Number Resource Information: ANI II Digit Assignments. This is a breakdown of what the code after your phone number means when you call an ANI2 number such as 101-073-217-709-889-664.
3cd8c0b6bd68e5944d8b6b91421c9055e97de63c2a78ba45754359c7f115b80e
Httptype is a program that returns the http host software of a website. It is written in Perl.
81ef8494eee7dbdd9498c1667188dd13b32279d91685256a3833d86200ff133c
FreeBSD Security Notice FreeBSD-SN-02:04 - FreeBSD ports of apache 1.3.24 and below contain a remote vulnerability. Also affects apache+ssl, mod_ssl, and apache 2.x below 2.0.39. Vulnerability number CVE-2002-0392. The following software included with FreeBSD contains security vulnerabilities if it is older than: Bind9 v9.2.1, courier-imap-1.4.3_1, ethereal-0.9.4, fakebo-0.4.1_1, fragroute-1.2_1, ghostscript-6.53, icmpmonitor-1.11_1, imap-uw (all versions), mnews (all versions), nn-6.6.2_1, sharity-light-1.2_1, slurp-1.10_1, and xchat-1.8.9.
190de2f8e77f94c2146ebab36857701379d3cdb57d6662945eb03a7ba2a9ec3d
Openbsd/x86 Apache remote exploit for the chunking vulnerability. Spawns a shell. Tested on OpenBSD 3.0 and 3.1 running Apache v1.3.20, 1.3.22, 1.3.23, and 1.3.24. Brute force mode can exploit other versions without targets, including some OpenBSD 2.8 versions.
27015d30e73adc35e03cd319117cbd02bd4650cb0af6169cf8ce03433990dc20
Apachefun is Spike script which exploits the new apache chunked data vulnerability. Tested on Apache-AdvancedExtranetServer/1.3.23. Causes a segmentation fault.
9ed9fcf633dfcf3b3a1be428ab70c47b438e1a4d1d7914f38023343154914d01
Cisco Security Advisory - A buffer overflow in the Cisco VPN Clients for Linux, Solaris, and Mac OS X platforms can be exploited locally to gain local root access. This is fixed in v3.5.2.
ef73a328b8f9b09032f81940611868f3dd493833dfba7deb4c0654cc3058b521
AngryPacket Security Advisory - A vulnerability found in the Cisco VPN client for Linux can allow local users to gain root level privileges. This vulnerability affects VPN client v3.5.1 and below.
3f0616261733901823c963b777907ca611ed3bca722aab3941413458f07acfc2
Cisco VPN client v3.5.1rel-k9 (Linux version) buffer overflow exploit which spawns a root shell.
633f9a2103f78fbe980489511980039e5e2dc812f61513bd2d269345191b799a
Apache Advisory - A vulnerability found in the chucked encoding implementation of the Apache 1.3.24 and 2.0.36 and below servers can under some conditions be used to remotely execute code on systems running this software.
3576dbeaf81b78b50b61214cbe4d286dbbfd04b6af6a433d492bc3bd471c2dfc
ISS reported a vulnerability found in the chucked encoding implementation of the Apache 1.3.24 and 2.0.36 and below servers that under some conditions can be used to remotely execute code on systems running this software. Note that the by ISS supplied patch, which is included in this advisory, does not fix this vulnerability.
eda6ad9d37711b41b271339dd3102eebcf86b868e4acbe53efdd0b47ba875df1
TrACESroute v6.0 gold local format string exploit exploit. Tested on Red Hat Linux release 7.2 (Enigma).
14d19acb3a570221091bebb1f7f37f1e180242840c6fa9b621ec65b29374a9ed
Icecast v1.3.11 and below remote root exploit for linux/x86. Binds a shell to port 30464. Tested against SuSE 7.2, Debian 2.2r2, and Slackware 8.0.
