There is a remotely exploitable vulnerability in Sendmail versions 8.12.9 and below that allows an attacker to overwrite heap and stack structures.
28c280e02042929b8acc8cdcb07a215783ebdfe53633e6f8410bce341f4bbb14
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
0ab456f9eb81241cacff3102350ca2d3d01b129d6cc59541457ba3b94e221918
Liquidwar 5.4.5 local exploit that has been tested on Slackware Linux 9.0.0 and Gentoo Linux 1.4.
6038ccaf0089d0c6b1b982024c5d6232813a117568c7c20900bb183dcfc26458
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
61d9b805f255e143dbbc50c6c60c24f55bc4f8f319909dd399b3a3a1ef7c77f9
Remote root exploit for rpc.mountd that makes use of the xlog off-by-one vulnerability discussed here.
8301fb1c155cefd9ce319e1358f25b7e25d8bf34a49b62722987e5f5a7b76328
Remote Windows exploit for the RPC DCOM long filename heap overflow discovered by NSFOCUS. Upon success, the target will have a user added as the letter e with a password of asd#321.
8deeb2c01d158751b1bf4ee8adcd15343d9a1beaeded00158eb8c71a0eb8577a
Texonet Security Advisory 20030902 - SCO OpenServer / Internet Manager (mana) versions 5.0.5 to 5.0.7 are susceptible to escalating a local attacker's privileges due to being tricked into executing the environment variable REMOTE_ADDR when it is set.
5046fb8c6f2157de1eeef06f1ff7086a72da814debcc822a30e046b466d87a8d
Domino Hunter 0.92 is a Lotus Domino web server scanner, written in Perl. It attempts to access default NSF databases, as well as crawl user-defined bases. It tries to enumerate the database structure, enumerate available views, available documents, and ACLs set on documents. It also tries to retrieve documents from available views in order to check if ACLs are correctly set to restrict documents and not views. The scanner works in both anonymous mode or privileged mode if user supplied credentials are supplied to then be passed to the default names.nsf/?Login form.
bfcba564a665d5e5f128c1528b9c6a1d48fcabdf83356083541e4206cad0ecc6
Atstake Security Advisory A091503-1 - The Nokia Electronic Documentation product has three vulnerabilities. A cross-site scripting vulnerability allows an attacker to run malicious code if javascript is enabled. A directory listing of the web root is available by supplying the underlying webserver with a period. NED can also be inadvertently used as an HTTP proxy server.
4924ba9b5946a4e3970ccd2e0126327f9de57382c0d428f532349345aa409bd4
Remote exploit for Mysql 3.x versions 3.23.56 and Mysql 4.x versions below 4.0.15. More information available here.
031cb79c22ead773279128cdcad002a6b7cea61a3829c158c874f16857a8ab9e
Tiny SHell is an open-source UNIX backdoor that compiles on all variants, has full pty support, and uses strong crypto for communication.
6cb0bc541e848ecd40a2623b75688255e001fe3476c765acd037f1906f171a14
Remote Pine exploit for versions 4.56 and below. Makes use of a vulnerability discussed here.Binds a shell to port 6682. Written for Slackware 8.0, 8.1, and 9.0 and works for RedHat as well.
e851c723d21209a6b26900e885356e35a071b04eb77c23187facc15b5835af99
iDEFENSE Security Advisory 09.16.03: An exploit has surfaced that allows remote attackers to execute arbitrary commands with super-user privileges against Solaris hosts running the default RPC authentication scheme in Solstice AdminSuite, sadmind. CVE Related Number: CVE-2003-0722.
