GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
fcfe9788eeb86aec8286a2aeb63d69a461d680c8c18bd1fb23cf0ca451ff0c22
Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
d6a8d99407835d5ef5f471f4db9dc3295c0a351b03cabd88fa7aa8ca2167387a
alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
f5aa51c872acee7a128dfa5f2f8514077b82dcdc2b49d6ef166acb365868e644
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
6cda0a49500a9a6297a838d0bb6f347a2a1857f1f1255ba8263ff1a53bdd19c3
iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'passwd' command allows attackers to gain root privileges. The problem specifically exists in the parsing of a long string passed as the first argument to the set user id (setuid) binary 'passwd'. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.0. Earlier versions are suspected to be susceptible to exploitation as well.
06f374addaad971696f3fd627b3ccd5ce05a153954a982d03ec4316d20337483
iDefense Security Advisory 02.07.06 - Local exploitation of a design vulnerability in QNX Software Systems QNX Realtime Operating System (RTOS) allows attackers to execute arbitrary commands with root privileges. The problem specifically exists because QNX RTOS 6.3.0 ships with world writable permissions on the file /etc/rc.d/rc.local. iDefense has confirmed the existence of this vulnerability in QNX RTOS version 6.3.0. Version 6.0 was also tested and found to not be vulnerable.
6a78bfbd31d4f7cf0b96d3ac4c7a99bbfeb4320ca03b220a0bb56bb47726ecb0
iDefense Security Advisory 02.07.06 - Local exploitation of a denial of service vulnerability in QNX Software Systems QNX Realtime Operating System (RTOS) allows attackers to crash the operating system. iDefense has confirmed the existence of this vulnerability in QNX RTOS version 6.3.0. Version 6.0 was also tested and found to not be vulnerable.
ccb9b46bd5f2b099f7a2bee5dd441ced33e5e0458920f64abac0088da29a8d99
iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'su' command allows attackers to gain root privileges. The problem specifically exists in the parsing of a long string passed as the first argument to the set user id (setuid) binary 'su'. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.0. Earlier versions are suspected to be susceptible to exploitation as well.
6e53e1f158f6377d548767905fc1643e8cffe307c362ebf7b0e261aa720e1e6e
iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'phgrafx' command allows attackers to gain root privileges. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are suspected to be susceptible to exploitation as well.
839efc4794ca46cdb0cc87df7d761034676e0d44ab2efa1c3a18943f99740779
iDefense Security Advisory 02.07.06 - Local exploitation of a race condition vulnerability in QNX Neutrino RTOS's (QNX) phfont command allows attackers to gain root privileges. QNX Neutrino RTOS is a real-time operating system designed for use in embedded systems. The problem specifically exists because phfont spawns another command, phfontphf, without proper sanity checking. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are also suspected to be susceptible to exploitation.
d3c8f2616a38424c6d71c227d7d427ea7bcd5c7f1038f64f9629a51824bdc97d
iDefense Security Advisory 02.07.06 - Local exploitation of a stack-based buffer overflow vulnerability in QNX Inc.'s Neutrino RTOS Operating System allows local attackers to gain root privileges. The vulnerability specifically exists due to improper handling of environment variables in the libph system library. iDefense has confirmed the existence of this vulnerability on QNX Neutrino RTOS 6.3.0. All versions are suspected vulnerable.
c54f86cbe6e34902d7e0df31596a8e3466d5982ce10691f06a38499e53df9120
eyeOS versions 0.8.9 and below suffer from a remote command execution flaw.
4a0497bee8ed948c5a1838391a11c40d8391c7632f127331f8d05fc169f462a0
OProfile versions 0.9.1 and below suffer from an insecure path vulnerability that allows for privilege escalation.
b454c12397be526761d5759cd1aced4d1fadc94ac06775c457dfd4e824b6349c
Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system. Version of Mozilla Firefox below 1.5.0.1 and versions of SeaMonkey below 1.0 are affected.
0b913a4940b9c1df8bc0877a60ff3d579cb186e228c0c21ed540d188f86298b9
MyQuiz version 1.01 remote command execution exploit.
0a7cb4b6e0130e49d68b2a145976e7fbc68a64334f724b284c83c44452d1cf85
NGSSoftware has discovered a high risk vulnerability in the Lexmark Printer Sharing service which could allow a remote, unauthenticated attacker to execute arbitrary code on a Lexmark printer user's computer system with Local System privileges. A workaround is included in the advisory.
17c2a0cb655fbe259348176d404b85e1491d9c102c09b66f0487118c56e74bbc
The design flow in the way The Bat! 2.x displays messages allows attackers to spoof RFC 822 headers and more.
ad0f681bcad8c9274be2769c052fb5e6dbf1f003fec29f7f9f7f7d1023ba0bdc
Proof of concept exploit that resets Sony/Ericsson phones via a flaw in Bluetooth.
69cb4697fe7ae13e375c9aafe468cf4269b76c5f26cdea0ba16392f54d714f4c
Test exploit to see if a BCB compiler is susceptible to an integer overflow. Versions BCB6+ent_upd4 and below are susceptible.
2ab5749e3553c55c3612119fdb9d21acdfe2f5883a753a13e22f4e06e9a3569f
Eudora WorldMail 3.0 Windows 2000 remote SYSTEM exploit written in perl.
361603b12539a65e33b078a869e68ab0f69445a9256ccb1d2e26f31f6fea8611
SQL injection exploit for ASPThai.Net Guestbook version 5.5 and possibly higher. Grabs the admin username and password.
4cd6f25c37d847c0919c5147a5de1d2eeb5a48d63ba14af76dfc64126018eeb2