Mudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.
eed705085bf7156687cfc64b6126bfb98b12b990632b24c5fa4a5c4c581115d5
Compozit 1.0 is susceptible to SQL injection attacks.
977a291d2a21299a6376df4d987b0196b9c33d4f90db0aff90f9d36a999d815d
phpBB suffers from SQL injection vulnerabilities.
ca458f33b9f3016fe72402ab33dfbbd57fcb02856066cf26233223b8394b26ef
A buffer overflow exists in KMiNT21 Software Golden FTP Server Pro version 2.52.
1a0a99671467a7f1942f1ac05379950a44c6102d6fa6190bdd51c998d91389cd
Multiple Cross site scripting, 10 SQL injection, 7 directory traversal and 4 remote file inclusion vulnerabilities have been found in Claroline versions 1.6 and below.
052e9365cb9d1fd65a53162363bd9fa05dd0a5aa01b916faa3eafffc8e316c8a
Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
e19871cad09624d3a5af256d5516eeabf2ab79591b277be500b9b1dd61c2541e
The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.
ef139543a9532e044a332e6fe24a517551fe4da5ef7447675ac35fac64a5755c
phpBB versions 2.0.15 and below denial of service exploit that makes use of a flaw that relates to registering multiple users. Perl version of the exploit.
98acab7ade2fe687c7afcd148ba523fb1ae862b5525096cb9730bed7ea791db8
phpBB versions 2.0.15 and below denial of service exploit that makes use of a flaw that relates to registering multiple users. C version of the exploit.
b835c816d7e4aa2da5af4fdb2e14e6ae2589bbc6850ce03ba5706f6128cb6818
Saeven.net's WhoisCart is susceptible to an arbitrary javascript injection flaw and also suffers from a directory traversal vulnerability.
72a4419a90fac45a4e99d532b651a7458d542208ac192cdede294997035ebab7
iDEFENSE Security Advisory 06.22.05-4 - Remote exploitation of a SQL injection vulnerability in IpSwitch Inc.'s WhatsUp Professional 2005 Service Pack 1 could allow a remote attacker to gain administrative access to the application.
6c6767bf836656fe30675b99b71054b7cb6756a771baffbeab51e764a85a2176
Cacti versions 0.8.6d and below remote command execution exploit.
ee21056d8194d2649e19ffc967ac38ff11af62f0a4eeaf28a7b2d28307b2942d
Gentoo Linux Security Advisory GLSA 200506-21 - Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the id parameter when uploading attachments to the wiki or the bug tracking system. Versions less than 0.8.4 are affected.
0f97ceea0be29a1d8e8d37d870a649c8ee040223a44282a32264d12ce1ba154c
A programming error exists in the function that parses commands in the Asterisk 1.0.7 system. This is used by the manager interface if the user is allowed to submit CLI commands. The coding error can result in the overflow of one of the parameters of the calling function.
1a50a0056a74c27fb6eb2b5b5d0116c261912d86824d5d8e0a21b4a8acf36b39
iDEFENSE Security Advisory 06.22.05-3 - Cacti contains an input validation error in the top_graph_header.php script that allows an attacker to include arbitrary PHP code from remote sites. This in effect allows arbitrary code execution with the privileges of the web server.
76425a9c336f61cb7a418d47c71225952e7fee9c19374f80a5085a8d7d7c43c9
iDEFENSE Security Advisory 06.22.05-2 - Cacti contains an input validation error in the config_settings.php script which allows an attacker to include arbitrary PHP code from remote sites.
3eb5ba6575344531dd662feeb0e430af134f04cc3d9810fe4a6560ee8e28b3a2
iDEFENSE Security Advisory 06.22.05-1 - Remote exploitation of an input validation vulnerability in various vendors implementations of Cacti graph creation tool allows an attacker to make arbitrary SQL queries.
0d39413572d0da0122e5bac588b1fce964b3239c0857b5a18ec67ea93c2088d6
A huge slew of SQL injection flaws exist in the DUWARE product inline, including but not limited to DUportal Pro, DUamazon Pro, and more.
b9a175c9a04f64a3b6e047dd00a5d5013be3da2b677958ed5ae9348960834bb3
i-Gallery versions 3.3 and below suffer from a directory traversal vulnerability and cross site scripting flaws.
31d1e15301887894e15c7a8e6e7210321b31f0eddfd31c726c9acd647671cb60
MercuryBoard versions 1.1.4 and below remote SQL injection exploit.
bf383cdba243a36d84724e10b84bad756aa8602e454b224c3f5bb60ba4532918
WordPress versions 1.5.1.1 and below SQL injection exploit that makes use of a bug in users.php to add a new admin user.
679762c6495e2350165d311b311a4548d3929b25c9ba29d4abcc3a5ff2c6e830
Gentoo Linux Security Advisory GLSA 200506-19 - SquirrelMail is vulnerable to several cross-site scripting issues, most reported by Martijn Brinkers. Versions less than 1.4.4 are affected.
cf94f3daef360bfa86ae1e8d24375d9c925f3f746b85e7e7efa2e0820a10ac0d
Gentoo Linux Security Advisory GLSA 200506-18 - A bug in Tor allows attackers to view arbitrary memory contents from an exit server's process space. Versions less than 0.0.9.10 are affected.
172c44a6de769f59d3cffb877e2cd5557f0f1038dfa45ac0dd687d721bc64e25
Secunia Security Advisory - Some vulnerabilities have been reported in Cacti, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks or compromise a vulnerable system.
9876b2125bb2c1921659b847e8bef6f745310911559db7734fe1f1256984b9d2
Secunia Security Advisory - A vulnerability has been reported in sudo, which can be exploited by malicious, local users to execute arbitrary commands.
aba0062405f18965cb45dcfed5de4d0bc7be9feb2e11a2c3282df49556e41a20