Nbtstream.c is a NetBIOS session request flooder which exploits the bug discussed in MS00-091. Causes unpatched Windows machines to hang or crash.
fcf420233e3df4916cfd60c2f95d68644e51e1aad9d9aa681177af92eecb8c2f
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
2ae593921bc1e97c3323d345b10bfc0b1a46b89b01b251a36e7484df6f33b434
Dscan is a distributed port scanner which scans from many hosts, making it harder to detect. Uses a client / server model.
c70fd6ee57acfe71407376a48c0a9830b93d396910f9548c76aab719ee07a9a1
Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed.
fed1201862fe7c1663eda6271ab631d154a5160803ab9df77b7b48104c1fcc1e
mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.
53c77b3946def71c25b1e2e24eb751562867eb0166cc63cfc37cd95b3b4c939f
Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
e38f5c958547444133379ccfbe75e1288f54ef9f1a95495a8228994cd4f9001a
Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.
533fb061e18dc63e6c20550752af6ff4dc80a82f89348af551a0ee3c86af7a2f
Microsoft Security Advisory MS01-027 - Internet Explorer has 2 recently discovered vulnerabilities, both of which allow attackers to spoof trusted websites. The first vulnerability causes IE to not check that the server name matches the name on the cert, that the cert is not expired, and that the issuer of the cert is trusted. The second vulnerability allows web pages to display a fake URL in the IE address bar. Microsoft FAQ on this issue available here.
159613942f27ac76bedf421b789f69178bb9b027f13aae03f84bb125759b76e7
Execiis.c is a remote exploit for Bugtraq ID 2708 - Microsoft IIS CGI filename decode error.
930daed1380743902694409c2275d36ed101487eb3dbd8df8b795068aba598ba
Sensedecode.tgz includes 2 perl scripts which exploit the IIS url decoding bug. Decodecheck.pl checks for hosts that have the "decode" problem, and decodexecute executes code using the decoding problem, with redirection.
d32db266c769e68dd5e55144cdff5aac3d5f570243d3c50560169d168c96b542
Patch advisory for Sun Microsystems. Please read for details.
32540a48fb5a0d8bc07e1670adc87f356549fa4519834303ac657833bc9d8420
A flaw exists in Microsoft Internet Information Server (IIS) that may allow remote attackers to view directory structures, view and delete files, execute arbitrary commands, and deny service to the server. It is possible for attackers to craft URLs that take advantage of a flaw in IIS URL decoding routines. Security mechanisms within these routines can be bypassed. All recent versions of IIS are affected by this vulnerability.
0678361f10357557833b2a2d33b82e84b3523cf921e44d95ea0e3d806abb98d1
Crypto-gram for May 15, 2001. In this issue: Defense Options: What Military History Can Teach Network Security, Part 2, The Futility of Digital Copy Prevention, Microsoft and the Window of Vulnerability, and Safe Personal Computing.
20b338b599dd4ab17ef2a4948a8fbd99759076f754f8239a9958eb784470405a
CERT Advisory CA-2001-12 - A serious vulnerability in Microsoft IIS allows remote intruders to execute commands on an IIS web server, as discussed in ms01-026. This vulnerability closely resembles a previous vulnerability in IIS that was widely exploited.
2cadddd3da04743c36a3a52741d938f5153d72e781d14f364e28bbc175735689
SuSE Security Advisory SuSE-SA:2001:17 - The crontab program is running setuser-id root and invokes the editor specified in the EDITOR environment variable, usually vi. If crontab discovers that the format of the edited file is incorrect, it executes the editor again but fails to drop its root privileges before. Therefore it is possible to execute arbitrary commands as root.
182161b3dc70f9a7f132c01181274899f16022e0ba9631a637b6a2153c99ffd9
NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system commands with IUSER_machinename account privilege. Exploit URL's included.
1f24fde1bac96def60ac10c00a6e82940ada309470835ba73f5d78b25c6f6fec
Microsoft Security Advisory MS01-026 - Three new vulnerabilities have been found in Microsoft IIS 5.0. The first allows remote attackers to execute commands in the security context of the IUSR_machinename account. A vulnerability that could enable denial of service attacks against the FTP service due to wildcard expansion has also been patched. Finally, a vulnerability that could make it easier for an attacker to find Guest accounts that had been inadvertently exposed via FTP. If an attacker preceded an account name with a particular set of characters, the FTP service would search the domain, and all trusted domains, for the user account. Microsoft FAQ on these issues available here.
d77ab68c2a8150465e70f464962e49e04844999e9c5b8e255fb11f56de603c88
Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
370f649ee79d2c9dd8db41d1bf9d7410ab467e9b1096c33cd4873ec6f1f516cb
ICQ 2000b Beta v4.65 Build #3281 crack for all features. Shows all IP's in your contact list, allows you to add anyone to your contact list, removes advertising, and disables auto update.
ce40ed3e4d4851332151e0d5d064a4d3f686c4aaf35cfa75bc3d0e00444d3a34
Juno-z.101f.c is an improved rewrite of juno.c which is faster and better, employing state of the art tcp technologies.
7034741d8df76e307162a2b879428d8089adfc23f40fc52c888726ad41f960f5
Acadsoft's webcgi98.exe displays the full path to the binary in an error message.
87a2492754de406640b736c27877e5fea0ea2bf16f000790a41c42110d3365f5
Red Hat Security Advisory RHSA-2001:067-03 - The minicom program allows any user with local shell access to obtain group uucp privileges due to format string bugs. It may also be possible for the malicious user to obtain root privileges as well.
697cd3fe3544adc24391407f06963c01210253ec84199b9233c9afe9546204f5
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.
1773ac5c19b2ece1d35851a543e2197c342aa77896350fe30acc84b7519bf4ec
ISS X-Force has discovered a buffer overflow in the ?rpc.espd? component of the Embedded Support Partner (ESP) subsystem. ESP is installed and enabled by default on all current SGI IRIX installations.
6326566a243bd93810f222cdd5171dd79f90bd2adba15b8689aaae8416431796
Microsoft Security Advisory MS01-025 - Two unrelated security vulnerabilities have been found in Microsoft Index Server 2.0. The first vulnerability is a buffer overrun vulnerability in the function that processes search requests which allows attackers to run arbitrary code in the local system security context. The second vulnerability affects both Index Server 2.0 and Indexing Service in Windows 2000, and is a new variant of the "Malformed Hit-Highlighting" vulnerability discussed in here.
3198907bcdcc3310a7e0a8bb17d0f7fdfe4d34ec2aa1ba99035ba45dd3f53704