Defcom Labs Advisory def-2001-06 - The Easycom/Safecom print server from I-Data International contains multiple vulnerabilities that allow a malicious user to bring down the print server. Execution of arbitrary code is also possible. Tested against Easycom/Safecom, firmware v404.590.
d22d8ee0925169a7a2b0a8f0219d7d8ba6ec919d7f13cb955973d4c2a20942ee
Frel-1.0 is a modified version of fragrouter, used to evade NIDS. The frag proxy can run on the same machine as the attacker. It can also run in partial takeover mode, so that the fragmented attack stream seems to be coming from another active machine on the same physical subnet. The neighbor machine runs normally except for the ports being used by attacker. Mods by Lorgor
3ce2bd68b9e2c26ebb95e921e451a302f1fc2d38d553446e801d9ffa8b41bcb3
Defcom Labs Advisory def-2001-05 - Netscape Fasttrack Server 4.1 for Windows NT 4.0 has problems with its caching module. The problem can result in remote users consuming all the server memory and causing the server to perform very sluggishly.
ca08e2925071628845b708a73a9352fb7f6254f780bc277635749cdf7755c9bc
Defcom Labs Advisory def-2001-04 - The Netscape Enterprise Server 4.1, SP5 has a problem dealing with dotdot-URLs which allows remote users to crash the server.
768d61483abe30a51ab1cd66b87cfae17257c72ec3296e35a6747a6f502c5357
Defcom Labs Advisory def-2001-03 - The GoodTech FTP server v3.0.1.2.1.0 does not properly free resources. This can result in the FTP server either crashing or displaying its banner and immediately disconnecting the user.
c21918a2c02a00334025bd3b621aa2fae135833c0f0c2652ea547b1c483be300
Debian Security Advisory DSA-017-1 - With older versions of jazip a user could gain root access for members of the floppy group to the local machine. The interface doesn't run as root anymore and this very exploit was prevented. The program now also truncates DISPLAY to 256 characters if it is bigger, which closes the buffer overflow (within xforms).
004ee072cb6d49b2cf80703984758709a094a0c74519c0c5310e8f243e3969fb
Red Hat Security Advisory RHSA-2001:003-07 - The MySQL database that shipped with Red Hat Linux 7 and the updates for it have been reported by the MySQL authors to have remote security problems.
a0144be31b562e97acf32766b5a13bde7e12fac4482da39f4e8b8096cf33ce43
Debian Security Advisory DSA-014-1 - Splitvt prior to v1.6.5 contains format string vulnerabilities in the -rcfile command line flag, allowing local users to gain access to the tty group.
d940846ee19c1a5b4a9100e965a24819cf6e930fa122210f06a1922f10c02648
Debian Security Advisory DSA-016-3 - Security people at WireX have noticed a temp file creation bug and the WU-FTPD development team has found a possible format string bug in wu-ftpd. Both could be remotely exploited.
e613e2b71abb5721f9de17772038eebb45f58165354a689e60ab630995570812
Nmlog is a nmap log parser which parses nmap log (users output) to html page. Include option to not show ports in state 'closed' and to show owner of the subnet and subnet size.
c1a2b69e221ee93c7e662bdea2c1c1fac769afb93cfca0ff5e1bd4b922e03d47
S.A.F.E.R. Security Bulletin 010125.EXP.1.12 - PlanetIntra v2.5 contains remotely exploitable buffer overflows which allow remote users to execute arbitrary code.
cf9c81ddaf92dbb20861625b99920ff35b98a886458c109b0340d8f647226a3f
How to Defeat NetZero's 40 hour limit by changing a registry key.
