Sendmail Tutorial (version 2.4) - find out why Sendmail is called 'the buggiest daemon on earth'. Tons of ways to crack into big computers as well as PCs unleashed, including, of course, information on how to block these holes.
61d435cba5f7a1cc881d01bf9c93a9d62fef9cf6c8b8131d6a1b7dbf8b5a8a11
USSR Advisory #47 - Remote dos attack in the Small HTTP Server ver. 1.212. Sending a malformed URL to port 80 will cause the proccess containg the services to stop responding.
86a55c2c873fe77149e6c2e21526691e7d5454b7fa64b69715c91a5e13aad66f
USSR Advisory #46 - Remote dos attacks in the Dragon Server v1.00 and v2.00. Long FTP usernames cause the service to crash.
761380a3626c3a294a00311b17cecc743df14fa38155757666882760a5209070
Secure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.
898827b1a3372fb60720b04a5f21989e3f0a60ade56b701f27e71e983b5876c9
CRYPTO-GRAM June 15, 2000. In this issue: News, SOAP (Simple Object Access Protocol), Java and Viruses, crypto-gram reprints, The Doghouse: Infraworks, The Data Encryption Standard (DES), and Comments from Readers.
73a3d2a43340b4bdb58234178ca1eb892824e2b2e7c2d20501c377a9969e00f1
inndx: innd remote 'news' user/group exploit. Tested on innd-2.2.2-3 default installation on RedHat 6.2.
40a254fd6187f80b20f5181e8ee23d738cce908dc6782c0452d8dc9564f32a3f
Microsoft Access Databases are not afforded "Macro execution protection" in the manner of Word/Excel/Powerpoint documents. Attackers can insert trojan VBA code into MS Access documents to execute arbitrary commands on the remote machine.
ee125bfb149060be352ecd18f260d1726c1e1597e5a2002b8d947d29c66cb513
Microsoft Security Bulletin (MS00-035) - Patch Available for "SQL Server 7.0 Service Pack Password" vulnerability. Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0 Service Packs 1 and 2 installation routine. With some configurations, the routines record the administrator password in plain text to a log file, where by default it can be read by anyone who can read files on the server. Microsoft FAQ on this issue available here
feb39363e4c4679149374ad9863858d555f192a8400d62b6ce7e2f4b909afa2c