, scriptable ISAPI filter (integrates with Snort) for IIS defense. XML based with multiple output options including XSLT reports.
fc6d95d7249e96c3a96f4b67fb95c260226bfbad5012c2bebe90770d6299cdc9
The KeyFocus Web server, a Win32 HTTP server with web administration, contains a flaw that enables attackers to traverse above the webroot in the directory structure. Only files with recognized MIME types can be compromised as there are internal defenses by the server that disallow retrieval of other files.
dc22d736a755b10bd7c27a85bf36efee3c7f89158ea10d7ed13173909498eafa
CERT Advisory CA-2002-30 - Released source code distributions of the libpcap and tcpdump packages were modified by an intruder and contain a trojan horse which, upon compile time, remote grabs a file from a fixed IP address which it then compiles and runs. The binary then goes to a fixed IP address and gets a one character response which enables the remote machine to trigger the spawning of a shell to the remote machine. The backdoor also explicitly ignores all traffic on port 1963.
b64a37a06e31968b926ac44608e1500e16cc51e74f8d09235f561baebdbbc9ac