Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here. The ability to read packet data from a pipe was enhanced. Printing under Windows now works. New protocols were added.
793ee1a770b6388dce98b7f02eae69b31a8b2172dc69ff3b957376f7df6e8d79
CERT Advisory CA-2002-19 - A buffer overflow vulnerability exists in multiple implementations of DNS resolver libraries (libc and libbind) allows remote attackers who are able to send malicious DNS responses to exploit this vulnerability to execute arbitrary code or cause a denial of service. Most versions of BIND, FreeBSD, NetBSD, and OpenBSD are vulnerable.
ab2ce523296717e16c4b770d5cb8fee2c9f26c02cba6d55db9cf86393b6ffc92
CERT Advisory CA-2002-18 - Openssh v2.3.1p1 to 3.3 contains two related vulnerabilities. A vulnerability in the PAM modules that use interactive keyboard authentication (PAMAuthenticationViaKbdInt) can allow remote execution of code. In addition, challenge response configuration option is set to yes and the system is using SKEY or BSD_AUTH, an intruder can execute code remotely.
f0bdb9401d2ec34c70d96390ea04769cd584fdb46475bc7f213309afd69dc263
Apache Chunked Transfer vulnerability scanner for Windows. Does not check the banner - crashes a thread and watches the web server behavior.
3e68e0de2277390f25d67cca0cf842b102ccb06c392e37ef7b46ac854eb3933c
Apache Chunked Transfer vulnerability scanner. Does not check the banner - crashes a thread and watches the web server behavior.
5ec9ea94220b349493641c961822ad2357bd777cefa64c0475984be489520468
FreeBSD Security Advisory FreeBSD-SA-02:28 - The resolver code in libc contains remotely exploitable buffer overflows which can be triggered by specially crafted DNS replies. Since practically all Internet applications utilize the resolver, the severity of this issue is high.
6b83374a39e412e4999a84b174fc3453b24b595ee4e431b7b09f863588791bbb
.htaccess file that spawns a bindshell on tcp/31337 on OpenBSD 3.1 when accessed with Apache 1.3.24.
98fa0666b718a74a6e25b8e7cd86655ffb097349e61b12c97d021e02b4e3a61f
Telindus router 10xx and 11xx remote exploit.
404bb0a35d5c7eda3c26b9a45719176438cf8347496440a97caa87b792e26489
SADoor is a non-listening remote admin tool for UN*X systems. It sets up a listener in non-promiscuous mode for a specific sequence of packets arriving to the interface before allowing command mode. The commands are sent MIME64 encoded in the TCP payload and decoded and passed on to system(3).
adca228af7d0d71aad7bc8730e790bd926914fa6f09fbcc013832fd8d2e99b06
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
c87d74989bb2fa4677069978e07135e90954575cd8f07eb36fcbe48c2e957963
Unreal IRCD v3.1.1 to 3.1.3 denial of service exploit.
a655ff6119c077cef8aab063446e8798beeb633496ea38743ce791c016fc7c53
Perl portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault, does not rely on nc.
fe582a0b59e79190c792456893c0e6ffd8bbc9455f52dbd128886a3d61fdbf3b
Solaris shellcode which connects /bin/sh to a host.
7105b1a5934562817ac8b4648dbb1d376c3196fa3197f0e7cbb67801751fa84a
Sharity Cifslogin Buffer Overflow - Several command line options can be made to crash /opt/cifsclient/bin/cifslogin, local root is possible.
8f90a70db1881faaf91f285d05768df02e91bbfd9008ee9584cc954887ea8e03
Pacgen v1.0 is an Ethernet IP TCP/UDP packet generating tool for Linux. This tool enables custom packets with configurable Ethernet, IP, TCP, and UDP layers as well as custom payloads. Experimental ARP generation is included.
17711616eeb190b4072059df332add743bf8e6d38f655b9591b339d204382e27
SuSE security advisory SuSE-SA:2002:022 - A vulnerability found in the chucked encoding implementation in Apache versions 1.3.24, 2.0.36 or prior can be used to remotely execute code on systems running this software. This vulnerability affects SuSE linux version 6.4, 7.0, 7.1, 7.2, 7.3 and 8.0.
ce8ba2d791adb635b35fc3b8d33f6e9301d4f13b38160ba2947052e99fe0e54d
SGI Security Advisory 20020605-01-I - A vulnerability found in the IRIX xfsmd can lead to the remote root access on a vulnerable system. Affects Irix v6.5 through 6.5.16.
c8508fa83da8c2672e55dc46dd4d9131c93d5bae6d08fe32083d3464562b427e
IRIX xfsmd remote root exploit. Tested against Irix v6.2, 6.3, 6.4, 6.5, and 6.5.16.
c6084d769bc0885efa3d141525b7b1d3d51a171754bb048f0ab470504dd03df1
OS/2 Packet Filtering - OS/2 machines are good for firewalls and the packet filtering code is not documented.
b29e4d725b175185aff3453a96c66cfee2d5f61236360843bd74d04b2b96b862
Third party Cygwin port of apache-nosejob.c, an Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
38a805dabdb402fd99b38a4ad893f01de6fd824eddaac965f0bc839fa1b5bbc0
Microsoft IIS 4(NT4) and - IIS 5(Windows 2k) .asp buffer overflow exploit. Includes targets for IIS5 Chinese SP0, SP1, and SP2 and English SP2. Binds a shell to port 7788. Includes brute force mode.
cff7c84fef9c4f74d0c37c73407a5acab0f309b70a8a522033b68e5349f2fc61
Apache v1.3.24 remote exploit for FreeBSD, NetBSD, and OpenBSD. Includes targets for FreeBSD 4.5, OpenBSD 3.0 / 3.1, NetBSD 1.5.2, and brute force mode for several versions. Attack is usually not logged unless server is patched.
5a75ae577a5a12c9bb55acb0331e7d91c88802723564bd02fc6f7ab9ad874070
Portable Apache remote DoS v1.3.24/2.0.38 and below based on the recent flaw in chunked encoding. Causes a segmentation fault.
911ee87d5b5c009e0fb65666de07aea43ac0990422525390fa82bfe42569d288
The Bruteforce Exploit Detector is a perl script that remotely detects unknown buffer overflow vulnerabilities in FTP, SMTP, and POP daemons.
eaebbc57c063f042768e1e48e905fb72b2febda3706c7e9ffc05142750b5e0da
Snort IDScenter is a GUI for Snort IDS on Windows platforms. Configuration and management of the IDS can be done using IDScenter. Main features are: Snort configuration wizard (variables, preprocessor plugins, output plugins, rulesets), alert notification via e-mail, sound or only visual notification, alert file monitoring (up to 10 files), MySQL alert detection, Log rotation (compressed archiving of log files), AutoBlock (using NetworkICE BlackICE Defender you can block attackers IP's that Snort logged), integrated log viewer (supports text files, XML and HTML/webpages), program execution if an attack was detected, test configuration feature, etc.
cb934628151614ea721639e8cd996e13cf36a749a3de01353bb96a110ea3ba2d