Server Scan is a simple tool for detecting web servers on a network. Created originally to detect unauthorized web servers on a network, server scan can serve many purposes from detecting unauthorized web servers to checking what types of web servers are running on your network. Server Scan is compatible with Windows 95, Windows 98, Windows Me, Windows NT 4, Windows 2000, and Windows XP.
33a20c4ac6e5e81d98e320a88e45b9886a7df5d4b42c74486b74b559a63d2301
/bin/su tru64 local root exploit. Works even with non-exec stack enabled.
7191ae0c7ab446286470772096239fc512f0f6319ed88e297d994f5cdcdd45ea
OpenSSL Security Advisory 20020730 - The client master key in SSL2 could be oversized and overrun a buffer. This vulnerability was also independently discovered by consultants at Neohapsis (http://www.neohapsis.com/) who have also demonstrated that the vulnerability is exploitable. Exploit code is NOT available at this time. The session ID supplied to a client in SSL3 could be oversized and overrun a buffer. The master key supplied to an SSL3 server could be oversized and overrun a stack-based buffer. This issues only affects OpenSSL 0.9.7 before 0.9.7-beta3 with Kerberos enabled. Various buffers for ASCII representations of integers were too small on 64 bit platforms.
f9af83be02ac077e9b59190ae57ec592f7eb9e27cb03ce973e0d3f9558b73883
CERT Advisory CA-2002-22 - Microsoft SQL Server 7.0, 2000, and Desktop Engine 2000 contains a dozen serious vulnerabilities that allow remote attackers to obtain sensitive information, alter database content, compromise SQL servers, and compromise server hosts.
575f598787931e113b5894b9cdc0eb1653353cde6659e50dc4feae91d71aaadd
Razor Advisory - A locally exploitable vulnerability is present in the util-linux package shipped with Red Hat Linux and numerous other Linux distributions. Chfn and chsh are affected. Tested against Red Hat Linux 7.3 and below.
f33c78e000c95226dc9e980eef83fefd8f6895c01bda0b30a85f012ad3ca7906
IE gopher buffer overflow exploit. Tested on W2k Korean and Wme Korean.
85e52c61271025804b7c1b580740ed4678d9ae456002868ea97d71c273e26b37
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, uptime calculation, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here.
39298010712f2998aaf000413f139c0641cf0eaaaa9dc9b48835da6341cbca4a
SnortConf is a tool that provides an intuitive menu-based text interface for setting up the IDS tool Snort. It also provides error and sanity checking on user input, and an online help facility.
79315da95214e1820919debe85714fcdaf1ce062802bfe4ba31554dacd0f1a77
Shadow mailer 1.1 Anonymous e-mail sender/bomber.
8667c9e5712018fe5a28a30569cfeb362eb34cc6dc9db4f4d6ea56842c557d77
IPSwitch IMail Server v7.11 remote system exploit. Overflows the GET parameter in the Web Messaging daemon in all IMail versions to date. There are over 49 million users of IMail worldwide. Patch available here.
35c821776d9bb0af1fc4b049f211ca07fb58ac7eecd2c428058fac0629803de5
IPSwitch IMail Server v7.1 security patch. Fixes overflow described in imailexp.c.
225b746db3f3c62ebeef99e4e58c94b647123eb0232661ac368a904b0241eb3e
Novell GroupWise Internet Agent 6.0.1 sp1 contains a buffer overflow in the smtp service which can be exploited over port 25. Tested on Novell NetWare 5.1 sp3. Fix available here.
a176e4e5a0799c3a71f7a3f6764dbd5dc8b33db8e6a3951197adf2671d937e12