Jelsoft vBulletin 3.0.0 RC4 and other releases and susceptible to cross site scripting attacks.
9ba7da743e628349c8ee4a1a744b90aa09ff076bcd1c22b86689eb34a1126b4e
Local exploit for the Crafty game versions 19.3 and below that makes use of a buffer overflow vulnerability. Tested on Red Hat 9.0 and Slackware 8.0.
82dbacb90891acc5cb1caec18b225e003314199535445fa71cd2de41626faf7d
A vulnerability exists in the Crafty game versions 19.3 and below that allows a local user to escalate privileges via a buffer overflow.
d713ebffde11218f34d8b01dc14e79a08b13899fd42c6dc9b3f2f306677c6691
Cross site scripting vulnerabilities exists in Phorum versions 5.0.3 Beta and below.
5b4e2faeef8fc7c76847ad3ef1332b7b89e7e904e4fcb3dad65ce3a6d8adb457
Both cross site scripting and SQL injection vulnerabilities exist in the 4nGuestbook version 0.92 module for PHP-Nuke versions 6.5 through 6.9.
f732ec2b913b6d095bd8180dac6ad638b87e3c15c8c333cfdacde98395e7fb6d
The 4nalbum module for PHP-Nuke versions 6.5 to 7.0 suffers from path disclosure, cross site scripting, remote file inclusion, and SQL injection vulnerabilities.
b72910a8ea7f3795a3370ca420ebdd0d9f784cdcd93d78ee2fde747165559de9
PHP-Nuke 7.1.0 is susceptibel to multiple cross site scripting attacks.
bf21be75eb9e862841810c4026922d4b2d10f41775f4e6120c0f1755aee6e9a2
Multiple vendors suffer from a denial of service vulnerability in their SOAP servers. Products affected: Macromedia ColdFusion/MX 6.0 and 6.1, ColdFusion/MX 6.0 and 6.1 J2EE, all editions of Macromedia JRun 4.0, and Sun Java System Application Server 7 Update 2 Upgrade and prior releases.
edfd88863f29ed6adcb5fa19d6baa42407918c5ba0a3e4f0296be2a21ea83fbd
Macromedia Security Bulletin MPSB04-03 - Macintosh versions of the Macromedia installers and e-licensing client install a service whose file permissions allow other users to write to the file. This may allow one local user to obtain the permissions of another local user, resulting in privilege escalation.
06569fc73f56b134f1c6ccc379a1250b834fd97e8c4fbcb362ffbf3611186893
Novell has identified an issue with the default configuration of GroupWise 6 and 6.5 WebAccess that could allow unauthorized access to the WebAccess server. This issue affects only systems running GroupWise 6 or 6.5 WebAccess on NetWare using the Apache 1.3x web server and where Apache is loaded using the GWAPACHE.CONF file.
3af321a0b71da464f106be0cbfd62b884c6d174fcc11563a1739cc9ed3673c13
Oracle Security Alert 66 - Security vulnerabilities have been discovered in Oracle Application Server Web Cache 10g (9.0.4.0.0) and Oracle9i Application Server Web Cache.
2265276da46e246bf16627f4b8bd512ba4c18a873a847af0740783b7284199f8
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
13c2dfdd859d8d5178d0d1ad9dcc054cee17dac78a9d3eafda495df62b259f65
Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.
a6939f44565f5b1c0b8a867e6690d784222af761336425e7e8d7c2b506415bf4
VocalTec Gateway version 8 has multiple vulnerabilities. Using an information disclosure vulnerability existant in this server, an attacker can then traverse directories when treating the file as a directory, and gain access to any file normally protected.
d2d7e12389fdeb8f5acccd3265801cd775e76256b88501a5b4d43b3d6ea8a296
WS_FTP Pro versions 8.02 and below suffer from a buffer overrun when ASCII mode directory data is passed to the client from the server. If the data exceeds 260 bytes without a terminating CR/LF, the application will crash. Arbitrary code execution is possible.
053fdbe09d3248b0bcb77193ec1300cfa9c274c9284e37fa1da31338c10879d8
Immunity Security Advisory - The Compaq Web Management system (HP HTTP) has a bug in its validation system that allows an anonymous user to upload trusted certificates.
abd992377e84fc44d38444954b8896715b7619fe2c505a46a3639e73084980f2
Immunity Security Advisory - Remotely exploitable stack overflows exist in Computer Associates Unicenter TNG Utilities awservices.exe. Successful exploitation elevates an attacker to SYSTEM privileges. All known versions of Unicenter TNG 2.4 are affected.
1625a608ed26cffca06238ca193f1bde9f9b610f98606c2b6088043899bef4c8
Remote exploit for MDaemon Mail Server versions 6.52 to 6.85 that makes use of a buffer overflow in its raw message handler. This exploit has only been tested on Windows XP Home and Pro Edition (Dutch) SP1.
f2ad6f0382c6310f3658254e54ad15974683f2ce8e29ff239c7888bb1e7b02fd
Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It is useful for pinpointing which process is using each network socket. FAQ available here.
c23ef6493b89ac1e98a180640c4541f79189ca5c60c354f9a7c0ce4584e1b47a
phpBB versions 2.0.6 and below suffer from a SQL injection vulnerability in the search.php file. Workaround included.
44c9e7e77f8b0035b663e5007df768b98d174db76143681916d252a11e5bef0a
YaBB 1 Gold and YaBB SE 1.5.1 Final are both susceptible cross site scripting attacks.
a7f9088dbb62d0ccaacc4cb36fbe64c2510ec07a174ee7239c8ac9e9139f9d0a
Opera version 7.23 on Linux and Windows is susceptible to a denial of service attack.
f1b8be232303b141d1bda5a5d7fdd2031d5d44123151705e76ac664178c83549
phpBB versions 2.0.6d and below suffer from cross site scripting vulnerabilities.
0f69c90c7244bc04e1403480f08e24c47a0ed84ae9e2d13eb580f312f385f800
NetMRG is a database-driven network monitoring and graphing tool for use on Linux systems. It offers an intuitive web-based configuration, customized monitoring capabilities for unusual situations, a fast multi-threaded polling application, and brilliant graphs rendered by RRDTOOL.
fdba0efe571d4bba7106954850a6c8ea4b787974a0ee66719ecf49f3937d9073
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
913be04024b19d6c629e70b277350275d61d85481ff36af6ec37cf13454a998b