Samsung SmartEther switches allow a remote attacker to login as admin without having a correct password. All that is required is that all of the characters that can fit in the buffer for the password be filled.
afe2a7860a1e2e382e42f0ff2b3783ae8f7656865e91fbdfc36859ea6c6103ac
Sample proof of concept exploit that demonstrates the TCP vulnerability discovered by Paul A. Watson. Perl version.
7b8da88a4b120e083cbeadb74aaf609c90eefcbba41d5d768d53613eda9c9800
Linux eXtremail versions 1.5.9 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
6036e06b4c58e55a423903721dd48a2c313b1ab18a6383129e59eff5587ec24e
Open Bulletin Board versions 1.0.6 and below suffer from cross site scripting, SQL injection, and arbitrary command execution flaws.
e16c00b60f8ba3f4b3b6fd18ee54b24d3774e3df45e73ef6c1f8da73a3fd1158
Windows fails to handle long share names when accessing a remote file servers such as samba, allowing a malicious server to crash the clients explorer and the ability to execute arbitrary code in the machine as the current user (usually with Administrator rights on Windows machines). Verified to still work on IE 5.0.3700.1000 on Win2k SP4. The author originally notified Microsoft in early 2002.
732e3e74f77ebd64d1be72f860691364496a6715edd0d0138eaa48142e8c84ea