766b53ac8f37a9dae4525d7da3fbb07b12711f55801b3625d281dc809594f972
Wellenreiter is a GTK/Perl program that makes the discovery and auditing of 802.11b wireless networks much easier. It has an embedded statistics engine for the common parameters provided by wireless drivers, enabling you to view details about the consistency and signal strength of the network. Its scanner window can be used to discover access-points, networks, and ad-hoc cards. Records the network location with GPS support. The unique essid-brute forcer helps to get the essid of low-traffic networks. Wellenreiter works on handhelds that can run GTK/Perl and Linux/BSD (such as iPaqs). All the major wireless cards are supported. Random MAC switching when joining a wireless network hides your real MAC to the access point, a unique feature.
a725e7f5891752efed8a64832a6a73b96ab9984333e66a484ac4e0b3987d8cc8
Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed. Changelog available here.
5f2d4a7c51fa8824cf1f95fbecbc07656d4da08eb4757f885239745a762ccc70
CERT Advisory CA-2002-17 - Apache v1.3.24 and 2.0.36 and below contains a remotely exploitable vulnerability in chunk encoded data support that is present by default. Remote code execution is possible on some platforms, denial of service attacks are possible against others. Fix available here.
035e534f43dbafda96dff7b5b279ff95900947a1373bd9503afdd764aba7c3cd
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
21de3c6ab3393da5b5aac49d00b183b02fab404cbc3c6e2e332a2a22e2eac4d5
V6scan is an ipv6 port scanner. Checks 14 different tcp ports which are commonly used by attackers.
f20f7d41f2f3d780f5e643237d1cde9cdee372b9796b8c4d71e3dd02efc239b0
Touch2 is a utility which modifies the ctime. Touch(1) can be used to change the last-access & last-modification times on the files (or directories) you read or modify, but doing this will change the last-inode-change time to the current time. Touch2 can be run after touch(1) or other commands.
e212e8543f7fc9793a395b819ddd15f7bb8860e3c81d6a3943007744ce7c0ad8
Magiccard.cgi has a directory traversal bug in the page variable that allows any file on the system to be read.
ebeddfd494c8d0021e0b86e2f8493f37740875b8485e7be7afedc4a1cf819632
Cgiemail has an open relaying bug which allows an attacker to send spam via the web because the developers did not filter out %0a's that are passed to sendmail -t.
0385591b8975110385385d7d239933f23c045c3d5ffef248f5f3557d97865354
RazorBack is a log analysis program that interfaces with the snort IDS to provide real time visual notification when an intrusion signature has been detected on the network. RazorBack is designed to work within the GNOME framework on Unix platforms.
bb701a4ded74bdbab40cda51529ad2df9d2b1522522dd862a74fa99f5b7ad65a
Westpoint Security Advisory - SQLXML allows XML data to be transferred to and from SQL Server, returning database queries as XML. SQLXML has two vulnerabilities - a buffer overflow in the SQLXML ISAPI filter and a cross site scripting vulnerability. These bugs are discussed in MS02-030.
11b451a50a7794ab52be537a852add9ac09a0ab37b6dff3b1edbf49c061125b0
Tping is a TCP ping program.
72a03941aafe05451616951b0b49766935e762add8b4d53fc83376928a2720ee
Wsh is a remote UNIX shell that works via HTTP. The client script provides a shell-like prompt, encapsulating user commands into HTTP POST requests and sending them to the server script. The server script extracts and executes commands and returns STDOUT and STDERR output. Features include command line history support, file upload/download, and it can work through an HTTP proxy server.
b834c4db84d318669ff633451ab7d72bf8e3903505c69f880c2913014e41e80b
Poor Mans IDS is a couple of scripts which check certain files on your host (any you like) for changes in content, ownership, and mode. Rather than only mailing if something is wrong (like other IDSs), this lean IDS will send you a daily (or weekly or hourly, depending on how you set-up your cron job) security audit, containing details of what it found.
298794e2cf9d6abfa7c29c30582db1988cec10ea7123f8b7f3fb6b9c7b1ea774