By taking advantage of hardcoded named pipes allowed for NULL sessions and using the property of MSRPC that, by default, all available RPC interfaces in a process can be reached using any opened endpoint, it is possible to anonymously enumerate Windows services and read the Application and System eventlogs of a remote Windows NT 4.0 or Windows 2000 system.
2bb873f5988aeb3ade45cf990ed9c3c66d76a67a398e497b3f4c007ab913879a
CartWIZ suffers from multiple SQL injection and cross site scripting flaws. Detailed exploitation provided.
6531c127e7e583ba7fefdb030bbf7e7e44a5aed7f43c14df6a7726419e8d427d
Comersus suffers from multiple SQL injection and cross site scripting flaws. Detailed exploitation provided.
89f868388a71db2a6fdff00ecf45c31ecece58bd6dc3b76f3807199f4d77ca1b
PhpAuction suffers from authentication bypass, SQL injection, cross site scripting, and file inclusion vulnerabilities. Detailed exploitation provided.
f2316d88cd2264a9859477b05fd94ba5e10a624685a7274f87766211ffeff407
Documentum eRoom 6.x suffers from problematic cookie handling and code execution vulnerabilities.
0ecd59218425650299eb6433cd10686e0281e8c5eeacf121d26f18a5aeaec0ff
PHPXMAIL versions 0.7 through 1.1 suffer from an authentication bypass flaw that allows anyone to login by supplying an overly long password.
2ef490981e3f4aa13f83c7d67ee73a193584e5cd0cb408b9e4582be4b4ffae7c
LAN scanning utility that scans a given address range for UPnP capable devices. This is done by sending M-SEARCH discovery packets to either the UPnP multicast address or to the specified ip range.
0d41d63efcc9ed15133306d9996ec72a07ddb047552fca0ac417eeb412db045b
Patch for pwdump version 3 that adds the functionality of dumping password history hashes.
552f67850933f16c31c4f98e2226369459d736fb139d95395578680ce90f8456
Patch for pwdump version 2 that adds the functionality of dumping password history hashes.
d99cf17e7089e9c8d795974d715b8cc17dc49381816c9c1b5f275d0c76156a21
Due to ignoring the value of Call-ID and even tag and branch while processing NOTIFY messages, VOIP-Hardphones process spoofed status messages like Messages-Waiting.
7e874ac6aa4310120bd4e7a44ff20320a9205cdf8195fe255cbc74e7c8879b81
Secunia Security Advisory - A vulnerability has been reported in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information.
eb619c5b21357c005e65660ed43094ac425949ca3e192df3786579103421a131
Secunia Security Advisory - A vulnerability has been reported in TikiWiki, which can be exploited by malicious people to compromise a vulnerable system.
658f72ddc2e706bc8f89381b13314105140a11abda92416e832fd55d8dc071a4
Secunia Security Advisory - A vulnerability has been reported in MailWatch for MailScanner, which can be exploited by malicious people to compromise a vulnerable system.
84bf5f25d48471b6fe32a31b1a81c7976385a4e9567db9f0774c5a90c132bcc6
Secunia Security Advisory - A vulnerability has been reported in zlib, which can be exploited by malicious people to conduct a DoS (Denial of Service) against a vulnerable application, or potentially to execute arbitrary code.
8bb9340f1cff9496486178ec7a7ff1095633eccedade84782b9d5b912d1dd986
GNATS, the GNU problem report management system, allows attackers to overwrite any files when installed setuid root. Versions 4.1.0 and 4.0 are confirmed vulnerable.
4031dc7bd80756c01de19fbd5c5b10ed61647fcf3d7a8d671efe64383ea17a13
The McAfee Intrushield IPS Management Console has been found susceptible to html and javascript injection, privilege escalation, and unauthenticated report deletion.
e44cf0de8c358ef924cc85051e0b96755dce09ff74b6909f706270ab2278f337
Process Stalker is a software package that combines the process of run-time profiling, state mapping, and tracing. Consisting of a series of tools and scripts, the goal of a successful stalk is to provide the reverse engineer with an intuitive visual interface to filtered, meaningful, run-time block-level trace data.
3a30d65f7bdbc70cfcc59dcf2aa597d2a0f5acd7981ba4815857853a58aae382
Phpwebsite suffers from multiple SQL injection flaws and a directory traversal vulnerability. Detailed exploitation provided.
72609023a954b0715a52542825a64ed43c292f8cc141424428a1038ad580c36a
Solaris has a bug in the use of SO_REUSEADDR in that the kernel favors any socket binding operation that is more specific than the general *.* wildcard bind(). Due to this, a malicious socket can bind to an already bound interface if a specific IP address is used. Exploit included.
9a57bfc1f13e75c3b857db7f9fa66b1d8bc8b6525ba1d8a4eed4fea59f468b53
Gentoo Linux Security Advisory GLSA 200507-06 - TikiWiki is vulnerable to arbitrary command execution as described in GLSA 200507-01. Versions less than 1.8.5-r1 are affected.
7a3224fc388615854b469f89647198e48bf895aba6282499573f5c86dea45927
Jaws versions 0.5.2 and below are susceptible to the XML_RPC vulnerability.
dbbd5a4c9d50ba77f7b84fb0b0c6f6de1046a55a0a7e85335f74e2e902f7b30c
Debian Security Advisory DSA 738-1 - A vulnerability was discovered in the way that Razor parses certain email headers that could potentially be used to crash the Razor program, causing a denial of service (DOS).
38fe9896366c22d6723fe33aa8de84e2e2d388f384b500b7a3ba7ee333ba79ec
probe.cgi allows for remote command execution due to a lack of a properly sanitized olddat variable.
ffed25e8dc8ac2349199fd07dad579584138cc7bbe6ddaa9a66256d1153cf09f
iDEFENSE Security Advisory 07.05.05 - Remote exploitation of a buffer overflow in Adobe Acrobat Reader for Unix could allow an attacker to execute arbitrary code. iDEFENSE has confirmed the existence of this vulnerability in Adobe Acrobat Reader version 5.0.9 for Unix and Adobe Acrobat Reader version 5.0.10 for Unix. Adobe Acrobat for Windows is not affected. Adobe Acrobat 7.0 for Unix is not affected.
6babc527e9b8cdd5bf05ec464feefee69dcd0c304eaa02392cc9ebb5a8f43480
MyGuestbook version 0.6.1 suffers from a remote code execution vulnerability. Detailed exploitation provided.
f33d0e8a0b9bcc63132308251701b0eaef7668ccddf907e928162648d8fd6b77