Microsoft Security Bulletin (MS00-077) - Microsoft has released a patch that eliminates a security vulnerability in NetMeeting, an application that ships with Windows 2000 and is also available for Windows NT 4.0. The vulnerability allows a malicious user to deny service to a NetMeeting server. Microsoft FAQ on this issue available here.
3c668e9e0ef4c2472401d28101f1e4541a99dd6185589b9f9706e5803eb6eb01
Debian Security Advisory - The version of curl as distributed with Debian GNU/Linux 2.2 had a bug in the error logging code: when it created an error message it failed to check the size of the buffer allocated for storing the message. This could be exploited by the remote machine by returning an invalid response to a request from curl which overflows the error buffer and trick curl into executing arbitrary code.
b4546e53189726ce86a3b698d2a39926c6eabfb3a4c4ab5225418a919e65a44a
FreeBSD Security Advisory FreeBSD-SA-00:57 - The muh port, an IRC bouncer, versions 2.05c and below contains a vulnerability which allows remote users to gain the privileges of the user running muh. This is accomplished by sending a carefully crafted exploit string containing string format operators to a user using muh but who is not connected. When the user reconnects and executes '/muh read', muh will allow the remote attacker to execute arbitrary code as the local user.
8f36eb60edcb01ea36fa29e159e50ecf301ee4326c181259fc41a4249d047569
FreeBSD Security Advisory FreeBSD-SA-00:56 - The LPRng port, versions prior to 3.6.24, contains a vulnerability in syslog() which allows remote and local root compromise.
383a13988913ece81c3d550a90cc2d095ebcae22e3dc9547ad51506fae541281
FreeBSD Security Advisory FreeBSD-SA-00:55 - The xpdf port, a PDF viewer for X, contains a race condition which allows local users to overwrite arbitrary files as the user running xpdf. Additionally no shell metacharacter checking is done when visiting URLs.
fffc0e765e6068b8f2afe53e82d8918165e1e3bcbe5fa3d10ea50b7380a44a68
FreeBSD Security Advisory FreeBSD-SA-00:54 - Shortly before the release of FreeBSD 4.1.1, code was added to finger(1) intended to allow the utility to send the contents of administrator-specified files in response to a finger request. However the code incorrectly allowed users to specify a filename directly, the contents of which would be returned to the user.
4b5af2dc80b56a25748f70615e7b9bee970529fb40be4967c4a47cf39c2e6d1e
Debian Security Advisory - In versions of the traceroute package before 1.4a5-3, it is possible for a local user to gain root access by exploiting an argument parsing error.
96b99378a5e3df437c75a80827f0afcb8530f3b641e7bacf61037b6d1b4673a8
Microsoft Security Bulletin (MS00-076) - Microsoft has released a patch that eliminates the "Cached Web Credentials" security vulnerability in Internet Explorer, which allows malicious users to obtain another user's userid and password to a web site. Microsoft FAQ on this issue available here.
da1c3e8d0916bf749858b704179dabc4b0d8870ddade71fd331d032ce13a8ede
Synnergy Laboratories Advisory SLA-2000-17 - A flaw in Linux/UNIX Anaconda Foundation Directory, a yahoo style search engine based on the Open Directory Project allows remote users to traverse the webservers filesystem, allowing arbitary files to be read by appending a trailing NULL byte in URL encoded format. Exploit URL included.
114471e6a48ade395cf5dd9910cfbb9ebc5b97960e372c164656001a5ddd2840
Godmessage Creator allows you to implement the Godmessage IV activeX attack with any binary you supply. Archive password is set to p4ssw0rd. Use at your own risk.
05516f6b41a3b42bf1118a69b356c3c549d89a355493f0ccc97d4bda177ac489
Remote Nmap is a python client/server package which allows many clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all thier scans come from a dedicated machine.
