Forbidden Knowledge Magazine. Issue 6. Includes: Memory and Addressing Protection Part Two, Silly PGPDisk Bug, Playing with Nokia and Ericsson Cellphones, Securing RedHat Linux 6.0, RedHat 6.0 LILO PAM Filter workaround, Java Personal Webserver 0.9 DoS, Ripping off Arcade Machines, A guide to Linux/FreeBSD IP Firewalling, Windows backdoor Stupidity, A Study of the CyberTrade Extranet, Telkom Identicall Glitches, Making free calls from Blue Payphones.
2c73471b0f977965a741094afcde6b594941741f27dfa5e07f8d4fa98e7a9e20
A daemon which kills shells with idle time above a certain limit.
8818b38a84283a859e30dd27f85c70af3e475a7baf52cfc154568f631e07ceff
Classic bindshell. Used for SUID ftp exploit.
c40be6745115ca2908b272e55fc7e0bc73dd1a60843c8958e369f89e8c815b24
suid_small.jpg
069725f9c2fe7abd094735bb71ce9fce843da37f82c9c469a6e2d2534c5aac8f
Internet Viruses Advisory.
0d34fe14b264678a549e8138baf52f4e5746f67aea9282eec66789c3f1814813
VMware v1.0.1 and earlier for Linux contains multiple buffer overflows, allowing local users to obtain root access.
b4af5a19417f6767957e9e244e383de7c8ba141ac0f7fc754801d29cc0d227a3
Cable modem/DSL users using Windows with shares enabled can allow unauthorized users to access their data. Password protected shares are also susceptible to brute force attacks.
3e3e2e07ba6567defa58aa61b67162507fe04eab168a893cf8a715467d1af3d5
Team Asylum has discovered a vulnerability that exists in iHTML Merchant which would allow a malicious hacker to (at the very least) view the protected files in the website's administrative section, giving the attacker the ability to view credit card information. If the iHTML Merchant is being run on Windows 95/98/NT the vulnerability is much more severe. The vulnerability exists in how iHTML Merchant parses code. The attacker could: 1) Delete any file on the server 2) Write a file to any folder on the server. 3) Upload a trojan. 4) Steal credit card numbers, and other hidden information. If the iHTML Merchant is being run on UNIX, the possibility exists that the web site could be altered. These findings reflect the default settings for 95/98/NT and iHTML Merchant.
b1646822c7aa0f1604e4beccd66d0c27cb5d8c69f72132694bb5424c97673a8f
A denial of service attack exists in build 733 of Yahoo! Messenger. The vulnerability exists when Messenger leaves port 5010 open. When a connection is made on port 5010, Messenger crashes. The connection stays open until the user closes the program. Malicious users can not only crash Yahoo! Messenger users, but it also gives them the capability of scanning and detecting Messenger users across wide networks by simply scanning port 5010.
ca10833671b0a05e2aa0dd3c6363b8b4c0a78d50c0f71d010c153818e2940d03
Winfingerprint 2.10 is a console based Win32 discovery tool. It is written in VC++ 6, and is currently in the process of being developed. Now enumerates Service Pack Level and Hotfixes.
d0f8937b2e30fcd9fd8cfeed793e88bf18b29b63f7905e0aac430d31abc68fa3
The SINUS firewall. For linux 2.2.x kernels. The only firewall under linux with a portable GUI interface, which works with JDK 1.2 under Windows, Linux, OS/2, Solaris and more. Supports NAT. (Official Site).
6625c8332d9d5d985c7588bde9ec61fbfd5799f4a58909c99f1ee48e0b2a0d30
An analysis of the PC Week Crack of an Apache Web Server running on Red Hat. An extremely interesting article to read, describing in detail how a cgi on the box was exploited. An application of the excellent article by rain forest puppy on manipulating perl in Phrack 55 (a must read).
dec0da0db3a4bcaf50ad010fa6a750a1b14e7debeca6ad56ad3b0c8fec487092
Archive of the PC Week html/code/exploit.
5320c4922039ec7478f3c839f6d8ca6456b5d6bffeb47ac8bfc6b00c0b49f63e
IC3D Inc's Newsletter for September 1999. As a DOS executable.
0423d7aeadd9f53b5f66203786f99c39f84280aa92cc64500c520accdd3ce13d