Bindview Security Advisory: Denial of Service Vulnerability in Cabletron's SmartSwitch Router (SSR). Remote users can flood the ARP table and stop the processing of packets.
85b52a0144618cc558cd1f34d6755e7f885a84a66d835af7ef076846c52575a7
UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5. The buffer overflow is caused by a long user name, 2000 characters. Source / Binary for DoS attack here.
b9bf2c6f03b60c09ff76b043f8b7a7aac25a8e062fe0a9217a774ed8d103ddcb
UssrLabs found a buffer overflow in WorldClient Server v2.0.0.0 where they do not use proper bounds checking on WorldClient TCP Port 2000. Denial of service exploit available.
3b1c84dc9f0f7149f35a233e5703823a06da161632fee84d723e133ce1a996a5
ex_inc.c exploits a bounds checking error in /usr/jp/bin/mh/inc which was distributed with the mh-6.8.3 package. Local root compromise.
64f2aa455cd466403bc433552e384ce9c8e0ca9b98c3b17c61c9298a5606d3ea
ex_bbc.c exploits a bounds checking error in /usr/jp/bin/mh/bbc which was distributed with the mh-6.8.3 package. Local root compromise.
473ed7b2b606ac73b513d39a31d17c1a0273bb06e15e9331e35c648649c833b8
kcms_configure has a overflow bug with "-P" option and it has been reported(107339-01). But this program has another hole. This hole has not been not reported, and the paches are not published at this time. kcms_configure overflows if long string is specified in NETPATH environment, and it is exploitable. I have included an exploit for Solaris7 intel edition to obtain root privilege.
ea0a516a062e19771e9d6d970e1a6bd9a1fc9ee7ecf921fcb1848a66309b1ef1
The vulnerability in kcms_configure also exists in Solaris 2.6 and 2.7 sparc edition. Exploit included.
ddad8f87f48eb849bc4bf6f56910e4be16715ce9dec57022ab5c00f69f2c1712
The mailer programs (mailtool and dtmail) and mail message print filter (dtmailpr) which are installed on Solaris7 have exploitable buffer overflow bugs. These programs are sgid (mail group) programs, local user can obtain mail group. The mail files are generated with 660 permission, so any user can read/write other user's mail files. I coded the exploits to get mail gid(egid=6). There are for Intel Solaris7. There are same kind of problems on Sparc Solaris7 and Solaris2.6 (Intel,Sparc).
e92d0a93449cedf9a5f2e97de3948d9c6e4f86ade92541e2bae6d0f02e99dcf4
WINDOWS NT MAGAZINE SECURITY UPDATE for November 24, 1999. (formerly Windows Security Digest) Includes information on Internet Explorer 5.0 XML Redirects, Vermillion FTP Server Subject to Denial of Service, WordPad Subject to Crash, HP JetDirect Denial of Service, ZetaMail 2.1 Subject to Denial of Service, G6 FTP Server Subject to Denial of Service, Melissa Variant Prilissa on the Loose, The Philosophy of Security - UNIX vs. NT, and 3Com's New 3CR990 Encrypting NIC.
22bdf51ea47ec62aff28e672e877f6d4e56e3031043dc45ebf64d380cc479a36
O'Reilly's WebBoard software has some bugs with interesting possibilities. Vulnerabilities include unauthorized paging and arbitrary content insertion.
f599b47fd54cd9044b14d6b79b5aec270c167886138278d2b2fbba16cbe89790
Narrow Security Scanner is a perl script which checks for 177 remote vulnerabilities. Tested on Slackware 4.0, Red Hat (4.2, 5.0, 6.0), SuSE 6.1, FreeBSD 3.0 & OpenBSD 2.5.
bcfcef616792517641299fd43ca370f4f6f22a3aef22eb0162f42cd8c46751de
NetPeek is a GUI-based network monitoring and diagnosis tool. It captures packets from the local network and displays them to the user in two forms: a short one-line description similar to that produced by tcpdump, and a long form that displays the contents of all fields within the packets in full.
