Linux 2.2.X local exploit - A new local bug in the 2.2 kernel has been discovered. Using the "capabilities" bug, it is possable to exec sendmail without the CAP_SETUID priv, which makes the setuid() call which drops privileges fail. Large chunks of code which were never meant to run as root do, exploiting this is trivial. Working exploit for sendmail + 2.2.16pre5 and below is included.
965ce9baf1810f15a570d4dbd22d0f6ca892ee2315f31ff40c37fd8a322944c1
Raditz is a hacked replacement for the tripwire binary which never actually gets tripped. It attempts look and feel just like tripwire, allowing you to hopefully remain undetected on a rooted system just a little bit longer.
8075caab5562e90e85f1c6b992a6dbc8e903553b2ef3998a11ad55a36cd30773
Delphis Consulting Plc Security Team Advisory DST2K0011 - Buffer Overflow in HP Openview Network Node Manager v6.1 for Microsoft Windows NT v4.0 Workstation (SP6). By using the Alarm service which runs on port 2345 and is installed by default with HP openview network node manager, it is possible to cause a buffer overrun in OVALARMSRV, causing the EIP to be overwritten and allowing the execution of arbitry code.
53187d5cc8489d16517a4cf34b199ff2d209001ce4aa0b95b2f6e55c2e83c5b5
Delphis Consulting Plc Security Team Advisory DST2K0011 - The CMail Server v2.4.7 under Windows NT is vulnerable to a buffer overrun in NTDLL.DLL. By sending a long GET request to tcp port 8002, the EIP can be overwritten and arbitrary code execution is possible.
946d10f4fc740a5dbde0d93d04f4f2215477442195f130719d2903cf58a842de
Delphis Consulting Plc Security Team Advisory DST2K0010 - Two vulnerabilities were found in Ceilidh v2.60a for Microsoft Windows NT v4.0 Workstation (SP6). The html code which is generated by ceilidh.exe (example URL below) contains a hidden form field by the name of "translated_path", revleaing the true path. By using a specially crafted POST statement it is possible to spawn multiple copies of ceilidh.exe each taking 1% of CPU and 700k of memory. This can be sent multiple times to cause resource depletion on the remote host.
a6cda6dae6a389943157179ee378334ec7371c8e332286018cbcdb607a039b2e
sscan2k is a remote auditing/vulnerability scanner which determines remote OS, and scans the host for applicable vulnerabilities. Features updated vulnerability checks, a scripting language, support for plugins and addons, configureable OS fingerprints, dns zone and subnet scans. Based off sscan by jsbach.
e2be5ced88ce06701e0d2a7db26865443180d8781bcf73eb59d9ca6eba9ccc71
Patch for linux kernel 2.2.16 to discard packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags.
3afd597d33e4eae9f02c625121bd9900ba6799e9aec0af5a3c05a171a75ad302
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
7f9598b3b3eb386ced492751f9786fd40fe4771ba7d9639d5d96810865e8e97b
VeteScan is a bulk vunerability scanner containing programs to scan Windows NT and UNIX systems for the latest trojans/remote exploits, a scanner for the vulnerabilities of single hosts (with or without host checking), a tool for scanning multiple hosts, a scanner for class A/B/C networks, and fixes for various vulnerablities.
87fc8aecd2600f1a6069a61e59208d320a96ab149b9174c61edd19826796a0a6
Windows Security Update June 7, 2000 - In this issue: Internet Explorer-Compiled HTML Might Run Unauthorized Code, Protected Store Key Length, Media Encoder dos, SQL Server 7.0 SP1 and SP2 Expose Admin Password, Imate WebMail Denial of Service, Buffer Overrun in ITHouse Mail Server, Buffer Overrun in Sambar Server, News: Microsoft's New Security Server, Tip: Event Log Security ID Descriptions, Windows 2000 Security: Creating a Custom Password-Reset MMC, Writing Secure Code: Bind Basics, and the Havenco data storage facility.
b5c531d0dc96258b829de1f3f2f95e1a6a5b7ffa391ae32eba71c9dc81852acc
Internet Security Systems (ISS) X-Force has discovered a vulnerability in the i-drive Filo software. i-drive.com provides web storage services for over 1.5 million users. The browser-based tool, Filo, allows users to clip and save any web page to their i-drive account. Filo is designed for saving important pages found on the web such as investment research, travel confirmations, and e-commerce receipts. Affected Versions: Filo file version 1.0.0.1 for Windows NT (SP5) is affected.
6c8a6f18158ddf0de0850c9afbdc8b697fb5d9987dd442cd7ad4ca1c9bedf826