Microsoft Security Bulletin (MS00-051) - Patch Available for Excel 97 and 2000 REGISTER.ID Function vulnerability which allows a malicious user to run code from an Excel worksheet without the user's knowledge. Microsoft FAQ on this issue available here.
88cea937c761ae956180b040a2887de09a1a78094445b65a925371ac1fd22474
Debian Security Advisory - The version of userv that was distributed with Debian GNU/Linux 2.1 had a problem in the fd swapping algorithm: it could sometimes make an out-of-bounds array reference. It is possible for local users to abuse this to carry out unauthorised actions or be able to take control for service user accounts.
714809e4a9e81e073e0999b21f4d27e00b008501ab642f5084bbcf66a81670f6
Scan Detect prevents attackers from running TCP port scanners against your Linux system by listening on a given TCP port and if any host on the internet connects to that TCP port, Scan Detect will use Ipchains to block that host completely.
cda7abcd54b71300a9c18d2206790aa4a00683b281055f988c859d2208b55703
IP Filter is a TCP/IP packet filter suitable for use in a firewall environment. To use, it can either be run as a loadable kernel module (recommended) or incorporated into your UNIX kernel. Scripts are provided to install and patch system files as required.
fa5b4d0eb422dcd9ba9909974f7a7e1ac8f89d54d323381d9ea16c66bfc377ca
spam.pl is a perl script which automates the process of sending complaint letters to spammers ISP's. It strips out the proper address from the spams mail headers, taken via stdin.
2e6cf2835e91600000a08901fc12ef6fab28c38736073587619056eaf38b127a
Microsoft Security Bulletin (MS00-032) - Patch and Tool Available for "Protected Store Key Length" vulnerability. This vulnerability makes it easier for a malicious user who has complete control over a Windows 2000 machine to compromise users private keys and certificates. Protected Shares in Windows 2000 are only encrypted with 40 bits, while they are to be protected with the strongest available encryption. Microsoft FAQ on this issue available here.
6cd5ac9e35ce150759d578536613c72e94ab1466a4d3677ca0a93b5ed09feddd
Foundstone Security Advisory - AnalogX SimpleServer:WWW v1.06 and below is vulnerable to a "relative directory path" attack that allows a remote user to retrieve any known file one the the server.
2aa7701a5bbde76d87bd4d641b145632b1ca55e9080324df5aad27644489f2c1
CERT Advisory CA-2000-14 - Microsoft Outlook and Outlook Express Cache Bypass vulnerability allows an attacker to use an HTML-formatted message to read certain types of files on the victim's machine. In addition, because this vulnerability also allows the attacker to store files on the victim's machine, it can be used in conjunction with existing vulnerabilities to execute arbitrary code on the target system.
7f6256494f3f98ce9cabcf2747730a949d21c497ecc9e0d1b9a558887b82531b
A Solaris kernel module to emulate linux's /dev/random and /dev/urandom.
6dcdebdcddbb1188420c058247b24e5fe70e2ffa5574f6ac9ea7afc95ffd5d09
Ftpdse scans a list of IP addresses for FTP servers, logs the version, and can optionally see if site exec accepts format strings.
2203a1227b7895400cdfbf6ab6e306613fc5af3eea72148088c3760eb25d6eaf
pgpenvelope is an interface to meld using Pine with GnuPG, the GNU Privacy Guard. It allows one to sign/encrypt/decrypt/verify one's mail messages using GnuPG from within Pine. Ease of installation and use, and a nice interface are primary goals during development. In addition to being just a Pine filter, pgpenvelope tries to maximize the use of procmail so that signed messages only need to be verified only once. A fix for a bug concerning selection of the signing key.
ee05d8caf85dee0009bdc6587d70ad3b4ca7d421ccfe473d8de442bc92e9dfb9
Network Associates COVERT Labs Security Advisory - The indexing utility webfind.exe distributed with O'Reilly WebSite Professional contains an unchecked buffer allowing for the remote execution of arbitrary code on vulnerable hosts.
36228147ba09ed48a48ec3c22b40ef8ab5a8ced86f40414d41d26c67a57aee4c
Cerberus Information Security Advisory (CISADV000718) - A buffer overflow has been discovered in webfind.exe which comes with O'Reilly's WebSite Pro. This overflow can be exploited by an attacker to execute arbitrary code. If webfind.exe receives a search string of over 1024 bytes the stack is overwritten. A proof of concept exploit is included.
