slkm-1.0.tar.gz is the first public solaris loadable kernel module backdoor from THC. Features File hiding, File content and directory hiding, Switch to toggle file content and directory hiding, Process hiding (structured proc), Promiscous flag hiding, Converting magic uid to root uid, and Execution redirecting.
17ee6bad714538c7e2f84e0c24b4520aec71d93c1ad872d769c659a16755d851
Several holes in the Solaris 2.7 SPARC/x86 dmispd daemon will allow malicious users to do various local and remote DoS attacks and probably more.
f473b55e73cc713bf480a073d0ec58518887e272f350177275f1a0e6bf9202b6
SILENT CARRIERS AND LINK PROTOCOLS - As we all know, "wardialing" is one of the best entertainments for hacking/phreaking lovers. Sometimes this activity makes us desperate due to the usual "login: password:" repetition that appears in nearly every CARRIER. It's also usual to find Carriers that present us with no message... just a "CONNECT xxxxx". These ones are usually very interesting as you will see in this document.
0016f70f13b234da9325d6e03adca8eb770bf75471838dc6999816120c8fc623
DNS Spoofing and Abuse - Lately on bugtraq there have been a number of DNS abuse related posts.
eb848828857cbf96bbc474104e765b60af9f084713a879f9a967c1bccaf8d2c8
Narrow Security Scanner 2000 searches for 260 remote vulnerabilities. Written in perl, tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.
f86928bc54b74597a5038a3cc2a90cd3ddb0c320b87e44469e0cc5124676df44
Microsoft has released a patch that addresses two issues - It eliminates a vulnerability in the Outlook Express mail client for Macintosh, which could allow HTML attachments to be automatically downloaded to the users computer. It also provides replacments for several digital certificates that are included in IE for macintosh which will expire Dec. 31. Microsoft FAQ on these issues here.
4c353c7131bf3a5b7bd7f4b939cc05d112b85a76c2f89eff1ded98edf83af2e6
Windows Security Update - December 22, 1999. Contains info on the Syskey Keystream Reuse vulnerability, the LSA Denial of Service vulnerability, and exchange server security. Also has news on new PGP export laws, piracy intervention, and firewalls with managment capabilities.
134227411f63bbe975a26bcbc1510a72d52f5f51c65af607255efeeeb4607930
KDE, kmail local email-attachment symlink exploit - possible root comprimise. Kmail older than v1.1.1 is vulnerable.
4afa410db651af6de289d5b36edc2bec4444366a290b9429cec19406217a4680
MindTerm is a complete ssh-client in pure java. It can be used either as a standalone java-application or as a java- applet. The source-code is freely available (GPL). Three packages of importance are provided, terminal, ssh, and security. The terminal package is a rather complete vt102/xterm-terminal. The ssh-package contains the ssh- protocol and also "drop-in" socket replacements to use ssh- tunnels transparently from a java application/applet. It also contains functionality to realize a ssh-server. Finally the security package contains RSA, DES, 3DES, RC4 and Blowfish ciphers.
9e05cb0c4818a3687fc803a9742788ee1dd007913d8e15816f6c9638b7e302cc
Secure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.
9b14e9e77edef9c6ed6fce117ae3bcec8f4ddd0c6bb7f1551bce7eba12e8f807
The Veganizer is a spam counter-attack. It searches the headers of a specified message for all associated IPs and Domains, then sends mail to pre-specified addresses at those servers (abuse@, postmaster@) as well as addresses found by a whois query on the IPs/Domains. The mail sent will also include the original message with full headers.
38f18b4d688c01a7946c45faa5902c1cdcfe373ff7aeeaf85b634eb4e8c52110