GAIM versions 0.75 and below are vulnerable to twelve overflows that allow for remote compromise.
69198b878df83c96f86ad50feb5e689f19d7e2d127dade49757b71dc6062227c
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
20540173a5520bc1553ddd8caea1575a4f9692b2f89f940be0c01977f4d0d8b3
Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below.
6de0ca83361dce52c08b5b33a10843f9f30d275a37f278cc1b412a7f0b524d08
NextPlace.com E-Commerce ASP engine is susceptible to a cross site scripting vulnerability.
2f8af53e9dfea6fe76abccd8960b5ec38f7d3444654525851e6ed78612f36c2e
Inrtra Forum is susceptible to a cross site scripting vulnerability.
ca0e46d20d49830a841e047a4df9766b3d3bd389d20c6872a8d8aeb7d6bf63c8
BWS or Borland Web Server, which is used as the Corel Paradox relational database interface, lacks input validation and is subject to directory traversal attacks. Versions 1.0b3 and below are affected.
8aa1c69b7c9c73d721abc38cc5f94f0d8119336e8aaff6c08fbd7a4b4880b3b7
Reptile, the web server written completely in Python, has a flaw that allows for completely CPU resource consumption which results in a denial of service.
a93f3311cb6315dce56853e60c9cb0e50ed262ea0e036374fa50343fe062f00a
Tiny HTTP Server versions 1.1 and 1.0.5 are vulnerable to directory traversal, denial of service, and cross site scripting bugs. Examples provided.
94d202695ed7e71eeb74c905557c9600d4fab98f445abaea4f073aba55c6bc8a
Serv-U FTP server versions 4.2 and below have an internal memory buffer that may be overrun while handling the site chmod command with a filename containing excessive data.
84037bdd2e889eb4c304d27f52b7dc0aa43b1fdf201d847e3046010337287090
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
68345407cba1f09274d48ec3d1f9b56fb49df168927a103018da433acb4f756f
S-Quadra Advisory #2004-01-23 - QuadComm Q-Shop ASP Shopping Cart Software has multiple SQL injection and cross site scripting vulnerabilities.
f1b225be449f443f70ea6b3605dee7d993e92086915c6e0a6b3e035f1ba4755d
When running in proxy mode, properly crafted requests sent to Finjan SurfinGate versions 6 and 7 can mimic control commands. Known vulnerabilities include viewing log data and causing the service to restart, potentially resulting in a DoS situation. The architecture for this application suggests there is a potential for modifying the filtering policy as well. The vendor has ignored the problem for over a year.
572f4e17a711d98d530166340377eea87699bc44b226915bbaab6ea14b6fba74
Novell Netware Enterprise web server versions 5.1 and 6.0 are vulnerable to various cross site scripting, path dislosure, and directory listing attacks.
6fa6232eddd35425923014566186261bae4069faaff0f01545f187bf7e4f140e
The NetBus web server that comes as part of the trojan is susceptible to a directory listing and remote file upload vulnerability when a trailing / or ./ is appended to the URL.
a6237e6da8ad8b78741dec936856ce7e954fdb332dab3a0e635e29a581aafeca
Version 2.05 of the Freesco thttpd server is susceptible to a cross site scripting attack.
7586f60c26ce3791038b0f784a97cbdca327bb195524fa1e6f30051b6a45b9f4
GeoHttpServer is vulnerable to an authentication bypass and a denial of service attack.
faae912330fa19a378bed24073e7eb019129f317801a1925873ee8dc480e0be3
Need for Speed Hot Pursuit 2 remote exploit that makes use of a vulnerable client that is susceptible to a buffer overflow attack by a hostile server.
41b60c7f18b4a9ed723e56c839d1b5d8fdd42fbaa041b262da167f206486b356
Need for Speed Hot Pursuit 2 has a vulnerable client that is susceptible to a buffer overflow attack by a hostile server. The buffer overflow occurs when too long of a string is sent back to the client during an information query. Electronic Arts has not bothered to even return e-mails regarding this problem.
88337ed5ab04b4df56e133195ed4bc9fac508d02013e72364ab9d389beedd45e
Native Solutions TBE Banner Engine is vulnerable to allowing an attacker to embed code to be executed by the server when text for a banner is added.
43999b685c90f211882d78c44839bf9cf8756ab84c83b7fca7f5e6504434fef9
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
dffa36ef20f7434a230e466f79f58755fb2ea3a9c673b2bd21810a595f14d06a
Cisco Security Advisory 20040124 - The default installation of Cisco voice products on the IBM platform will install the Director Agent in an unsecure state, leaving the Director services vulnerable to remote administration control and/or Denial of Service attacks. The vulnerabilities can be mitigated by configuration changes and Cisco is providing a repair script that will close the vulnerable ports and put the Director agent in secure state without requiring an upgrade.
b014c3dae8a8c72af048e37ac74be6fdee1da91c923dba8d3a96583cfee56393
Honeyd is vulnerable to remote detection via a simple probe packet. All versions up to 0.8 are susceptible.
cde958c21a34416d46b6613084575197d925bacde71a75b0abc1b5d2e44574f6
WebcamXP versions 1.06.945 is susceptible to a cross site scripting attack.
6f7ddb9ae2a81dc995c905640c0b63ca8f6977f311391f05756247ab0490786c
Secure Network Operations Advisory SRT2004-01-17-0425 - Ultr@VNC, the client/server software that allows you to remotely control a computer over any TCP/IP connection, has a faulty ShellExecute() statement that allows a local attacker to gain SYSTEM access.
f28f3ed6c815915416535420f36bf7ce30645cb63ebc9a1df339d53450bf5b4b
Security Corporation Security Advisory [SCSA-026]: A vulnerability has been discovered in DUWARE Products, which allows malicious users to become administrators. It affects approximately 15 different products in all.
0c960411e961d7e65a618c303917edb4acbe482261e21a68ece0032a7e326fb9