RapidCache versions 2.2.6 and below suffer from denial of service and directory traversal bugs.
9e8235a36daf36f0ef225186bf427d9237e751f7245e744d783a418c71e1d0f5
WWW File Share Pro versions 2.42 and below allow for files outside of the webroot to be overwritten due to invalid input validation, a denial of service attack when POSTs are made with large amounts of bytes, and directory authorization bypass.
4c071c11277f22ac564d41f1c75b17b4836ee660374acfd340f21bd50065149a
PhpDig version 1.6.x allows for remote command execution in its config.php script. Anybody can inject a url in the relative_script_path variable and obtain command execution with web server privileges.
b24e855c02a2ea8f3937595116627162c9ebfb2051a870e2bd9c0282161bf0f6
KDE Security Advisory: All versions of kdepim, as distributed with KDE versions 3.1.0 through 3.1.4 inclusive, have a buffer overflow in the file information reader of VCF files.
4bc3105bfc840db454199fc6055e58f5d0bb7a20944a902bb13c82ac0a4a15a3
nCipher Security Advisory No. 8 - Versions 1.3.12, 1.5.18, and 1.6.18 of the payShield SPP library may return Status_OK regardless of what the real reply status should be.
5c8eacd2a6a36cd561e7674a8b96098272d42a7be2267074d5251cc298560d9b
CERT Advisory CA-2004-01 - A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocol H.323. Voice over Internet Protocol (VoIP) and video conferencing equipment and software can use these protocols to communicate over a variety of computer networks. Exploitation of these vulnerabilities may result in the execution of arbitrary code or cause a denial of service, which in some cases may require a system reboot.
0cb8f99ad246f6fa9ef0d349c392489042110ed97fa233c5e150ecff6cf4d6e1
FishCart versions 3.0 and below suffer from an integer overflow when using PHP2 and receiving an order of a billion or more. Patch available here.
2946a8743904f2413e9d0cb500b30f4a0b3084aa946a8a95dc72993514a01cc6
racoon, KAME's IKE daemon, contains multiple flaws which allow for the unauthorized deletion of IPsec and ISAKMP SAs.
cbe0353e2d61b2cc2f27aba78a849a48ebb7737a512565da9ec47b3e188ecf13
Local exploit that makes use of a symlink vulnerability in YaST when using SuSEconfig.gnome-filesystem.
b52db200e1ea04d1dd8b34e13eb95b40a438eeed156071a65829e4a699a709a6
Local exploit that makes use of a symlink vulnerability that lies in Antivir for Linux version 2.0.9-9.
16c3a212203098718f24a83489734c130a494f00fe79ca71a4e1ce777906a39d
Cisco Security Advisory 20040113 - Multiple Cisco products contain vulnerabilities in the processing of H.323 messages, which are typically used in Voice over Internet Protocol (VoIP) or multimedia applications. All Cisco products running IOS software, Cisco CallManager versions 3.0 through 3.3, Cisco Conference Connection (CCC), Cisco Internet Service Node (ISN), Cisco BTS 10200 Softswitch, Cisco 7905 IP Phone H.323 Software Version 1.00, and Cisco ATA 18x series products running H.323/SIP loads with versions earlier than 2.16.1 are all susceptible to attack.
c1cdc150d25e07af67e4c08b6ff2b6c9c80d58d41b90e583c3fce4af8498da16
Remote exploit for Windows FTP server version 1.6. Data for original vulnerability discovery made by Peter Winter-Smith here.
0aec0aed6891ae2629f8a646add69806a9b1a216e29c1bda7b123ef126e05408
phpGedView version 2.65 beta 5 is susceptible to SQL injection attacks, path disclosure issues, cross site scripting, and denial of service attacks.
094b03352c5b18b33d01d1e8130f34dc9ebd3a1a84468e7051f67ce4e422685f
Secure Network Operations Advisory SRT2004-01-09-1022 - Symantec LiveUpdate versions 1.70.x through 1.90.x has a vulnerability that allows local users to become SYSTEM. Products affected include Norton SystemWorks 2001-2004, Norton AntiVirus (and Pro) 2001-2004, Norton Internet Security (and Pro) 2001-2004, and Symantec AntiVirus for Handhelds v3.0.
4c775c66c82287be41345fd9ecb5d5bd94271ba0bb0a8ddc47b1cecff85dbac8
DameWare Mini Remote Control versions 3.73 and below remote exploit. Tested against Windows 2000 with versions 3.68 and 3.72.
ef92006dbb8f3036693f95127cba9c8d48aec7349cfcdc2d8a0a95478c76a758
The ezContents utility allows for arbitrary code execution on the server due to a lack of input validation.
36c30b0d861ec350e51582820117757d408e10079516d49c48514b47eb2d06fe
The PHP class _Manpage Lookup_ is vulnerable to a directory traversal bug due to a lack of input validation.
7755ca5dd6ea60fc0ee416787fc1da2b9826689ee6413b1dbc16b268fd7834a9
Accipiter Direct Server is susceptible to a directory traversal attack that allows retrieval of files outside of the webroot.
43fc021bddaaffb99f5f44fffa19c7dfe5be41363b597d9275e245ad021bdf0d
GetRAW for Windows will query any web server on any given port for banner, date, server, content modification, ETag, Accept-Range, Content Length, current connection and content. Uses the perl IO::Socket::INET module. Includes source and win32 executable.
29f9bacbdaff083ccbdc127a8d60a43e3ebad6bdaf4ebe804790be5799faa592
The Windows FTP Server is a small free third party ftp server which contains a format string vulnerability in v1.6.1 and below.
2039204c5b39559e9e823c8993dc86c4a3cc6f900672113b8b81cad3cfec257c
The webserver in FreeProxy v3.6.1 contains directory traversal and denial of service vulnerabilities.
700a78e4033e8e8df008a7d4bab8eefa338548196ba4190ce23b5ac6517e2f52
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
ae526f6650d9c0196964d717e60afd17c16aa9578ea1efe526350d8ed132e695
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
b575a8e739d48ad27b6b4dc9343c808e52914c5a74122670e3a75df2390e9386
void11 is a 802.11(b) wireless network penetration utility. It implements basic attacks like de-authentication flooding (network dos) and authentication flooding (access point dos). void11 automatically searches and attacks target networks, stations or access points configurable by simple match-list expressions. It is possible to deny all 802.11(b) wireless service in a range, because of it's "roaming" capability. void11 has been built on top of the Linux hostap daemon and provides a simple command-line interface and a clicky-bunty gtk+-2 interface.
08d588ce0731d0c0e55a1cac35acf019e1b735d0f75f16962adfeb4fefd69441
KpyM telnet server versions 1.05 and below for Microsoft Windows NT/2000/XP fail to properly clean up when disconnecting users, allowing for a remote attacker to commit a denial of service attack.
19e35a6c61741ea60049be9453fbe6a7585f49c0838bab33bf7140182a1fa39e