Fmond is a daemon coded for FreeBSD that will monitored targets which may get modified, written, deleted, or renamed.
a45d6b7844b36900e6fc03c192a17725e25f49db2a7d7b86f22ca671bad09326
Phrack Magazine Issue 61 - In this issue: Advanced Doug Lea's malloc exploits, Hijacking Linux Page Fault Handler, The Cerberus ELF interface, Polymorphic Shellcode Engine, Infecting Loadable Kernel Modules, Building IA32 Unicode-Proof Shellcodes, Fun with the Spanning Tree Protocol, Hacking da Linux Kernel Network Stack, Kernel Rootkit Experiences, Phrack World News, Loopback, Linenoise, Toolz Armory, Phrack Prophile on DiGiT.
e6a0a5ed5a22e29091c728535d6b604f0d711b8f3bca3df75ee99f549b55729c
DCOM remote exploit for the Win32 platform utilizing the issue discussed here. This version has 73 offsets including all of the magical offsets.
ac96ce44fd5fd3c9c11ad23c63657ff0608e54e19ae13e19e932ec358ea62a04
A cross site scripting vulnerability was found in the 1.3.x and below versions of the NewBB PHP forum.
00d96f7169f7641a97347e52b62e2660900b9502f3e7ee0e9f0830b0edd7b6c5
Scanner which utilizes the RPC DCOM vulnerability in the Windows operating system.
7f4d78105fc32e93af5fc8af6bbc147010e5a26d76e6da97e1f658a24335a14a
The Best Buy Employee Toolkit software program has a URL Parsing vulnerability in the configuration screen that could allow an attacker to hijack certain network connections or read plain-text passwords.
99a147e6df46debfd1a83e1d35b47fcb2186a94abb792619a49a528fb9f01c29
Mapquest.com suffers from a cross site scripting vulnerability due to limited bounds checking.
ea94e58e0a0722208813acd950ff9cb083bb6fd92c16e590df7b75b0288efd5e
DameWare Mini Remote Control Server version 3.71.0.0 and below remote exploit that takes advantage of a shatter style attack.
5c712a4f542291267b08b72cc9926fb4e80de1975410636955d039584f5add15
CERT Advisory CA-2003-21 - The systems housing the primary FTP servers for the GNU software project were compromised. Valid hostnames for this machine were gnuftp.gnu.org, ftp.gnu.org, and alpha.gnu.org. The compromise took place in March of 2003 and it is possible that malicious code may have been injected into various software distributed from this server.
d7df7a407fea77a7763785762a75814d0d1ba7380567a8719be1d0cb89bb54f2
White paper discussing the optimization of Network Flight Recorder (NFR) and attack signatures overall when it comes to the MS-SQL Hello buffer overflow.
11d3392d38ac8c051deb47be35bf9f3a5a66cdda19d1fc943a0d0bb58c5abdaa
SGI Security Advisory 20030801-01-P - It is possible to create a Denial of Service attack on the IRIX nfsd through the use of carefully crafted packets which cause XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit.
c8555a9a5b384e2c2b2c17225b0c097f292cea81bae358a367064a71388393f1
Multimap is a multithreaded wrapper for nmap designed to run a number of concurrent nmap scans and speed up the scan of large networks. Optionally it will launch amap on the open ports and generate an HTML file of the results. Tested with nmap 3.27, 3.30 and amap 4.2.
ebc5b68e699ee6a3b460975e89a6c51d435ea997da9bce70b118d29a9b3d81f1
Packet Storm new exploits for July, 2003.
f30e71405e81c32a5acb4be617f791784c6cc8f8eafa46dcda3b28944c276f45
FreeBSD Security Advisory FreeBSD-SA-03:09.signal - Systems with the device driver spigot added into the kernel configuration are susceptible to a denial of service attack due to improper validation of signal numbers.
c87f33e96c8be65778ca953502578c8425ff00101734e66ee8d4c460da100569
Paper discussing how the Resource reSerVation Protocol (RSVP) is used within the Subnet Bandwidth Management protocol (RFC 2814) and is vulnerable to allowing a rogue host to hijack control of a server via the use of priority assignment.
a784b06a39d986e6dcbd5f350d4ebbf3f646da4776903e5d2db061756436979f
Coreography is an open source utility for browsing memory images on a Pentium based Linux system. It allows users to search through core dumps, ELF executables, libraries, object files, and even currently running processes. It was designed with simplicity in mind but is very versatile at the same time.
1e63b015698902272ebde05e271b34a69542d5e15d34573e080a53cc5f488286
Packet Storm new exploits for February, 2003.
56b6ce1737cf291ed367043a6093f98c942e2ffafe4f83b8be26a04711cc0ad8
IBM DB2 local root from bin exploit that makes use of the fact that /usr/IBMdb2/V7.1/lib is left world writable after a default installation.
af0f255f31a50691e25984454e0d874e5554b1017742155e36928b25e81ea632
realpath(3) lukemftpd remote exploit for FreeBSD 4.8 that makes use of the off-by-one error.
97c90d5b2ccc417562521347fcbe9c9fa3363dd44b3ea5d475b6f7b255d0c086
The D-Link 704p router with firmware version 2.70 is susceptible to multiple denial of service attacks via excessively populated URLs.
259dfe21c118eba6461f050b76150dcde4b4c110bda548460ad171c05429eaea
Local root exploit for slocate on Linux-Sparc.
4120fc3b286e38064f2f473b07a64a039c06d26733b33dc3ed74f8aa307fa14c
CERT Advisory CA-2003-20 - CERT announces that the exploitation of the RPC/DCOM vulnerability on Windows has now taken the form of a worm known as the W32/Blaster worm. This worm retrieves a binary that is then used to launch further attacks and is poised to launch a denial of service against windowsupdate.com.
d0e25a4a85c54bd50ad5e142ccb2f76e9828730a435bc2804f3ba2ff79e33d2a
Half-Life client version 1.1.1.0 and below remote exploit that binds a cmd.exe on port 61200.
3f14ae28b795a3f58ee2ba95559f9d3f1d23e8d1fa3c96ba0a630644c8a96623
SADoor is a non-listening remote administration tool for Unix systems. It sets up a listener in non-promiscuous mode for a specific sequence of packets arriving to the interface before allowing command mode. The commands are sent Blowfish encoded in the TCP payload and decoded and passed on to system(3). First non-beta release.
ffc45768392cf09fe2900f34b446cd2d7cea37006a4380209f4b224ae58e4b13
VBulletin version 3.0 Beta 2 is susceptible to a cross site scripting vulnerability in its new member page (register.php).
82b507f123b10ff88ea31cb0f462ee386a7460f3528905be6623a60bcc1ae7b8