Red Hat Security Advisory RHSA-2001:047-03 - All Linux kernels prior to version 2.2.19 include possibilities for local denial of service or root exploits by exercising race conditions between the ptrace, exec, and/or suid system calls. Additionally, the sysctl system call included programming errors allowing a user to write to kernel memory. The 2.2.19 kernel fixes these problems.
7372e4cee1b52dc79e7f75bec31df9e9dced09ae503395416bd50c1899f96fc9
Microsoft Security Advisory MS01-021 - The ISA Server Web Proxy service is vulnerable to a remote denial of service attack if the Web Publishing feature is enabled. Microsoft FAQ on this issue available here.
659d1ff434647b93422ef7fd88bfa6838a2c32f67e29c72d3bc0c32808bda089
FreeBSD v4.2 ftpd remote root exploit. Uses a GLOB vulnerability. Requires an account on the machine. Compiles on FreeBSD, Linux, and Solaris. Includes information on finding offsets.
540b154821aa64ba0fdf0fbba86a254d332881eacb9247606a8b7fde62483b1e
SWB enables the SMB(CIFS) session setup in any Windows settings. Tested on Windows NT/2000/98SE/ME.
71517cee9a9e636d740bffaa9cb997d3692f984468422b3a9f89e4b0d630e0e4
BeatLm searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows NT and 2000.
4c535bd8c432c5bb6d185fb0bbf6605c72ba3347e9ad5c80023369270e750c90
ScoopLM searches out the password from LM/NTLM authentication information (LanManager and Windows NT challenge/response). Tested on Windows 2000.
f2e9ef843e853126ff77c898f18f670108c195457bb18820c30fca54ab8370c7
Debian Security Advisory DSA-047-1 - The kernels used in Debian GNU/Linux 2.2 have been found to have a dozen security problems. Upgrade to 2.2.19!
4cb8dd320857282d9391d0b8d746664e7731e2e0d7cf46e248a7589d153f459a
Shijack is a TCP connection hijacking tool for Linux, FreeBSD, and Solaris. Uses Libnet.
5c6dc0d3488506d6b2ee58d31394985fa820a4e43b656db460c86a956de1b810
Go.pl allows you to scan ports through a misconfigured squid proxy.
98310269175325ec91f9370570f050216e816e3c000853861869d1df74773777
Linux Kernel Patch from the segfault.net project - This patch for kernel v2.2.19 allows you to specify GID's which are allowed to bind to each interface. This patch could be very useful for shell providers or admins who wants to restrict the using of more interfaces.
0ab604f42e9c8656bf07b1286bd56f0d7f1d756a9d7ffda62764507085a0e115
Man -l format string local exploit for Linux.
ca335bd4cdac2c35254a550caf5b711395186ac1f91e69c92d32054d17d198fc
Port Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.
fa42e7f72f7a151f777bdf40c928b0682a240e7cd781606b44f66c16e65be446
SAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what each daemon does.
774696831b7609dfcc3dce431bca5cc8660ad30e78696181ecefcfd329055b7e
Etherape is an etherman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based.
c2459163fd228919277e5b533667c539d21066a253941f179163d4eb7e8a4660
Crank is short for "CRyptANalysis toolKit", and its overall purpose is to provide a powerful and extensible GUI environment for solving classical (pen-and-paper) ciphers, providing as much automation as possible. Initial focus is on the cryptanalysis of monoalphabetic substitution ciphers. Screenshot here.
939489d30208901db5106e5eefe9c9207b4ef80690b064b353e76c577c6f61b6
secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
5317bee6c336ae8a4fa3824ff77d3c4aef16796564833c2c362244b8bb5da00d
AMaViS (A Mail Virus Scanner) scans e-mail attachments for viruses using third-party virus scanners available for UNIX environments. It resides on a UNIX (Linux) machine and looks through the attached files arriving via e-mail, generates reports when a virus is found and sets the delivery on hold.
85d200152bb7afaf20431cd61a1bb5021457a538ca3a299bdbcbf8157a902f60
Jail is a chrooted environment using bash. its main use is to put it as shell for any user you want to be chrooted. Their primary goals is to be simple, clean, and highly portable.
46120bb892730dda1ab7643153e5b2d4924923214141d2c76407a37ca7bb7065
corkscrew is a small program for tunneling SSH through HTTP proxies. It features easy configuration and support for several Unix variants.
07b30683ac4405b8404438fd3c9fc3653c5b15aabce96f284f2fc72b23103ba6
Shield is an aggressive, modular firewall script for iptables which features easy configuration through a BSD-style configuration file, optional NAT support, TCP-wrapper-like functionality for service access, port forwarding, routable protection, DMZ support, and more.
95a856340d6fa4f4a8559f3a3027602a3341338eb3c89b254620297464326391
A disassembler written for disassembly of x86 ELF targets on Linux (other file formats/CPUs can be 'plugged in'). Written as a backend or engine -- the UI is a command line; support for controlling the disassembler via pipes or FIFOs is provided. Note that this disassembler does not rely on libopcodes to do its disassembly; rather, the 'libi386' plugin is a standard .so that can be reused by other projects.
6a45ac0ea697d4b71994d3441b9fe0d946819bbd9ee3082f187536aa7225c3b6
fwipe overwrites your file a specified number of times (default: 5) and then deletes it. It is extremely secure; it will not be confused by filenames containing special characters, and is suitable for use against law enforcement.
410017ec23299d957bad67cc636590ed79adf2dd46903f04e2fecfb5e00ec329
ComClear is a history cleaner for Netscape Navigator and Communicator which allows a user to choose from deleting the cache, cookies, history, and drop-down list. Comclear has both a command-line version and a GTK+ version, the latter of which is run automatically when ComClear is run from an X session.
fabf7d7bfe1845fb4534027f3a781f08d46f37d773322ca2c1d4749a672a03c6
XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.
5ba5d86abd0c8a7c492f8219dfa91dd8def14d96897a0f2823207237a649c2db
Perl exploit for the well known ath+++ bug which causes some modems to hang up.
88691fa61a4d336d867e72e0548f6d8ec02269923f169864de37eaa4fc202891