7f763e182ad0ee27499c4434a8253f180afda1de13123b843e942ad079185d85
PKC Security Advisory #4 - Icecast v1.3.8beta2 and prior contains remotely exploitable format string bugs which allow remote code execution with the UID/GID of the user running Icecast. Includes PKCicecast-ex.c, a remote proof of concept exploit tested against Icecast 1.3.7 on Slackware 7.0 and RedHat 7.0.
e62ac68d8ec2c2f6b273d6ca02cdbad6ee67e699ea9de3f5912684ee7cded816
PKC Security Advisory #3 - Micq-0.4.6 contains remotely exploitable buffer overflows which allow running arbitrary code with the UID/GID of the user running micq. Includes micRAq.c, linux/x86 proof of concept exploit.
bdeafc53f03fcf3d7fe4fc162d02cad42920f5cca6a62418729e5e987cf1fc0b
PKC Security Advisory #2 - Tinyproxy version 1.3.2 and 1.3.3 has a remotely exploitable heap overflow. Includes PKCtiny-ex.c proof of concept exploit.
9b8487ab46c56a3677f0fd0b25a30f2774de4f0c100682bc5073cbf203ced5eb
PKC Security Advisory #1 - The Oops proxy server 1.4.22, 1.4.6, and prior contain a remotely exploitable heap overflow. Includes PKCoops-ex.c, a proof of concept exploit tested on Slackware 7.0.
ae3fafa2ad77d388455f7d4a62b70e29166ee80961292f51d7b357fd31195cf2
BSD FingerPrintFucker is kld for Freebsd which changes the tcp/ip stack in order to emulate other OS's against tcp/ip fingerprinting.
1eb05bd3a9e71e60138d7d25f22391996dba4ab59dd9157bff76cf07d93e809d
Bounce.c is a simple program to connect TCP ports. Use it just as a telnet-like client and send a SIGINT to make it sit on the background and open the specified port on localhost. Then you can connect on this local port and resume the interrupted session, data-piped.
8c61637268c0eaba97793ac36c9f2ae4cd64864567fcb6940196fbcefadb28f6
Assembly source & binary bypassing the BIOS password of a Toshiba Notebook, all models, as described in toshiba-keydisk.txt.
4a0af277097be14106310930bd212edb5cc3ee66c22384b445759fe31d1fd220
Red Hat Security Advisory RHSA-2001:006-03 - The inetd server as shipped with Red Hat Linux 6.2 fails to close sockets for internal services properly, causing services to stop working when the system had leaked sufficient resources.
26ee89e77c1225e310e1167144b7338d1c66d1e87cb314ea3f258ab54769f139
Microsoft Security Advisory ms00-005 - Windows 2000 Post Service Pack 1 hotfixes made available through December 18, 2000 can cause Windows File Protection to remove a valid hotfix from a system. If the hotfixes were added in a certain order, a customer's system reverts to a version of a Windows 2000 module that contains security vulnerabilities. Microsoft FAQ on this issue available here.
25ef87b72e33cdf7175418c49eb3aee6c42eaaa4e438be678d65482ba6922c34
SuSE Security Announcement - bind-8.x in all versions of the SuSE distributions contain a bug in the transaction signature handling code that can allow to remotely overflow a buffer and thereby execute arbitrary code as the user running the nameserver (this is user named by default on SuSE systems). In addition to this bug, another problem allows for a remote attacker to collect information about the running bind process.
936e9eac95883f538ebdb55426ee35ddc9ab5a894a3dc1e711de8a4395b6c9e2
Microsoft Security Advisory MS01-006 - The implementation of the Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not correctly handle a particular series of data packets, allowing remote attackers to crash the server via tcp port 3389. Microsoft FAQ on this issue available here.
205efd9aed64533ded1e973cad6dfa522182347483a5f8df80bc4686e920a617
Pyros is an attack tool designed to run under Trinux distribution which gathers together several dos attack tools.
9ed890c9f4b21f2b4bdae0d6d797e63e0aa0346ed6b108c1e4fe1ef19ef579e3
Tcpip_lib V3 is a library for Windows 2000 which allows constructing IP's, IP spoofing, attacks, and more. It uses sockets 2 and opens up a raw socket, allowing you to send raw IP headers, do IP spoofing, and play with the nuts and bolts of networking protocols.
9319d57bca9d9a158d419793bfced89ea59bffc1885fada4649bd78f60fcc82f