927d8400a78249ccc1f470ef0d7fa5b3ce3bc5fe19fbd3027a63dae9bae28365
Minihttpserver 1.x Host Engine is susceptible to a directory traversal attack and has a login parsing flaw that allows a remote attacker to gain administrative privileges.
c3811137432dca7f6b3480030b9e97885c8de1ef80de534902b0ea664f882952
Easy File Sharing Web Server 1.2 is vulnerable to directory traversal bugs, cross site scripting, HTML injection, and password snatching due to them being left in the clear.
f44612ef4731652eedc76c34971ccef6fbab01c107847e6496e2fa6d924e38f8
OpenSSH Security Advisory - All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error which results in a remote root vulnerability.
64c4c6ec67379208e69b635d6afb17251d748b0a37bf85006230d6525d2a55db
LEA is a simple algorithm for file encryption that uses some boolean algebra and modular arithmetic. It can test the stream and generates numbers with a logical order. Using bytes as increments and decrements you can choose between a normal encryption without pseudo-random data generator or steganography with/without random data emulating binary executables. By default it includes a VMS Alpha Executable and a Linux IA32 ELF you can add to the binaries on a standard header included in the distribution and editing the steganographic routine, the fake binary included works on all the Linux distributions over IA32. Tested on HP-UX IA64, FreeBSD IA-32, Linux IA64 and Linux IA32.
7d3ddcd31b7fa89b53fd95ecfaae04a65e31c6f4a76b5b74a0316c850e682a3a
Secunia Research Advisory - A vulnerability has been identified in OpenBSD allowing a malicious root user to escalate privileges. The problem is that the root user may set the semaphore limit to a high value, which causes an integer overflow. This could be exploited to bypass the security level access control (securelevel) specified at boot time.
f31997d5d1e04fd1b70e758ee24b98598f34265b3b0f58f83720a3ee45983017
Secunia Research Advisory - A vulnerability has been reported in ASP.NET, which can be exploited by malicious people to bypass the "Request Validation" security mechanism. The "Request Validation" mechanism designed to protect against Cross-Site Scripting and SQL injection allows restricted tags when they include a NULL byte. However, this is a problem since some browsers, like Internet Explorer, ignore NULL bytes when parsing input, which may cause them to execute the content in the tags anyway.
289ddf4085f312bb8fe0319c2b08e847dcf9dde239b04f3cf03bbd5c373a1e62
Secunia Research Advisory - Two vulnerabilities have been identified in FTGatePro mail server version 1.x that allow malicious users to access sensitive information. One lies in the file ftgatedump.fts allowing an attacker to see the system configuration while another lies in exportmbx.fts that holds all the usernames and passwords for the system.
37e62379ae7d3410654e1b6dbec013a2f429722f7a11bac666000f9c31637ac1
Secunia Research Advisory - Two vulnerabilities have been identified in Gordano, which allows malicious people to consume large amounts of CPU power and see information about other users.
6fe5b63708044356c7045256059750a6e4f4dea633deb68198e6017732cca8bb
Program for testing weak binaries for basic overflows. It can test command line overflows, ENV and basic format string vulnerabilities as well. Utilizes ptrace() to analyze the stack during testing and report any overwritten stack addresses and other important data. Very useful for testing items that are precompiled.
ea46f5f18b2c7e88368f709209625793eefecb5c676758acc69e3555a8aa2193
Secure Network Operations, Inc. Advisory SRT2003-09-11-1200 - In the man-1.5x code, some checks may not be present upon compile time that keep man from not being vulnerable. RedHat 9 is one such installation that ships man setgid and vulnerable to attack if the vendor supplied binary is utilized. http://www.secnetops.com.
743603b784eb340ce003d68fe7310d77a3cf4938a9b7ae14aee5b8377252c813
Thorough paper discussing how to defeat the stack based buffer overflow prevention mechanism in Microsoft Windows 2003 Server.
b38cd24d571d9497d31fa51821bf46da5ded71c3cc615f565477fda2effa5f09
Bandsite portal system version 1.5 lacks authentication validation in its admin.php code when an administrator is added, thus allowing a remote attacker to gain administrative privileges.
5d166e4129b983e42146f8f03a2ab30cec5d84c35a9f1631e971a799a69627ba