File-Sharing for NET v1.5 and Forums Web Server v1.5 both suffer from various Javascript and HTML code injection vulnerabilities.
695984bacdaf8ea460a1c426fdfcb292c9cdd6c0fcf023c7e4d6190f6fd322d2
A vulnerability has been reported in Divine Content Server 5.x, which can be exploited by malicious people to conduct Cross-Site Scripting attacks against visitors.
ab2bfd56158284ff18d428f04473a145bd1d06cbda895c15a1b08c567f50cbcc
A vulnerability exists in the susewm package in SuSE Linux 8.2Pro where a symbolic link attack can escalate a user to root privileges. Workaround included.
0aa80f207e5b08ebc11c3b7e43d9ddc9e7d6a91abd06fb2afd67f194ee6f79f1
The javarunt package distributed with SuSE Linux 7.3Pro is vulnerable to a local symbolic link attack that can achieve root privileges. Workaround included.
48a51c859fafc06b87258f025b2ef34173b96836352430cbc98107ca9004c380
Easy File Sharing Web Server 1.2 allows for remote access to logs and options without any type of authentication.
1f238918cd90aa0dc5dd59a8410daa436e3f3811bccae026948c30e06e1ae6a1
Sun Alert ID: 57040 - The Sun Am7990 ("LANCE") Ethernet driver (le(7D)) may reuse old frame buffer data to pad packets resulting in an information leakage vulnerability that may allow a remote privileged user to harvest sensitive information from network traffic. Original advisory regarding this type of vulnerability originally issued by Atstake here.
eff98374fe0c7cde07392e38a84cef7f82576c53ea790059ec2742d71ef2b2b0
The Conexant Access Runner DSL Console has faulty authentication capabilities that allow an attacker to login as the administrator after one failed attempt.
9ca461e85238f47a1609559d07b6f180830fdb3564d26d03d99cffae24b0061d
Illegalaccess.org Security Alert - JBoss 3.2.1, the Java server for running J2EE enterprise applications, is vulnerable to denial of service attacks, log manipulation, manipulation of process variables, and arbitrary command injection.
55f58d333af30e5d98fa812f5f028f618ac98fb90bf33ce53c06b5ffbb621018
I2S LAB Security Advisory - The HTTP daemon for FirstClass build 133 (SP3) and below suffers from a heap overflow that allows a remote attacker to shutdown various services on the server.
4b4cb1c418dd9a284c326f4da4b54e1bd17564a3e611c57ea4f3c95584b47532
Juggling with packets: floating data storage - White paper discussing the use of network traffic as a storage medium for data and how this could be utilized to not leave an audit trail.
7729c506c6789c1f397e325fee04b369ccf9758ca045af5579673f7a9b1017c1
FreeBSD Security Advisory FreeBSD-SA-03:15.openssh - New OpenSSH packages are available for FreeBSD that address the PAM challenge/authentication errors.
6e4998cbae69170e2d399cbbba472e154c366f931d2f49ebf93c40f5655800fc
GuppY versions 2.4p3 and below are susceptible to cross site scripting attacks and have a lack of authentication when various data submissions are performed.
638ddd4acfb1768d65554ad49dc68964fd98689e44a4646b73d7ba18355e680b
EMML version 1.32, or EternalMart Mailing List Manager, and EMGB version 1.1, or EternalMart Guestbook, are both vulnerable to cross site scripting attacks that allow for remote PHP code execution from another site.
850e833f809c4877c234514fd44139518b0302cac84561137c81c6348bc08e0e
PHP Nuke 6.7 is susceptible to allowing arbitrary file upload and execution via the file mailattach.php.
685e128399a15d42c3ea8f47b608c882803d1bd7b26e13a3e5a915ccdbd4fabf