S.A.F.E.R. Security Bulletin 001026.EXP.1.8 - iPlanet Web Server 4.x for Solaris, Linux, and Windows NT contains a remotely exploitable buffer overflow if server side parsing is enabled with the "parsed html" option.
22b7bfa6cd36594ff96d31ea269f256e311351303fa334059f3529b110ff1068
ipac is an IP accounting package for Linux which collects, summarizes, and nicely displays IP accounting data. The output of ipac can be a simple ASCII table, an ASCII graph, or even images with graphs showing traffic progression. ipac can be used for IP traffic analysis and for accounting purposes.
a6f62d6aa0e7b07dcb2ab92217170a7b58d4cfcf0f45f323683cdc5a61a31d71
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
05c361000494e7c814b3487515841ea9474cc7e29134d3ebbbf528b150cce3d2
Microsoft Security Bulletin (MS00-081) - Microsoft has released a patch that eliminates a security vulnerability in the Microsoft virtual machine (Microsoft VM) that originally was discussed in Microsoft Security Bulletin MS00-011. Like the original vulnerability, the new variant enables malicious web site operators to read files from the computer of a person who visited his site or read web content from inside an intranet. Microsoft FAQ on this issue available here.
53bcca2df1f42da2a54f88ae83696eb750ff3c84cd952521ddb5b5711ddc32fb
Godmessage 4 Revision 5 is an implementation of Georgi Guninski's recent ActiveX exploit for Internet Explorer which attempts to install a trojan on any machine which views the included HTML.
4169810d4b2ebb4d39ec0d7dcc8a86bacb18f9009719e1fafc944364097eda78
Denial of Service attack against an Intel InBusiness eMail Station. Will send a 630 char buffer to the pop server as argument of a USER command. The little box needs to be "powered off" and -on again.
097d217d961c8d8bf396fe40cca2df3a255ed805abb39c1fe873baf76da9a46a
Ntop is a very useful Unix / Windows network sniffing tool that shows the network usage, similar to what the popular top Unix command does. Has an interactive mode and a web mode for greater functionality and options, shows network traffic sorted according to various criteria, displays traffic statistics, shows IP traffic distribution among the various protocols, analyses IP traffic and sorts it according to the source/destination, displays IP Traffic Subnet matrix (who's talking to who?), reports IP protocol usage sorted by protocol type.
68f68ac1624813bc5785e9933a7196661afd840f0d98d27e7588fb330bf8e72b
Ntop -w v1.2a1 remote stack overflow exploit. Ntop in web mode (-w) contains an overflow when a long filename is requested. Fix available here.
ce04a0904b889efb589dd7afd4461f07739d833d857e3149af3cf2126d26ec8e
Internet Security Systems (ISS) X-Force has discovered a vulnerability in the listener program in Oracle Enterprise Server. It is possible for a remote attacker to gain access to the Oracle owner operating system account and the Oracle database, and to execute code in various operating systems.
56a9846b839261c36ea3bf7d4d00b3a6525142283821baca682d5ef473d0d305
Riven is a CGI scanner which uses RFP anti-IDS tactics, flase browser / referer, and a perl/GTK interface.
019a8748eaa49d241b60bb6fe6e9a2db8eba78d1cebf024f19f604827be4eb21
Patch advisory for Sun Microsystems. Please read for details.
ac5a483433c40d7b7830bdbf1e5be780f67892c00ad1b278e4bacbe27f5f7062
SysWatch is a perl / cgi script that allows you to view current system information, disk utilization, resource utilization all in your web browser.
f574e4230b263c4a6f91e5e6e427e4305fd263cec5bc31fa8c687cd738348f32
Core SDI Advisory CORE-20001023 - The "MySQL Database Engine" uses an authentication scheme designed to prevent the flow of plaintext passwords over the network and the storage of them in plaintext. For that purpose a challenge-response mechanism for authentication has been implemented on all versions of MySQL. The authentication mechanism is not cryptographically strong. Each time a user executes this mechanism, information allowing an attacker to recover this user's password is leaked. Fix available here.
0da0ee191f40700e2b923a6e12d334f1e0e930fd9cb2f89a2bfd92adeafda30e
Red Hat Security Advisory - Systems using Network Information Service, or NIS, use a daemon called ypbind to request information from a NIS server. This information is then used by the local machine. The logging code in ypbind is vulnerable to a printf string format attack which an attacker could exploit by passing ypbind a carefully crafted request. This attack can successfully lead to local root access.
e2bc8aaefde02362fb2ac9bbc2b600f1dc777f40f304caf14d43b4a03937deae
Red Hat Security Advisory - A bug in some versions of curl would cause it to incorrectly parse error responses from FTP servers. A malicious FTP server could use this bug to crash its client.
6e2391e0dd98aa5ea6b0bdd5a4deb92efc6e3d76dcb3ae579ee35b9362294747
Red Hat Security Advisory - A vulnerability in the mod_rewrite module and vulnerabilities in the virtual hosting facility in versions of Apache prior to 1.3.14 may allow attackers to view files on the server which are meant to be inaccessible. Format string vulnerabilities have been found in PHP versions 3 and 4.
6288e107de691c83bc02de5b7e3bf8d172637322deaeff1feb317db4036c5989
HP/UX crontab local shell script exploit.
8db2472fc166d889f4791e2f620b41fb4436110f5536153e1ce57597db33ec00
whisker v1.40 with native SSL support. Adds a -x option which uses the Net::SSLeay perl module and OpenSSL. Whisker is what I've dubbed a 'next generation' CGI scanner. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.
b08da8795124f5cedfed471dc8c6fdce6b7cc819512817bb29e50ed6a5ac34ce
SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a TCP, UDP, ICMP, or raw IP packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.
e6ff7c45faed15d89b54c2a93a9bddf0e81e813e597635cc976461475af89154
fwlogwatch analyzes the ipchains packet filter logfiles and generates text and HTML summaries. Features realtime anomaly response capability and has an interactive report generator.
046ebd4d6ca7d7a8a764f05c9c9bc0e05b10370daebb90f1fc4a4cc3864188ba
How to keep access to a rooted system.
6aea0980f6199821d95be6e02ee15a897c546b8c86715b0601ed199651f116cc
This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
84e85c9487fc7ab4b25b357ee23948e85add674c5c955c17a2f3230d2fe92178
How to read ASP source code on an IIS 5 server using the recently discovered IIS vulnerability.
fbbc4a903d4d14e72415134d1f5fec3c86d4c7566f7cc3e2e8f21160f8293dc4
Lpr lpr-0.50-4 and below contains vulnerabilities which allow local users to access other accounts, and sometimes root.
6ab9815eb4979f4f020da0a0b9a0978875d632bc2a0951630c7aef34b390f59a
Red Hat Security Advisory - A problem has been found in GnuPG versions (up to and including 1.0.3). Due to this problem, GnuPG may report files which have been signed with multiple keys (one or more of which may be incorrect) to be valid even if one of the signatures is invalid.
1ab144da652cc58ee50c74503e5ec6b62d5b5b1ed4bfec784c0eee283a2b6ac6