FreeBSD Security Advisory FreeBSD-SA-02:30 - It is possible for normal users to trace processes from setuid / setgid programs that dropped their privileges, leading to the disclosure of sensitive information obtained by the process from before the privileges where dropped. All releases prior to and including 4.6-RELEASE are affected.
3903dc01778d54fad0e514237a5847cdaf9e1713070ce70bff4f321a01df548b
Fake Backdoor System v1.1 - Binds to a port and waits for a connection. When attacker runs a command known to the backdoor, it will print a cloned response back to trick the user, and then disconnect the user from the host. Will save to a log file of choice (default is fbdlog.txt) which includes the Hostname and Command used by the attacker.
dbd58862ea6f2115690fadce0f1a6542f4250e2cdde34847da748b3f1cacca98
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, uptime calculation, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
ab8aee1caa349efb01c3621967b20ca5b216ac64b8bbe8bf5416baaddb02a9eb
The Cisco VPN3000 gateway lets remote client dictate which maximum MTU to use when sending back ESP frames, regardless of the transmitting capabilities of the physical medium. This can lead to denial of service conditions.
c02c5efceb3de66f0063f72ec5186d0b3d0fd4ffbf6f7b6b4cc5f61471cc7661
CORE Security Advisory CORE-20020528 - CORE SDI found two serious remote vulnerabilities in systems running CDE ToolTalk (rpc.ttdbserverd). The first vulnerability allows remote attackers to delete arbitrary files, cause a denial of service, or possibly execute arbitrary code or commands. The second vulnerability allows local attackers to overwrite arbitrary files with contents of the attacker's choice.
75504d1c72ac1b9946b79d6ddf007725e904b7ac631f6419d6c49bad30d4a5d3
Remote format string exploit for the nn news reader v6.6.4 and below. The vulnerability resides in the code that handles NNTP server responses.
bd02d3ca74768f8d26a7e158028072e79242e1adb157d1507c85bafb371c854e
Ntop is a very useful Unix / Windows network sniffing tool that shows the network usage, similar to what the popular top Unix command does for processes. Has an interactive mode and a web mode for greater functionality and options, shows network traffic sorted according to various criteria, displays traffic statistics, shows IP traffic distribution among the various protocols, analyses IP traffic and sorts it according to the source/destination, displays IP Traffic Subnet matrix (who's talking to who?), reports IP protocol usage sorted by protocol type. In Web mode, it acts as a Web server, creating an HTML dump of the network status. Can be used as a a lightweight network IDS.
f04185f98236b3383b6c507bd0c8cf6dde9bcecb9fff2d85230b19f6cfd13db8
Linux FreeS/WAN provides IPSEC kernel extensions and an IKE (Internet Key Exchange, keying and encrypted routing daemon) allowing you to build secure tunnels through untrusted networks. Compatible with with other IPSEC and IKE systems already deployed by other vendors such as OpenBSD.
224cefb0a215169387e775837367f4250b6a382601b5a71c5804a963e472f677
Network Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
ce443f190b56176f79bec090c3cfebf4184d4768feaf46c489ccd941d64f3664
NGSSoftware Security Advisory - Microsoft's SQL Server 2000's BULK INSERT query contains a buffer overflow which allows remote code execution as LOCAL SYSTEM. To be able to use the 'BULK INSERT' query one must have the privileges of the database owner or dbo. Microsoft Security bulletin available here..
beed091eb087b240ade24c710d5e6642ca80b3f180a2cb4baf37c543862b35d4
THC-Parasite v1.2 allows you to sniff on switched networks by using either ARP Spoofing or MAC Flooding. THC-Parasite is intelligent and its algorithms are designed to bypass the basic switch security. Works on Linux, OpenBSD, and Solaris.
88ed01c5809275069ed28ab27da53c28745abe567a2e31a9d02b41c7f4067e83
Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.
