Detailed documentation of the SGI Name Service Architecture for IRIX 6.5. Good information.
45b15292ecaaa3be0f3653dc303ae3dd2e455f8c10e81424fa0966362df91145
Linux kernel 2.2.x denial of service exploit code for ICMP vulnerability. Alan Cox patch included. :)
89f598ac7a7e739bf9d8ff251c3c88aedeac1e5611dbbcccfcd73c887472cc95
Security vulnerabilities in all versions of Lotus Notes SMTP MTA allow malicious attackers to execute denial of service attacks and relay mail. Exploit descriptions included. No vendor fix.
15bc61d762d583cb919ab6e33886179ea2f63f64e994535d1d62055a96a99541
Microsoft Outlook Express 4.5 for Mac platforms has non-functional user password security, allowing any local user to access anyone's email account. Exploit description included. No vendor fix.
7a91ae5b3da2e8f3a20a84d65271485e9215c57c4f601512e17d9dedb18c6333
Process-based denial of service vulnerability exists in MacOS X Server running Apache that allows remote attacker to easily kill the web server via looped HTTP requests. Test exploit code included.
f5a096462e64fb0011ee44a1691b337f8d7d1e10a3e7f24ac2832333238bc622
The zsoelim program included in the Debian GNU/Linux 2.1 man-db package is vulnerable to symlink attacks. Vendor patch information included.
c46f9dc815b65833e47178e9ccb0a7438639e1776f1197a3f4a1ef9f42ceadec
Windows NT does not properly handle the use of wildcards, matching filename characters that do not even exist in pseudo-8.3 format filenames.
8083405cd4e6f8d0d115ef880d8e47698b66fc096f77bdb4ebda6f5377d1edf5
New mIRC 5.6 automatic URL loading "feature" exposes unwary users to numerous browser-based security vulnerabilities.
73ca41412accde695328f155f07f8a7838ed07d534a7202f1501e2276a12cc4c
Allaire ColdFusion Security Bulletin addresses recent security issues.
dc92e975e7199379ef944c4f31750571b7a11aff2b9f71345f48eed84ca373e5
Microsoft Internet Explorer 5.0 allows malicious attacker to bypass security and execute HTAs (HTML Applications), opening up a wide range of serious security holes for Windows 9x/NT boxes that have MSIE 5.0 installed.
61aef6020df9b3a070f284494834138f1081797810cf64634038fd37c0e28eb2
Microsoft Internet Explorer 5.0 is vulnerable to a simple JavaScript based denial of service attack. Exploit code included.
0c6cdbc711711063627d32b72c09eebad0f8b6819f4281e2c836a11b5ea0865f
Security holes in Microsoft Internet Explorer 3.x, 4.x, 5.x and ActiveX allows malicious remote attacker to search user hard drives for files, and possibly more. Exploit code included.
6682e4d5b25c57925513d8cd6b4394c7a33dd89bc45c430f0fdf5a2e398905ac
Microsoft downloader software forces users to lower security protection levels to obtain Y2K patches for Internet Explorer 4.x. Incorrect error messages regarding system clock settings create further problems.
16c4faa035f48797f9a72f6d0de3f1d681dab11e7753b135bd6ace3d7b1b8561
Hacked netcat-based trojan used to exploit the eEye NT4+IIS4 URL remote buffer overflow - gain remote control over NT servers with this backdoor.
58760eddc454eb83a69dac7dc6375a069fb4ee2c796b229db876d1cff6d09a5f
Hacked netcat-based trojan used to exploit the eEye NT4+IIS4 URL remote buffer overflow (for use on port 99) - gain remote control over NT servers with this backdoor.
f2d006d20ae413f942415387e47af01ebe36de35fde4257e1409f94b016fbb80
Bug in Netscape Communicator 4.x allows malicious attacker to "sniff" URLs from another window using JavaScript and the "data:" protocol. Exploit code included. Recommended fix included.
4215ccc14f062493feac812cddfcf1be8abe93be5b7e8f56099ca9b0416f5be3
Netscape Fasttrack 3.x server for Windows NT and NetWare allows remote attacker to climb the directory tree and view root (and other) directory listings.
9e631f435db6f41b92c5dbf0e128b70569a6dd8c4e96b11fb940571281728fb6
Netscape Communicator 4.x "view-source:" JavaScript based security vulnerabilities allow remote attacker to browse local directories, read user cache, read parsed HTML files, read user Netscape configuration (including email address, mail servers and passwords), and more. Exploit code included.
13eeef3ba60d37b3c70b6455f0e55a229c748b49abebb72131ed44effc3f89c2
Bug in Netscape Communicator 4.x allows malicious attacker to "sniff" URLs from another window using JavaScript and the "view-source:" protocol. Exploit code included. Recommended fix included.
6c87d9e19ec261cf123b91b2dec43f12eefd5dccca17669258f6a0a467027ce7
Apparently, another denial of service attack that utilizes nmap tcp connect() port scans has been discovered. So far, it appears that only Linux is locally vulnerable. This attack kills virtually all services, and can be executed by any local user.
537fbc0af4d5b37928a99ef929dad36132f1056fc4e8b7a53c4e78d0d2f1c0c0
Exploit code for Novell NetWare 4.x web server denial of service attack.
0778780bd47b1bb9e8ac282ecf1ad6f43ecf7f099993f69d2225fb2a5b4eebd4
IRIX 6.5 nsd virtual filesystem vulnerability allows remote attacker to mount filesystem and retrieve privileged data, such as shadowed password files, monitor filesystem for changes, and execute denial of service attacks, among other things. Exploit code included.
6e69caa7d13992c21a548ce1abfe8fcb4825ed5961ea6befcfa65a2b916ade08
Simple denial of service attack possible against Windows NT Server PDC from Windows 95.
c157890b2881ba4ddce464b4291224c79226c94fb8fa4323c86f3939b9332aae
Security hole in Windows Terminal Server 4.0 for Windows NT 4 allows attacker to bypass account locking feature, log on, browse the network, map up locally shared drives/catalogues, run command.com/cmd.exe or regedit/regedt32, etc.
533a29371145f4920e8f1ed1f915e49b765284ef80ba27e59fe62c373e080463
NTMail v3 has an open relay exploit that allows anyone to send mail thru the server.
73555bb7b870ffed5686acbfe5fdb59850b7418b3045ca0b0001a706bb4711c5