Xcon 2005: Profiling Malware and Rootkits from Kernel-Mode
f35044fbda6b53c3159c28d612cabdbcf4ab5bf98de1368f2d90bf6256db271e
AOL Instant Messenger (AIM) contains a buffer overflow in the code that is responsible for parsing requests to run external applications. The overflow can be used to remotely penetrate a system and it is not possible to block these requests in the AIM client. No client side fix is currently available.
946194c0c09dedf0c32dd70f3f60b1ba047cf82d56205fa98f75e4a934abf0cb
Multiple Microsoft Products for Mac OS contain serious remote vulnerabilities. Affected software includes IE 5.1, Outlook Express 5.0.2, Microsoft Entourage, Powerpoint 98, 2001, and X, Excel 2001 and X, and Microsoft Word 2001. The problem lies in the handling of a lengthy subdirectory in the file:// directive.
0d1685a0d3bfbd5389152c55e3cb7bd952d9225c2961bbf6c7cd577e029199b4
AOL Instant Messenger remote buffer overflow exploit. Affects AOL AIM for Windows stable v4.7.2480 and beta v4.8.2616. Over 100,000,000 users affected. Included shellcode shuts down the AIM client.
8720c24ba34092c4259dac1c30012a1a280c1dcffb617e2d23c9a40f5dd53caa
SRS is the largest syslog implementation for Unix (or any operating system). It has its own original protocol to ensure reliability.
0fd0e6892167da1e606927d561a9e887736528832ccc7edaad63a0f88a3d3fc8
ShokDial 4.1, an excellent war dialer for linux. Another great tool from w00w00. (
6aa7cc188631daa5591a9acabe45496868ad48f504156338dcca6f633bc30452
Excellent whitepaper/tutorial on Heap/BSS-based overflows, including very thorough explanation of what heap-based overflows are, several methods of exploitation, demonstrations, and some possible solutions/fixes.
5e75e6302f280fc0e1ee1bb212add9cca029460e216a013a8e73773a4ed48d27