12b26b233ae8e86c75290b8e6e7d8e59ce23a84ea10e6ac5d0c3e8d5251236b9
Cerberus Information Security Advisory (CISADV000717) - A buffer overflow has been found in O'Reilly's Website Pro 2.4. This overflow can be exploited by an attacker to execute arbitrary code.
d3fab097c78c31f8e65dddbeda370b181d0fbaa21fbc7ef9e47c6007ad36adcb
ISBASE Security Advisory(SA2000-02) - Microsoft IIS v4.0 and 5.0 for Windows NT and Windows 2000 sometimes displays the contents of files that should not normally be displayed and sometimes contains sensitive data. ISS can be tricked into calling ISM.DLL and exposing the contents of .asp, .asa, and .ini files. Exploit description included.
c08944303a5c4fb8db44beece6ca8c9e5f3f74e31842f8ec050ebb34e977435c
Network Associates COVERT Labs Security Advisory - The L-Soft LISTSERV web archive (wa,wa.exe) component contains an unchecked buffer allowing remote execution of arbitrary code with the privileges of the LISTSERV daemon. Vulnerable systems include L-Soft LISTSERV Web Archives 1.8d (confirmed) and 1.8c (inferred) for Windows 9x, Windows NT 3.5x, Windows NT 4.0, Windows 2000, UNIX (all vendors), and OpenVMS VAX.
a3eaef27c0c60ab4d4d042110fa7fbaa9e62953241047c765cb69fd3ca8bafd8
Inflex is an email scanner which scans both incoming and outgoing email without altering your /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg., EXE, COM, BMP, MPEG) and file names (eg., stages.exe). It can also be used to scan for text snippets within emails and supports Exim for delivery.
85fa2f9c2b8369230288e9f7cf073805efccc86377c09b313db5e571fed4d4d3
ArpWorks v1.0 is a utility for Windows which sends customized Arp Announce packets over the network. All ARP parameters, including the Ethernet Source MAC address can be changed. Also features an IP to MAC resolver, subnet MAC discovery, host isolation, packets redirection, and IP conflict packets.
df3e09312979c44353c8a13e2ceb4b4589fe5eaa06e606564b2b7fe90d1f991e
Foundstone Security Advisory - AnalogX Proxy v4.04 contains multiple buffer overflows. Includes several proof of concept denial of service examples.
ecf9025d8fb2c5b91e285bf9f4839c34b7b4005d1ba80cb67d41d7edd59381de
Linux Security Week July 24 - In this issue: Deploying Portsentry, How Buffer Overflow attacks work, Maximizing Apache Server Security, Secure Directory Services for E-Business, IPSec update, RedHat PAM updates available, NFS-utils rpc.statd remote vulnerability, Mandrake usermode vulnerability, LISTSERV web archive remote overflow, Stalker CommuniGate Pro read any file vulnerability, and SuSE Nkitb (ftp) vulnerability.
1c45fd9d5af9418bd4bddfa5bf221ac7287916786a10a0e4fb8921ca55a31796
Despoof is a utility that tries to determine if a received packet is in fact spoofed by checking the TTL. This command-line utility is intended for near real-time responding (such as being triggered from an IDS). The README explains it all. This utility is based on an idea by Donald McLachlan [don@mainframe.dgrc.crc.ca] (thanks Don!). Despoof runs on most Unix systems (tested on Linux, *BSDs), and requires libnet 1.0 and libpcap 0.4.
c730656dba9ef4d9ad86dcb864c528f945e8c29c056ccfe8f82664ec9d4a1e39
VLAD the Scanner - A freeware, open-source scanner that checks for common security problems. VLAD checks for the items referenced in the SANS Top Ten list of common security problems, found at http://www.sans.org/topten.htm. While freeware scanners are not neccessarily unique, VLAD is rather unique because of the amount of vulnerable CGI programs it checks for, and its comprehensive account/password checks (seven different protocols).
49ddff7020a60b1c526937b09cc43271544f09c21165da5716352440d7338b63
Netscape 4.73 and below remote proof of concept exploit for linux/x86. Includes a test image which crashes Netscape, a JFIF file compiler which exploits the COM marker processing vulnerability, and an unofficial patch for Mozilla M15 and Win32 Netscape.
0f05859c7ef597bbacc6e8eca02d88950d83123ded5db560eac573fc6dc8107f
Netscape browsers v4.73 and below can be tricked into executing arbitrary assembly code by a malicious web site. In the case of Netscape Mail or News, the attack may be performed via a mail message or a news article, as well. A bug in the way Netscape browsers use the Independent JPEG Group's decoder library can cause the JPEG stream to be read onto the heap. Exploiting this vulnerability into executing arbitrary code is non-trivial, but possible on some platforms.
6c13825689c162377d5aef906252e6f595a0015f46abc25bdb05bed5645897b5
SAINT (Security Administrator's Integrated Network Tool) is a security assesment tool based on SATAN. It is updated regularly and scans for just about all remotely detectable vulnerabilities. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.
22dffd2cea4bbd35a1c23deabc9e5c7b7ae85a1c0737e137c52e514c539a1353