Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
c1706f46a96cc7491ff48e41be3c3d0a
Call For Papers for the DA (Drone Armies) Workshop. This workshop is for the purpose of bringing together members of the DA and MWP operational communities to share information, as well as plan future operations. It will be held August 10, 2006 in San Jose, California.
9c7958a35524795e010e55cc056ac11d
RW::Download is susceptible to a remote file inclusion flaw via stats.php.
28221f8975f7bed2c8e1a043352a260d
ATutor version 1.5.3 is susceptible to cross site scripting and SQL injection attacks.
f4a1d60aa725494e7968cab7c0d7d672
AjaxPortal version 3.0 is susceptible to a SQL injection flaw.
16f85693d2f33c14973fb134ce5c9fac
PAPOO versions 3_RC3 and below remote SQL injection and administrative credential disclosure exploit.
b4e86032b3aaaee9a99f853ef75cc72a
Mandriva Linux Security Advisory MDKSA-2006-118 - OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. An unspecified vulnerability in Java Applets in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. Heap-based buffer overflow in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
c7d36c141e756d0ce80549bf0f5188b6
Microsoft Word exploit that produces a .doc file that demonstrates a memory access violation. Affected are versions 2003, 2002, 2000.
b66bde4a8cef907874cc011abd712850
ExtCalendar versions 2 and below suffer from a remote file inclusion vulnerability.
5d6b2937c140e76be19f390a2f6f3e60
rPath Security Advisory: 2006-0122-1 - Multiple kernel vulnerabilities have been address in rPath Linux.
7a4b5ddb74df294bf08d5dc2a05b86df
PBL Guestbook versions 1.32 and below suffer from cross site scripting and SQL injection vulnerabilities.
3c91c793f0a79a024e910ddaffe0899f
Pivot versions 1.30 RC2 and below privilege escalation and remote command execution exploit.
d95cfa7d604b7c850bf356f26b8ec7b8
Hosting Controller version 6.1 Hotfix (versions 3.2 and below) suffer from flaws that allow an attacker the ability to gain reseller privileges and administrative privileges.
211368bf13f6d3ee51d523e2203c598c
ExtCalendar versions 2.0 and below suffer from a remote file inclusion vulnerability.
353906d4fa3b0d22aae2ec571b36e395
Trustix Secure Linux Security Advisory #2006-0040: SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
031b70073304c561aab8b4b83e2d9e99
FreeWebShop version 2.1 is susceptible to cross site scripting and SQL injection vulnerabilities.
38782dc92237ff58b8561f0d89ca7bef
ATutor version 1.5.3RC2 is susceptible to cross site scripting flaws.
361bf70f20ee01165137486aba58517e
Debian Security Advisory 1105-1 - Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, that could allow a remote attacker to cause a denial of service.
62b2ab8347abf79b44050e61e860a55d
PHP-Blogger version 2.2.5 is susceptible to cross site scripting flaws.
8d7aa11f408b19758b1fabc968047364
McAfee VirusScan Enterprise version 8.0.0 suffers from a denial of service condition.
2f940c17c55298161e6dc10fa555e384
Mandriva Linux Security Advisory MDKSA-2006-117 - Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions. Libmms uses the same vulnerable code.
8ec33294d6cf6850a0299d78a84e5a94
The WebEx Downloader Plug-in suffers from a flaw that exists due to the lack of input validation on various ActiveX/Java control parameters and configuration directives. The "GpcUrlRoot" and "GpcIniFileName" ActiveX/Java control parameters allow an attacker to specify the location of a configuration file containing further control directives. This allows an attacker to transfer arbitrary files and executables to the target. The attacker can then leverage available configuration directives to execute the newly created executables thereby compromising the underlying system.
a07490c7968278e740d27117f65e63d4
Advanced Guestbook version 1.0 suffers from a cross site scripting flaw.
8e9088ca1324533cc2112a42f2aa4ac4
MICO versions 2.3.12 and 2.3.12RC3 crash when contacted with wrong object key resulting in a denial of service condition.
9fac82e34ef6c3c690802e52b750ec0e
Proof of concept test exploit for AdPlug versions 2.0 and below (and CVS version 04 and below) which suffer from multiple heap and buffer overflows.
f09a7c940bd14eecdae78cfe2a639e17