dda-insecure.txt
Data Dynamics ActiveBar suffers from multiple insecure methods in Actbar3.ocx version 3.2.
Related Files:
Mac OS X versions 10.3.3 and greater along with various browsers suffer from yet another URI silent code execution flaw using the SSH handler. Related advisory here. Homepage: http://www.insecure.ws/article.php?story=200405222251133. Authored By kang
bird.pl is a source code scanner which uses regular expressions to search for 12 common insecure C calls and 8 common insecure perl functions. Authored By Zorgon
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, SYN/FIN scanning using IP fragments to bypass firewalls, TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, uptime calculation, and Reverse-ident scanning. Most UNIX and Windows platforms are supported in both GUI and command-line modes, along with several popular handheld devices. Screenshot available here and here. RPM’s available here. Changes: New stable release! Includes bug fixes and more fingerprints. Homepage: http://www.insecure.org/nmap. Authored By Fyodor
sscc.tar.gz scans C source code for common insecure functions which can be exploited for buffer overflows. It finds and identifes the file name and line of the possible insecure function, taking a lot of the monotony out of auditing source code. Authored By Faxrazor
Data Dynamics ActiveBar ActiveX insecure methods exploit that affects actbar3.ocx versions 3.1 and below. Homepage: http://shinnai.altervista.org/. Authored By shinnai
EDraw Flowchart ActiveX control HttpDownloadFile() insecure method exploit that makes use of EDImage.ocx version 2.0.2005.1104. Homepage: http://shinnai.altervista.org/. Authored By shinnai
Remote pf control daemon allows remote control and monitoring of OpenBSD packet filter. It communicates with clients using RPFC protocol running on top of SSL (Secure Socket Layer). The protocol is designed to be relatively forgiving and easy to use. Homepage: http://www.insecure.dk/rpfcd.
EDraw Office Viewer Component version 5.1 HttpDownloadFile() insecure method exploit. Homepage: http://shinnai.altervista.org/. Authored By shinnai
CHILKAT ASP String SaveToFile() insecure method exploit that makes use of CkString.dll versions 1.1 and below. Homepage: http://shinnai.altervista.org/. Authored By shinnai
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, uptime calculation, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Screenshot available here RPM’s available here. Changes: Fixes a memory initialization bug which was causing crashes on Mac OS X (and possibly other platforms). There are several other small bug fixes as well. Homepage: http://www.insecure.org/nmap. Authored By fyodor