Parses all the IP addresses out of a text file.
7ee6a159f70bacc23298381418e81dc3270178e79e5e5aa2fca6094169a31b2c
Internet Explorer 5.0 under Windows 95 and WinNT 4.0 (suppose Win98 is vulnerable) allows reading local files and text/HTML files from any domain. Window spoofing is possible. It is also possible in some cases to read files behind fiewall. Example code here.
ae28152f3141ef6c3d473a077670277333c83e16b166924e3ecccd5099c6e352
A combination of well known DoS attacks, including the new IGMP/STACK windows 98/2000 bug.
eb60c7bbbe0fd56a3e85599a01322462c2fdd8a847f25d13e3946da9053d02bf
Simple denial of service attack against Windows98/95/2000/NT Machines. Sends random, spoofed, ICMP packets with randomly choosen ICMP error codes. Result: Freezes the users machine or a CPU usage will rise to extreme lag. Tested on: 2.0.35, 2.2.5-15, 2.2.9, and 2.0.36.
a34419b9c97a97e204d430651d4d366a08dfd341003378c9521826a77759a530
There are potential problems with file access checking in the lpr and lpd programs. These could allow users to potentially print files they do not have access to.
e07c08619c2fb583c21126d232a90aff1fd7b271ca7a7c9118b1cf1b84a8f84d
There might be a really nasty stack smash bug in linux-2.2.12 and 2.0.38. If I am reading this correctly, the implications of this bug could be very dire. It may be possible to easily obtain root privilege on any box running this kernel. Includes comments by Alan Cox.
26882e3fac59928336c10c9962f8a3f5cce1846683fd03a227f0f61b771d35be
A serious security hole has been found in the web configuration utility that comes with OpenLink 3.2. This hole will allow remote users to execute arbitrary code as the user id under which the web configurator is run (inherited from the request broker, oplrqb). The hole is a run-of-the-mill buffer overflow, due to lack of parameter checking when strcpy() is used.
b36a8272ac716effd911a885be7e5ec3e74fe7e469278cc4955a647b5a86bbe3
Redir is a port redirector. Its functionality basically consists of the ability to listen for TCP connections on a given port, and, when it recieves a connection, to then connect to a given destination address/port, and pass data between them. It finds most of its applications in traversing firewalls, but, of course, there are other uses. It can run under inetd or stand alone (in which case it handles multiple connections). It is 8 bit clean, not limited to line mode, is small and light.
0892748e04afd7bc36a12511a51a2073bf809560d48e49db309f9af1cdb55506
pss.php3
c231c024dc475fb922e27c86d44753146e61ab196e2dc58d111ec2607e7b5c3e
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic, though adding support for other protocols should be relatively easy. iplog 2.0 is complete rewrite of iplog 1.x by behe <eric@ojnk.net>. As such, it contains all the features supported by iplog 1.x, including a built-in DNS cache, the ability to detect port scans, null scans, and FIN scans, "smurf" attacks, and bogus TCP flags (used by scanners to detect the operating system in use). iplog 2.0 adds detection of Xmas scans, ICMP ping floods, UDP scans, and various IP fragment attacks. As mentioned above, iplog 2.0 has a packet filter.
ff5147246cf34d189e79e87c6d49b2e1487617532ec9d9f6b643394567e296c7
Ethernet Packet Sniffer 'GreedyDog' Version 1.30. Unyun
e3fe7aef03b7b6c4070f3c0b13f7a9ae417b4162816b8a3ff5df5e5988004419
lids is an intrusion detection system patch for the Linux kernel; it can protect important files from being changed. When it's in effect, no one (including root) can change the protected files or directories and their sub-directories. First release.
876cfbda1720c31debfa343471e807d720b478388d1840e06c0a90c0be175976
PacketX 1.0 is a native Windows NT firewall testing tool that allows for complete TCP/IP packet creation. It creates packets to be 'fired' at a firewall in validation tests so that firewall rules can be confirmed. PacketX[tm] contains complete TCP/IP packet spoofing technology in order to verify the approval/denial of internet domain address against firewall ACL's. Freeware version.
4c35e611d93dad2d380a1e9f3e54a132c151acf2d5fc5d0e14e626923b7725b3
Yet Another Wingate Scanner (YAWS) Version 0.1.
1e321a08d3f5472a712fdfbdbbb470dd8f42a2f100e6e751422294ebac6dcf44
Update to ms99-042, released Oct. 15. Updated patch availability. The IE 5 security model normally restricts the Document.ExecCommand() method to prevent it from taking inappropriate action on a user's computer. However, at least one of these restrictions is not present if the method is invoked on an IFRAME. This could allow a malicious web site operator to read the contents of files on visiting users' computers, if he or she knew the name of the file and the folder in which it resided. The vulnerability would not allow the malicious user to list the contents of folders, create, modify or delete files, or to usurp any administrative control over the machine.
368f46701e13ab6e23ee4e12a95583ca7ffd7eacdd5e56b4c0404fe1899040db
Any user may overwrite any file with group auth (i.e. /etc/shadow, /etc/passwd) using /etc/sysadm.d/bin/userOsa.
efdff100c4986b360fdb21f715839b67fb3d8d0b39aa721df77706513060b1a7
An overflow in /opt/K/SCO/Unix/5.0.5Eb/.softmgmt/var/usr/bin/cancel which will allow any user to gain lp privs.
9a4e597b84c8c1eb31bb630c9cc574cac8e99b62e17a606be42a39e44a6790f1
Windows 95 updated RDS exploit.
149a610621db59471d4420731c09658ea691396164cc0d8d1ac34ce2e22ef793
IE 5.0 vulnerability - reading local (and from any domain, probably window spoofing is possible) files using IFRAME and document.execCommand. Includes exploit. Demonstration code Here.
9675de24df2217c21e2f6231a2c519019a809807235ded9783257956a7c2f796
WinNT.Infis is an executable file with .EXE extension that installs itself as a native Windows NT system driver. Alert from Finjan
23e7fbdac27458b692f699f8b02855358119285d3d4e180ca6f8cd287273b70a
multithreaded telnet toy first seen on palante's DefCon 7 CTF server. Waits for a incoming connection, port scans the source IP, and forwards the tcp connection back to one of the open TCP ports on the source IP.
3fe5fbb7e8645bc3f727dd1d289575575ded8656f7a9147c5a91414d5c07a22c
The NASHUATEC D445 printer is vulnerable to many attacks
394d23effdf942f93c8f35952664715426d28a4501b41528f8f01ed69afed5fc
The Veganizer is a spam counter-attack. It searches the headers of a specified message for all associated IPs and Domains, then sends mail to pre-specified addresses at those servers (abuse@, postmaster@) as well as addresses found by a whois query on the IPs/Domains. The mail sent will also include the original message with full headers.
269eb9c4b6ca3f3682eadc3e191298bd93cccb8ccb1c7946fd5bdd3d79c2675d
Updated paper on Intrusion Detection under Windows NT. This should make things a bit clearer. Microsoft Powerpoint presentation.
a45c068425c0bf5d041f5c876d0ebd0469a3d384c7bcf037e4daf643457ae7c9
The SINUS firewall. For linux 2.2.x kernels. The only firewall under linux with a portable GUI interface, which works with JDK 1.2 under Windows, Linux, OS/2, Solaris and more. This version fixes some problems with tcp reject on 2.2.x kernels. (Official Site)
49bc21952d4aa94003d1b9bd563328ddb8dbd9eb1370cdfe12828435250253d4