Xato Network Security Advisory - FrontPage Server Extensions are vulnerable to a remote denial of service attack that will disable all FrontPage authoring operations on a web site. When requesting a URL that includes a DOS device name, the server extensions will hang and will not service any further requests. To re-enable the server extensions requires restarting IIS or rebooting the server. There is also a secondary problem with certain DOS device names that reveal the server's physical path.
2c1a7ff0773be187e7c0d947c6d390578db30091a5166205ebcb5b8842c4985c
Darxite, a daemon that retrieves files via FTP or HTTP, has several vulnerabilities throughout the code that allow a local/remote user to crash the servers, as well as a passwd authentication remote overflow, allowing remote shell access as the uid of the darxite daemon. Exploit and advisory included. Tested against Linux x86 systems.
2c5a17a7af5e62b8c35d708754842d9f6d13efbcd99d19896e60c3d9ca6f3760