2a872d63b5468f22b07ce46bfc82936970287e1418ba149aca5824a4796efc76
Microsoft Security Bulletin (MS00-075) - Microsoft has released a patch that eliminates the "Microsoft VM ActiveX Component" vulnerability in Microsoft virtual machine (Microsoft VM) for Windows 95, 98, Windows Me, Windows NT 4.0, and Windows 2000. If a malicious web site operator coaxes a user into visiting his site, the vulnerability allows him to take any desired action on a visiting user's machine by using ActiveX controls which are marked unsafe for scripting. Microsoft FAQ on this issue available here.
bb5c17def125a4361b08bc4f6c572106f17b422486a9caf1132046c6235a2855
Kak.hta is a variation of the recent ActiveX Dotslash.
bdb21f8e4b7bfa50a24c006b6d2979c765ccd82a4bdedeee48257dd7ffdee0b2
Microsoft Security Bulletin (MS00-074) - Microsoft has released a patch that eliminates the "WebTV for Windows Denial of Service" vulnerability which allows malicious users to remotely crash WebTV for Windows. Microsoft FAQ on this issue available here.
772280c0743fa28cd5eb802ad058d545f7ef5a95e7d6bd8b9d2d09f954bd87b0
rhaft.c is a Netcraft imitation tool which can fetch some server information.
60e5b66a2cb02636f975d47b9b7628cf7990cd46a50502c50d06d794bc5bf068
NSFocus Security Advisory(SA2000-04) - A denial of service flaw has been found in the Microsoft Win9x netbios client. An attacker can modify his host file share service and perform DoS attack against a Win9x client that visits it. Windows 95, 98, and 98se are vulnerable.
9236c974af81c4c844db26363d287b64b22ac6b3a14b0d4342716a88acbe836a
NSFocus Security Advisory(SA2000-05) - Microsoft Windows 9x NETBIOS password verification contains a vulnerability which allows an attacker to use a share only knowing the first byte of the password, which can easily be guessed. This is the flaw described in ms00-072 which affects Windows 95, 98, and 98se.
7aef63a9de0679d5b03e709420e8ddace4d85f1bf4c6394a3d8949d58d90ea2a
Microsoft Security Bulletin (MS00-073) - Microsoft has released a patch that eliminates the "Malformed IPX NMPI Packet" vulnerability in Windows 95, 98, 98se, and Me. If IPX is installed, the machine can be caused to fail or flood the network with superfluous data. Microsoft FAQ on this issue available here.
64f4ccf487c0dc25586b7b958c5ab0d65657f3cb4b5012be3daa84acd131c9f4
NSFOCUS Security Advisory(SA2000-03) - A denial of service vulnerability has been found in the IPX/SPX protocol implementation. When a WIN9x host receives a IPX NMPI packet that has the same source and destination machine name of its own, it will be lead to an infinite loop of sending and receiving packets. This attack will consume a large sum of CPU resource of attacked host, causing it to crash.
ee09333c713c3c147526afc9d6f8cea9c39dd915e503348778b1122d7781a015
SAINT (Security Administrator's Integrated Network Tool) is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.
d4a2fa3f65a7eeae71ab52548598bc5ca4c0c7dbfa771ae2ca5d5761dcd8b08d
The idea of the International Kernel Patch is to collect all crypto patches so that using crypto in the kernel will be easier than today. The patch includes a number of crypto patches including a crypto API including Blowfish, CAST-128, DES, DFC, IDEA, MARS, RC6, Rijndael, Safer, Serpent, and Twofish, an encrypted filesystem loopback device using the crypto API, CIPE VPN and EnSKIP patches.
a53267652597064b7c591ffc8a54035b81f2ddac673e1eec9535e8476818b4ce
Zorp is a new-generation modular proxy firewall suite to finetune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize outband authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).
af4de5fd0b6c4b60da55f824fea6923076484b3b7300ac59488942c058981087
SuSE Security Advisory - GNU cfengine, an abstract programming language for system administrators of large networks, has several local root format string vulnerabilities.
f52aec0643cadd4f2fb5e2f95f5fd9d3969b607abef7aebde0e82ce715404736
SuSE Security Advisory - esound, a daemon program for the Gnome desktop, has a race condition which allows local attackers to change the permissions on any file on the filesystem.
6c6d344c26218475b41876a24d93ef04e105e8ff868b589b666644cce3691bc5
FreeBSD 4.X local /usr/bin/systat exploit. Gives a sgid kmem shell by exploiting the .terminfo bug in ncurses.
74912457abcb06d1b3486b0919890ed721d24f2ed15b58307dd60bb46c085361