A simple ICMP/TCP/UDP packet sniffer that was written for and tested on Linux.
047cbc79c160dd2b932a853e25639043
Local privilege escalation exploit for Kerio WebSTAR versions 5.4.2 and below which suffer from a local privilege escalation vulnerability due to an improper loading of a library.
a579660f0da9f3f25f527efa6d560184
Kerio WebSTAR versions 5.4.2 and below suffer from a local privilege escalation vulnerability due to an improper loading of a library.
09885700e3cb27238d5f117272966e65
SLRC is a simple bash script put together to crack rar archives on Linux.
1da28315f05267bad8de52045cc7c0b4
A vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spidered pages. An attacker can directly access the highlight script at '/highlight/index.html' to pass parameters to and retrieve content from arbitrary URLs. The same script can also be abused to enumerate otherwise inaccessible internal addresses and open ports.
99c032d405a177ee8e3a87b4df6ceef2
Outpost Firewall PRO version 4.0 (and possibly older versions) hooks many functions in SSDT and in at least twelve cases it fails to validate arguments that come from user mode.
53c661980a56348ae91ae63facb3c7a9
Backdoored version of OpenSSH 4.5p1 that logs passwords to /var/tmp/sshbug.txt.
98c87de1cf5683f9400828281e3f0769
Debian Security Advisory 1212-1 - Two denial of service vulnerabilities have been found in the OpenSSH server. The sshd support for ssh protocol version 1 does not properly handle duplicate incoming blocks. This could allow a remote attacker to cause sshd to consume significant CPU resources leading to a denial of service. A signal handler race condition could potentially allow a remote attacker to crash sshd and could theoretically lead to the ability to execute arbitrary code.
51971b066a8eeebbdfb1d58b79d8767e
OpenPKG Security Advisory OpenPKG-SA-2006.034 - Miloslav Trmac from Red Hat discovered a buffer overflow in GNU Texinfo. The flaw was found in a function used by Texinfo's texi2dvi and texindex commands. An attacker could construct a carefully crafted Texinfo file that could cause texi2dvi or texindex to crash or possibly execute arbitrary code when opened.
357716bd18fe692b04d953df901466f2
This shellcode does a execve("ipchains -F") in 41 bytes for Linux/x86.
9f3204522b110440c71a0070cd759d8c
The Firewire device enabled by default in the GENERIC kernel for TrusedBSD* defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
c4aa48265643c1fa61a56a7322579d01
The Firewire device enabled by default in the GENERIC kernel for DragonFlyBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
e1730287e3cb0a8eb2886226197ccde0
The Firewire device enabled by default in the GENERIC kernel for NetBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
d64c96b48c1144754f29164eff425a33
The Firewire device enabled by default in the GENERIC kernel for FreeBSD defines an IOCTL function which can be malicious called passing a negative buffer length value. This value will bypass the length check (because the value is negative) and will be used in a copyout operation. This is a kernel bug and the system can be compromised by local users and important system information can be disclosed.
9bf61a2d6a3b88f11455cec5f19352c2
Firewire patch for BSD kernels that fixes an improper length check.
ee54941f2801ae7dffe4bf7236120a89
Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.
4caff34ae0e645e05ef731446d3a671a
DrKnock is a port knocking solution based on sig2knock by Cappella and Tan Chew Keong (http://www.security.org.sg/code/portknock1.html). Right now, the only functional improvement over sig2knock is the ability to use the client under Windows XP SP2. The client and server work on both Unix and Windows.
e5e9b5761d8fadc916d74119e5e3775f
vthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure.
54bbcfefd188d4132efa6a21b37bb8ca
The timemachine can record the entire contents of a high-volume network traffic stream in order to later "travel back in time" and inspect activity that has only become interesting in retrospect. Two examples of use are security forensics (determining just how an attacker compromised a given machine) and network trouble-shooting, such as inspecting the precursors to a fault after the fault. The timemachine is designed to work in Gigabit environments and to store several days of network traffic.
c84b46199c3624438291a32f9a436912
Secunia Security Advisory - r0ut3r has discovered some vulnerabilities in torrentflux-b4rt, which can be exploited by malicious people to gain system access or to manipulate data.
f4e7cc1da6ab1b6a6810cd8250911ef7
Mandriva Linux Security Advisory MDKSA-2006-208 - An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap.
f0c1c532227c9ff07f1e441a5d477e05
Mandriva Linux Security Advisory MDKSA-2006-207 - The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem. BIND uses RSA cryptography as part of its DNSSEC implementation.
4104389466279b56bbe309055b3063c2
There is a flaw in the Links web browser version 1.00pre12 that allows malicious web sites to execute smbclient commands on the victim's machine.
f9dcd627eaa4d20499c332231ccf1445
Microsoft Windows Wkssvc NetrJoinDomain2 stack overflow exploit that works against the vulnerability described in MS06-070.
5f345c7860fdf68e10b87e540f99880d
WinZIP versions 10.0.7245 and below FileView ActiveX control remote buffer overflow exploit.
421934b64e514f5fd6e14e2a68eee841