Cyrillium Security Advisory CYSA-0329 - FoolProof Security 3.9.x for Windows 98/98SE/Me has a vulnerability in the password recovery functionality that allows an attacker to recover the Administrator password using the Control password and password recovery key. Exploit included.
4ade30b5e97e6f4843b28db0bf163827d80893b19b977412fad14285f512eece
Complete analysis of the 180 Solutions trojan along with exploitation tools that demonstrate at least two new unpublished vulnerabilities in Microsoft Internet Explorer 6 that allow for arbitrary code execution.
633228ca6454a639b5fda36a2efc9fdfa8547bf3667c82b69a3a87a882a0b6d0
Colin McRae Rally 04 remote denial of service exploit that makes use of a flaw where a client can passively block an entire gaming network by setting a value too high.
601ac79a78b9e63c767aae8eeb1339e7de19daaed223d660ef30e43a2c3da0c8
PHP offers the function escapeshellarg() to escape arguments to shell commands in a way that makes it impossible for an attacker to execute additional commands. However due to a bug in the function, this does not work with the windows version of PHP. Versions 4.3.6 and below are susceptible.
3665a6afbcf2c1f3e80aaebbd19c3b186545ef0c4c98f8e8daf399053845af2f
Subversion 1.0.2 remote exploit that makes use of a stack overflow in the svn_time_from_cstring() function. Binds a shell to port 36864. Tested against RedHat 8.0 Psyche build.
d02b1feccebffc24878e8b25042a2f7c26807f4574998ffb926f8c0216c55f63
Sambar Server version 6.x has been found susceptible to directory traversal, direct file access, and cross site scripting attacks
5467d07e39bee02ec5cbf79f55db0f1dbd67f3df5968037eed86cdcbd00981a4
Multiple denial of service attacks exist against various Linksys routers, causing them to need a factory reset in order to function again. Version affected: Linksys BEFSR41, BEFSR41 v3, BEFSRU31, BEFSR11, BEFSX41, BEFSR81 v2/v3, BEFW11S4 v3, BEFW11S4 v4.
db186f84f45cf2b92a997aca7c56050a81e24eb42de92b84834c222e647b14e2
A vulnerability in the mkdir system utility can allow an unprivileged user to gain root privileges in UNIX 7th Edition systems. Exploit for /bin/mkdir Unix V7 PDP-11 included.
4e41e05c7bd4f54ea62b0ae08d7f52783bf2b9ebe3351bf9003ef69884cf8358
A security vulnerability have been discovered in the Mollensoft Lightweight FTP Server version 3.6. A buffer overflow can be committed via the CWD command allowing for a denial of service attack. Full exploitation included.
d385d01918e8b2f0b34b19abfd1352e1046ba16693a27f7ebf3d858884a130cf