Proof of concept exploit for IglooFTP PRO 3.8 and possibly earlier versions. This package suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters.
012f188e05c0cd48ca2d55347c1fef1243732b738b287ec3f6b9007ffa7a13f5
Linux eXtremail versions 1.5-8 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
f73f3161c91641b7b5567b990f13c9d5b919ba33786bbedc6f63f3cc2fb52d54
The CGI script whereami.cgi that gets distributed by CCBill lacks input validation and in return allows for remote command execution as the web uid.
ce15f8d74362f11898352d1bbf86d0330e48248dd00ae31bec0febbb7a67da0c
Yahoo Messenger 5.5 and below suffers from a buffer overflow that was originally discovered and fixed in May of 2002, but has since resurfaced. Systems Affected: Windows NT/2000/SP1/SP2/SP3, Windows ME, Windows 95/98, Windows XP.
3dbd08466a589690e261f4eb0f747ba191bda6e704b3f88ec4d48204eb593792
The ColdFusion Server versions 4.5 and 5 suffer from multiple vulnerabilities. They range from the default RDS password being blank by default to allowing a normal remote user to reconfigure their website properties to put and get any file on the server.
faa0a31742d24a814cbf24ab9f645633cf615b253c7800154079460c4cdc420b
The screen saver that comes with MacOSX crashes when an large amount of characters are entered and then the return key is pressed. At this point, access to the desktop is achieved.
580c1aa4b027ccdd05e8525a8ed42272ff29b6f6fedab5539018ad21fadd994c
Core Security Technologies Advisory ID: CORE-2003-0305-04 - Windows NetMeeting is vulnerable to a directory traversal attack that allows remote arbitrary code execution. Vulnerable version: NetMeeting 3.01 (4.4.3385), possibly others. Fixed in Service Pack 4.
37573598836434eb829a0bd11e8ad4eae7fa6d4cbf8c3647e8d0168be675a1ea
Kereval Security Advisory KSA-003 - Cross Site Scripting vulnerabilities exist in Phpgroupware very 0.9.14.003.
115009ff8f21003689ec49c463c4c30c56eedbbdb2ef2b35c538dd0cec9fc89c
Core Security Technologies Advisory ID: CORE-2003-0305-03 - The Microsoft Active Directory functionality is remotely and locally vulnerable to a stack overflow that allows an attacker to crash and force a reboot of any Windows 2000 server. Vulnerable package: Windows 2000 Server with Active Directory SP3. Fixed with Service Pack 4.
afedd8c7f809a694f9bb53497d9c62835d5aef2a503c9fd6108f9274b8cd15f5
A buffer overflow exists in the Essentia Web Server for Linux due to bad boundary checking with long urls which are greater than 2000 bytes. Versions higher than 2.12 are vulnerable.
f55766bfff8269fac9c31113d14529568080f5e761e6c0b22990bb0daaf7d482
This tool make uses of the recent vulnerabilities discussed here regarding a broadcast buffer overflow and server freeze denial of service discovered in Roger Wilco.
62f78f06b0794bd0e528ae135c68d893b70aae1ba695c071a7e8b7f5937a0cdf
STG Security Advisory SSA-20030701-02 - The Verity K2 Toolkit Query Builder suffers from a cross site scripting vulnerability.
47b9a884062a2fa4a62f0c83e481dc34e665de880a67fb70500473063be7008d
Hilariously amusing and simple exploit that makes use of the fact that the cuxs binary on InterSystems Corp. Cache management system executes a binary as root without that binary having a static path.
7e9b9f1c5dc3a4b6f8a786e2d7e3b1817c0c0fd7c6899b52e1d6da8a428b2287
iDEFENSE Security Advisory 07.01.03: InterSystems Corp. Cache installs with insecure file and directory permissions, thereby allowing local attackers to gain root access by manipulating items in the main package tree. The vulnerability specifically exists because files and directories are open to all users for read, write, and execute operations.
a94ec4e715dbd55bc4d0dfb19dc4102c0d75702736bfe3b8af0e08165f59aa3a