napalm-11.txt
Napalm Magazine issue #10 - In this issue: Security Holes in Remedy Client Installer, Multi-Technology Automated Reader Cards (MARC), and Chaffing as an Alternative to Encryption (Part II).
View Articlenapalm-12.txt
Napalm Magazine issue #12 - In this issue: Local DoS in Solaris 8, Why chroot(2) sucks (includes a linux kernel patch to secure it), DSL and Ma Bell, BBS list, and more.
View Articlewebcache.pl
Proof-of-concept exploit for Oracle9iAS Web Cache/2.0.0.1.0. Creates the file c:\defcom.iyd. See def-2001-30.txt for more info.
View Articledef-2001-30.txt
Defcom Labs Advisory def-2001-30 - Release 2.0.0.1.0 and below of Oracle9iAS Web Cache contains buffer overflow allowing remote code execution or denial of service. Four tcp ports are affected - 1100,...
View Articleptracekm.tar.gz
Ptracekm is a kernel module for Linux 2.2 (Possibly 2.4, but untested) that blocks the ptrace() syscall for all users except root. This should effectively prevent local root from being gained via the...
View ArticleNmap Scanning Utility 2.54 BETA 30
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be...
View ArticleStMichael_LKM-0.06.tar.gz
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for...
View Articlems01-052
Microsoft Security Advisory MS01-052 - The implementation of the Remote Data Protocol (RDP) in the terminal service in Windows NT 4.0 and Windows 2000 does not correctly handle a particular series of...
View Articlesms.208.java.clipboard
Sun Microsystems Security Bulletin #208 - A vulnerability in the Java Runtime Environment (JRE) may allow an untrusted applet to access the system clipboard. Netscape 6 is vulnerable if the JRE...
View Articlesms.209.rpc.yppasswdd
Sun Microsystems Security Bulletin #209 - A remote root buffer overflow vulnerability has been discovered in rpc.yppasswd. Vulnerable versions include SunOS 5.8, 5.8_x86, 5.7, 5.7_x86, 5.6, and 5.6_x86.
View Articlesms.210.ufsrestore
Sun Microsystems Security Bulletin #210 - Another local root vulnerability has been found in ufsrestore. Vulnerable systems include SunOS 5.8, 5.8_x86, 5.7, 5.7_x86, 5.6, 5.6_x86, 5.5.1, 5.5.1_x86, and...
View Articlesms.211.xntpd
Sun Microsystems Security Bulletin #211 - The Network Time Protocol daemon, xntpd, contains a remote vulnerability. Affected systems include SunOS 5.8, 5.8_x86, 5.7, 5.7_x86, 5.6, and 5.6_x86.
View Articlems01-053
Microsoft Security Advisory MS01-053 - Binhex and Macbinary files which are downloaded in IE 5.1 for Mac OS X automatically execute, allowing attackers who run a malicious web site to run code on...
View Articlecrashrouter.mrc
Mirc script which crashes Cisco 600 series routers with CBOS of v2.4.2 or below. Uses proxies.
View Articleeraser52.zip
Eraser is a utility for all versions of Windows which securely deletes data so it can not be undeleted easily.
View Articlegen.c
RWhoisd by NSI remote format string exploit affecting v1.5.x. Overflows the -soa directive.
View Articlexscreensaver-3.34.tar.gz
XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also...
View Articlepspa-2.4.13-10.tar.gz
The Linux Port/Socket Pseudo ACLs project is a patch to Linux kernel v2.4 which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally...
View Articleinflex-1.0.10.tar.gz
Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for...
View ArticleStMichael_LKM-0.07.tar.gz
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for...
View Articleptrace24.c
Ptrace24.c is a local root exploit for linux kernels prior to 2.4.9. Works on openwall patched kernels. Uses the su, newgrp, or screen +s binaries. Originally by Nergal. Improved by sd.
View Article