70e66dfcf03bde13746c8b97797fef7e77510861fe27c401ca185ae570f275b0
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
517fe51fe7193b13ceca738c8c30ee0182aead4c4b9d2d14d09deac2ddde9565
The Oce 9400 plotter can be used as a telnet proxy in its default configuration.
7dc17fea3ce18547115679dce3605f71296d6cdbc78e338c5547cbcc1a17902e
Massively Distributed Penetration Attempt Generator. Wouldn't it be fun if your favorite lamer was trying to hack the Whitehouse, or even the Army? Now they can, or at least appear as though they are. This utility will generate a slew of fake scans on a target ip from a group of fake "scanning" ips. Inspired by nmap.
59dffcfa3e4bd730b2d6b0306c8b92ec6a282eb576ba51774bd05c20a3c30b47
Multiple remote DoS vulnerabilities have been found in the MDaemon 2.8.5.0 server. Binary / Source for this MDaemon Server v2.8.5.0 Denial of Service here.
3a0ceab38aea510cb377ea41e4fb2cf7d031201d581401ef812dbd81aa89f4ca
Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT summary to draw attention to the types of attacks reported to our incident response team. This quarter, the most popular attacks are Distributed DoS tools, Distributed Sniffer for Linux, CDE Vulnerabilities, BIND Vulnerabilities, WU-FTPD Vulnerabilities, AMD Vulnerabilities, RPC Vulnerabilities, and virus / trojan activity.
4916697ede111fc56d0a555e05360d53fa9f7f98f5ba31cbadd4565952b50824
Webcracker is a security tool that allows you to attempt to brute force id and password combinations on your web site. If you're able to guess a user's password with this program, chances are some hacker will be able to also. Webcracker helps you find these vulnerablilities and fix them before they're exploited by some unknown attacker.
21e2b52b2c9f4281ee6e758a5a64821ef62d1ccb9ffafa53d6fbf33b8d484fe6
Sun Microsystems NetBeans (recently renamed to Forte') Java IDE includes an internal HTTP server to try Java code. When service is enabled for one machine, the HTTP server allows remote access to root and all subdirectories from any machine. Example included.
9e98d68bcd377235a72ff44e6d0f4d04526bb950706328566c2744fb4832566d
Bug in pine 4.20 below allows pine to execute a command mailed to the user without the user seeing what it is by Jim Herbert. Includes commentary by Pavel Kankovsky on how it is still not fixed in 4.21.
3666f88135de094542fb169ef70fc2338e61507c7e7fe1ec4be8e3b8ec7d257e
Riched20.dll, which Microsost wordpad uses, is vulnerable to a buffer overflow attack. This paper gives lots of detailed information on of exploiting this vulnerability.
3f1b59360021dd122d37fd44d66487de0c4de9144e6bb58b16b27327eed42ef1
Internet Explorer 5.0 under Windows 95 and WinNT 4.0 (guess other versions are affected) has security problems with HTTP redirects in XML objects. This allows at least Reading any (local or nonlocal) XML file and any wellformed documents, Reading parts of documents, Checking for the existence of local files, and possibly reading arbitrary files. Exploit included.
5b6c27497f657cb808f65f63aae3c8ef89936dfdab9b4da93b59f14c50255ef8
gfcc (GTK+ Firewall Control Center) is a GTK+ application which can control Linux firewall policies and rules, based on ipchains package.
d1941883265ad61d8d95879d0a3bacff8ebe388e92802ca802be6034d57bc8e9
Patch for ICQ 99b v3.17 bld 2565 which removes IP hiding, Removes the Owners Limit, and removes authorization request to add new users.
2e2d4b43c4ee1087a33fd31a910aa0efe627d0020df647388c8522287cd4484a
Patch for ICQ 99b v3.19 which removes IP hiding, Removes the Owners Limit, and removes authorization request to add new users.
384d4c2977d5d27bd5d695e6880a7f4f684205bb83fce2955a29bd3f79f44e1d