There exists a vulnerability in the password checking routines in the latest versions of the MySQL server, that allows any user on a host that is allowed to connect to the server, to skip password authentication, and access databases. All versions of MySQL up to 3.22.26a are vulnerable.
5f5a4fb2100d5e175dc80ad904c3a600382a5f0b6c8153e8084244e2328cedac
The Zeus Web Server does not parse null terminated strings properly, and can reveal the source to CGI scripts under certain circumstances.
9a0a0886f0a40183adf724fad747857cdc071b7a7737b9697b05f8695f3ef40d
Novell Bordermanager 3.0 through 3.5 is vulnerable to a slow DoS. After 2 days, the firewall will deny all requests, and eventually crash completely.
48c370974fffe524eb3fda985fefe77b6e5fd0977fa64b23fb3530d31a5b49ac
rpc.amd remote exploit with spoofed source address.
329325fa62c5fbb59239de4158cdfa9412f4a122b2491697f843abe351bd7e4c
It is possible to cause the BeOS PoorMan webserver to crash (remotly) by sending a given URL to the server.
c7a561452597163b2603b347de43d34eabbf8faadb4f6ddceba795ffbb450b77
CERN 3.0A Heap overflow advisory - There is a heap overflow that wastes memory space in the CERN/3.0A webserver. Close to 50000 bytes of the heap will be ruined! DoS example included.
489fc3d42f1e7f2c642902f70308d9caefba877586655086add9c34454afe5b3
Windows Api SHGetPathFromIDList Buffer Overflow - All Structure lengths, or Length of string, can be a modified or altered and cause whatever handles the shortcuts to crash.
76e69a39aa4a55144387c30002193441b975a29627e84d7c38fecdb3a6baa1ca
Serv-u FTP-Server v2.5b for Win9x/WinNTFTP-Server v2.5b will crash if you upload a malformed link file and type the ftp command LIST, due to overflow in Windows API SHGetPathFromIDList.
1553e21d813e70115f971fbf6e139bf7d8dedb4efc386150d7a1b03a64116625
surfCONTROL SuperScout 2.6.1.6 allows web users to view websites blocked by the classification database.
36ddf8049da9b107bd7993a63104caf8dd5ad23594920462c47574bf6f6b6f39
"How I hacked PacketStorm Forums" - A look at hacking wwwthreads via SQL. This is more of a technical paper than an advisory, but it does explain how I used a vulnerability in the wwwthreads package to gain administrative access and some 800 passwords to PacketStorm's discussion forum.
29b3228561304410fb2ef71030ea7e75376cc046c8543397a51327868ce6872e
slzbserv.c - local/remote exploit for ZBServer PRO 1.50-r1x (WinNT). ZBServer PRO 1.50-r1x exploit gets remote servers's full control, allows you to run arbitrary code. Tested on debian.
988c54751cc12389b0db8a0ee9c0a46023525cb6452cd770c1262b6e088788fa
War-ftpd for Windows95/98/NT is vulnerable to a buffer overflow in the MKD/CWD commands until version 1.71-0. DoS exploit included.
8fb4b7b98977d50ebe39d7cc972408c231774f65b8bab7a4536a9f16a827c8a5
instructor.c is an OpenBSD 2.5 DoS attack which attempts to execute every 32 bit instruction. It is useful for people who are trying to find hidden features, or hidden bugs in their hardware or operating system. Many "features" have been found with this program.
a70cc461f83c0c214d4cbf175bc5b405671807e2937804c52d63b58d9d1f9822
Georgi Guninski security advisory #6 - Outlook Express 5.01 and Internet Explorer 5.01 under Windows 95 (others too) allow reading subsequently opened email messages after a hostile message is opened. Exploit code included. Workaround: Disable Active Scripting.
40e5fa882e4448e2504aa6f59add27ddb20730b6add122d795a838cfa1ea5033
Another security hole in Microsoft Virtual Machine for Java has been discovered that allows a java applet to read any file on the system. This vulnerability is quite dangerous and immediate de-activation of the IE Java function provided by Microsoft is highly recommended.
b676c447d63a02f62a89b9ff3f9af087212f58f35bc9ad6a0a9796b988ac19d5
Tiny FTPd 0.52 beta3 (Windows FTP Server) has remotely exploitable buffer overflow vulnerabilities. Even anonymous users can execute code. Exploit tested on Windows98(+IE5.01).
784d73176bc53e3f6a8141164175f061c982b7f2a9ab4e69dbf1be32a39bf336