iDEFENSE Security Advisory 04.14.04: The Linux kernel performs no length checking on symbolic links stored on an ISO9660 file system, allowing a malformed CD to perform an arbitrary length overflow in kernel memory. Symbolic links on ISO9660 file systems are supported by the 'Rock Ridge' extension to the standard format. The vulnerability can be triggered by performing a directory listing on a maliciously constructed ISO file system, or attempting to access a file via a malformed symlink on such a file system. Many distributions allow local users to mount CDs, which makes them potentially vulnerable to local elevation attacks. The issue affects the 2.4.x, 2.5.x and 2.6.x kernel. Other kernel implementations may also be vulnerable.
37ae99b004272092f2bfb32d3b0aec033f6d0b99842d8d8cde738ec767346788
IRC channel key cracking utility. It attempts to crack the key to a given channel by using words from a file.
ab422cee8737ea8e5c574c2dc3cf07dd3b8bbbd6278ed4df240147fec34a9a96
Symbian SIS file dumping utility that allows for analysis of potential malware without actual installation of files. It provides information on file headers (UIDs, Version, Number of Languages, Number of files), file list (Destination name by default, Source filename and file type).
d54ac18aa8d178115a015817d8e70d42a716e4539b7ed6ca335d959292094899
Proof of concept demonstration exploit for cdp versions 0.4 and below.
71e8dcfd75673f8e3b2dd6868f7308fc0129309e7be74ce7e3020b9fd0c39176
Brief tutorial on using gdb for developing exploits.
dd65c2569a794f3b7b150515a3f2ed9f78bfb12095612a88d76604a4d0f3fa8d
Brief tutorial on using Perl for developing exploits.
e4720a44d55438b6c8443d0789e3f56d813d0b5b979efac1ac7a1e23c05e3fac
Small tutorial discussing common types of exploitation methods. Cites examples and points to other papers that can provide more information.
ace1ee12ef0af05798d0bff8c62d68803fe68f862ffc43fa3d3e621c5906609d
FASET stands for File And Stream Encryption Tool. This tool can be used to encrypt a file or to encrypt a stream, for example through a pipe. It uses strong 16 round Blowfish encryption in Cipher Block Chaining mode (CBC) and supports a maximum keysize of 448-bits (56 bytes). Full documentation for possible usage included.
71ad4cebaa5c51efacb83aedbe1cb5d36519c5734816fbf43d06e8d6a6075667
Secunia Security Advisory SA11358 - A vulnerability has been discovered in BEA WebLogic Server and WebLogic Express, which potentially allows malicious people to impersonate a user or server. The problem arises when SSL connections are established. A connection may be approved if the certificate chain is valid but the custom trust manager rejects the chain. This can potentially be exploited to gain unauthorized access. Versions affected are Server and Express 7.x through 8.x.
aeba05f30050233ac3bee2ebf32cbe2fd0c99eee958862c1495e92f7e563aedf
Secunia Security Advisory SA11356 - A security issue has been discovered in BEA WebLogic Server and WebLogic Express, which may lead to inappropriate privileges being granted. The problem arises if a parent group is deleted because child groups remains a member, after the parent group is deleted. If a parent group is re-created and granted higher privileges, those privileges are inherited by any group, which was a member of the group before being deleted. Versions affected are Server and Express 7.x through 8.x.
1c9767ef3923dd0eb87473562073b63aed6ed757a903c0ff17f1208978f88e33
SurgeLDAP 1.0g suffers from a directory traversal vulnerability in the user.cgi script due to a lack of input validation.
34ce5dbb260c3c2dd896e707f072cf00a0a21333f04143d00d8e2175bb2c19f1
1st Class mail server 4.01 suffers from a directory traversal and cross site scripting vulnerabilities.
37d2fbb2a07f80804c9aaf3e8665223847ed95e04aa791e1f7c74b43a1bf0c76
ADA Image Server (ImgSvr) 0.4 suffers from a buffer overflow via GET requests, directory traversal vulnerabilities, and a denial of service flaw.
1370cfce6a031c225513a395b16a06250d429c03c51eb6ad76a3faa9db212314