7720fceff4e2052bd743ba4c6d29110e7fde5dc3615c90189669e0bbf07a24e8
CERT Advisory CA-2002-20 - Two serious remote vulnerabilities have been found in systems running CDE ToolTalk (rpc.ttdbserverd). The first vulnerability allows remote attackers to delete arbitrary files, cause a denial of service, or possibly execute arbitrary code or commands. The second vulnerability allows local attackers to overwrite arbitrary files with contents of the attacker's choice.
22c0fd9625e7507ac7ba436ba2683fe7805e6397f326d1f3c38231551ea33b69
Eeye Advisory - The NAI PGP Outlook plug-in in NAI PGP Freeware 7.0.3, PGP Personal Security 7.0.3, and PGP Desktop Security 7.0.4 contains a remotely exploitable heap overflow which can lead to code execution. NAI patch available here.
e7216236aa140bde90e0b6a185d4054a32eb6585e3527ebacfa7d3f1141d1b94
SnmpXdmid auto rooter based on snmpXdmid exploit from http://lsd-pl.net.
94ebe956f7f5a101e3099ef94b7ebd458085d3ce2490d32e37966d74a51c61e6
Westpoint Security Advisory wp-02-0012 - The Carello shopping cart v1.3 uses hidden fields to specify names of executables on the server, allowing an attacker to run arbitrary commands.
9887d380b7d1e54dae208b58a265e0fcad7f19f519c4c30e79789a422c384c4c
Westpoint Security Advisory wp-02-0008 - Apache Tomcat v4.0.3 is vulnerable to cross site scripting attacks by using the /servlet/ mapping. Linux and Win32 versions of Tomcat are vulnerable.
7c8753a353b10b9fcac8e6d4fcd9c7fd8be17eae6139f7796cc2b8b8fa6dea83
Westpoint Security Advisory wp-02-0001 - The GoAhead Web Server v2.1 for Windows NT/98/95/CE, Embedded Linux, Netware, and others contains directory traversal and cross site scripting vulnerabilities. Exploit URL's included.
3e2b101f0ae13c006aead327c7e7c21f64f42fc6791980b2cd6bb6c96186df8d
Security Hardening of Windows 2000 and NT Server Machines - Contains a roundup of good security practices, hardening, ways that windows-boxes are penetrated, and a roundup of some useful tools. Written in 2001.
e9aaaa0f410f24e9705089083e684c2cd647519dbc5bd929756fc5b6a20e511f
The Bea Weblogic server v5.1.x - 7.0 on on Windows 2000 and NT s vulnerable to a data/connection flooding vulnerability that will result in the web service crashing with a report of an error in NTDLL.DLL.
dd160476ade9f37a3ffeb6de0034fa4f92660fc33d0466f882498e45e0c25e92
Local buffer overflow exploit for KDE's artsd v2.x and 3.x.
c4ee9b2be56eb009a8530167e522b3e52eb220e1569d1a0b77a0f7358526114c
Knetfilter is a KDE gui application designed to manage the netfilter functionalities that will come with the new kernel 2.4.x. In Principal, all standard firewall system administration activities can be done just using knetfilter. But there is not just a GUI to iptables command line, it is possible also some monitoring via a tcpdump interface.
b223580a1a846b8ff2a7864e4dc43c5817b3916acb77f9f5b80a64286b19ccec
Motion uses a video4linux device for detecting movement. It makes snapshots of the movement which later will be converted to MPEG movies, making it useful as an observation or security system. It can send out email and SMS messages when detecting motion and includes a web interface.
e66517b4096938fc41e87ef4160b525f2bb08ba7db7590987df880d1481c3fdc
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
33af6d807eeaf4c0964d716cad49f30d00e8e5d85d8ba934522f8049e0cd42e9
X Net Strength is a small utility for monitoring the wireless signal strength of 802.11b cards under Linux. It is written in C and only requires xlib.
93121ff4c722db8739800a554b373ae991dfe5eca022c028f2b4ec4c16441051