Vulnerability details and example exploit for Microsoft Active Setup control's unsigned CAB file execution vulnerability. Patched in November, 1999, the vulnerability was so severe that almost any kind of break-in was possible into unpatched IE client machines.
1684ad0afbda5162d8019379c7e169866a47682a78b0a41d05b5b936c363c1ae
Georgi Guninski security advisory #8 - There is a vulnerability in IE 5.x for Win95/WinNT (probably others) which allows executing arbitrary programs using .chm files. Microsoft Networking must be installed. Demonstration which starts wordpad here.
36cf5adf9fed04673b3b5f1b78c820e4d91c6d87aaadd7695c5310bb6022635e
ISS Security Alert Summary 5.2 - Summary of vulnerabilities discovered in February, 2000. Contains information on vulnerabilities in trin00-dos, netgear-multiple-dos, sambar-batfiles, win-media-dos, win-active-setup, siteserver-sitebuilder, netbsd-ptrace, netbsd-procfs, ie-image-source-redirect, sco-openserver-arc-symlink, iis-frontpage-info, and outlook-active-script-read.
89cecfdb05cb343985151b82b3473e9791dfd89baa14bde9b015b5bf1524206d
Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 330 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
f5dbdca22638926f20d4a7510029c2abc5a8fdac7178825c951f9bb5477e5e58
FreeBSD Sendmail 8.8.4 mime 7to8 remote exploit.
3026d76cd6cb15ace5c52d53c41a42d7e7c68d1c3c01f24851a28d0322a18da5
Remote exploit for Mailer 4.3 - Win 9x/NT.
8489a9fa3a8de6bd2c521aaa002ea3a9880cd2f51635511e93ad7c1dc7c75f96
GASP stands for 'Generator and Analyzer System for Protocols'. It allows you to decode and encode any protocols you specify. The main use is to test network applications : you can construct packets by hand and test the behavior of your program when faced with strange packets.
aeb10abf5c4b4cbe7aa1d5fc7e13d8d5ea67db71c16cc311304581cd45f24d3e
Windows Security Digest - In this issue: TelnetD Subject to dos, Windows Media Services dos, Systems Management Server Might Allow Elevated Privileges, Wordpad Can Execute Embedded Code, Internet Explorer Allows Component Regression, News: Echelon: Nothing Sacred, Feature: Add Fuel to Your Firewall, Tip: Disable Source Routing on Windows NT, and Review: Hackershield 2.0.
08e4febd38622c0776a772f2584118e264e03423d7f84cfb9c5ebd600e04f367
Decrypt Maus Trap passwords, a Win9x desktop lock down tool. Source included.
cee06ccc56185ba5f2598caeccf80f3a091926be4713d63569cf40302d068014
SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels. It is intended as a replacement for rlogin, rsh, rcp, and rdist.
91577b479979daba3c52dc33dfa2fd307c6dedb3e07b1ff02b6ef5319e4611d9
Etherape is an etherman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based.
a2bfca5725a08fb9266b7a4c1fddbf7525b95d78f87960f53c4bcdafd729c5d0
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
0f23bcf5fe7eea7431d64bf0c70686c0cdf278cb9cdb81234a2cfead9233e81b
Default Newsletter Issue 8 - Contains Default is back, Firewall basics, Biometrics security devices, Windows NT Security Check Part I, Credit Card authorization process, Trendy security, A DDOS defeating technique based on routing, and a guide to backdooring Unix systems.
ac2aaa9dae4cefa5e1ea1d5bc08cb0dabb538fd9a4213b7a48d60182f76a3284
Getpop3 POP client for linux local root exploit - make any local file world writable.
7719521455848e7d654262495d9a48609860cc59ad1edd33a49d56c3bb2d61d2