The sarad program used at the British National Corpus is susceptible to multiple buffer overflows. No authentication is required to perform the attack and they are network based.
3b5dbe5c14fa19bf31747e7ab1ad0dfe738810272c2dbce61216a3114a9177e7
GulfTech Security Advisory - BadBlue Webserver version 2.5 is susceptible to a denial of service attack when multiple connections are made to it from a single host. Exploit provided.
9dbe4e55fe1e227f34cc5142b74962afa63e4be85ce1d38e91e344f0ef74106e
Secunia Security Advisory - Lukasz Wojtow has reported a vulnerability in MySQL, potentially allowing malicious people to compromise a vulnerable system. The problem is that the mysql_real_connect() function does not properly verify the length of IP addresses returned by a reverse DNS lookup of a hostname. This could potentially be exploited to cause a buffer overflow and execute arbitrary code.
76cd75c8de4325b740e31c9fed621c75bd46469dea33b514242004d83f456dda
It has been discovered that Zone Alarm stores its configuration files in a directory that is forcibly left accessible to EVERYONE under Windows.
5267c7003017156a72b6a7fc6baedb7920bb27746633c9b9bb21b8e935e526f2
Local exploit for xv that makes use of the BMP parsing buffer overflow. Binds a shell to port 7000.
2ffb829c50939cf17884f3b925cf0be579f3073300e145927664d13eb2732456
White paper discussing the fact that many modern networks are extremely dependant on a centralized time resource and the negative aspects of a network not having one.
5002e772d9e24ac5abaeb58ec0059d55af71c592417b69d56aac8c3ecc92433d
iDEFENSE Security Advisory 08.18.04 - Remote exploitation of a format string vulnerability in Double Precision Inc.'s, Courier-IMAP daemon allows attackers to execute arbitrary code. The vulnerability specifically exists within the auth_debug() function defined in authlib/debug.c. Versions below 3.0.7 are affected.
3d3fdc3d44a017fba3df0c79a897dd07e115362f913118d14c5efc3edda387ee
phpmywebhosting 0.3.4 has a SQL injection vulnerability where an attacker can be authenticated as an admin by just using [usr= admin"-(] and [pass="asdf].
67cc62c3244f69dcb87dc12efe4c2bf6440d68205346aeb7abb433a015e46d7d
Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools.
b7af7a2796654a86da1b95e2943d3002a2c2dece38520b396ce79f1c61b65e55
Libdisassembly is simply a python library for disassembling x86 opcodes. It has been made for Immunity's PDB Project (a vulnerability development focused debugger), and is partially based on mammon's libdisasm opcode list (http://www.eccentrix.com/members/mammon/). There is still a lot of work to do with the Metadata, but the library tries to return as much information it can get off of an opcode.
df2e29484e885c708a13b37d2a9a0b0208a7d6c07ee0177e8606dd634db7a283
qt version 3.3.2 has a heap overflow in its BMP parser.
a87464ce36d5b5cca9bf4c0ce0467eb6dfb66ef37ec4771fa65754ecf1be3997
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
e119eb9b09c13ddd945a0105f19b05983e62de0bac167264f055f93115048090
PHP-Fusion version 4.00 has a full path disclosure vulnerability and a flaw that allows an attacker to download the database backup file that can be used to gain administrative access.
fd86bda119a57bd26be037bf969a91bac23833996dd042ce8a6c44eff41ef812
Cisco Security Advisory: A device running Internetwork Operating System (IOS) and enabled for the Open Shortest Path First (OSPF) protocol is vulnerable to a Denial of Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is not enabled by default. The vulnerability is only present in Cisco IOS release trains based on 12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines, and all Cisco IOS images prior to 12.0 are not affected.
568979e1c71157314ffb20b9d5fa0db45d174f2a149e7a9a9c148d2a611e8530
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
ebe4d15fbb7e16bd088dbffdd949b7ae10f0315d5518d1822f90a62b76c6293c
PHP based exploit for YaPiG 0.x that allows for an attacker to create arbitrary files on a vulnerable server.
d84ef4efc63ad0141d177a09b8ac9eb78fe82f50b463c66537c20e53232f892a
NetBSD Security Advisory 2004-009 - A set of flaws in the ftpd source code can be used together to achieve root access within an ftp session. With root file manipulation ability, mechanisms to gain a shell are numerous, so this issue should be considered a remote root situation.
19988f37ee9bac237bfdb409657a8f72e0dc9b3791fb9c48b914cfac30ce0bdd
Debian Security Advisory DSA 540-1 - A The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
4a26956ef58acb72359831f331a9afbf8b463266470faa893647557c3c3722d6
Gentoo Linux Security Advisory GLSA 200408-18 - xine-lib contains a bug where it is possible to overflow the vcd:// input source identifier management buffer through carefully crafted playlists. Versions 1_rc5-r2 and below are affected.
f3e2d4f842afd2f19f3f102effaa01516c7ee2b3965a03ca27c52d6cf6af38ad
Merak Webmail server version 5.2.7 has cross site scripting, full path disclosure, exposure of PHP files, and SQL injection vulnerabilities.
089caf859e10b39bd0ac02efa7546f2409a15eceb1de9ca5a88018b1f271135d
Gentoo Linux Security Advisory GLSA 200408-16 - glibc contains an information leak vulnerability allowing the debugging of SUID binaries. Versions 2.3.2 and below are affected.
6d3a5de31a54a4551b867471c5569c8bb8f3f2783a41ac572e82eca0028bf877
GreyMagic Security Advisory GM#009-OP - Opera versions 7.53 and below on Windows, Linux and Macintosh have a flaw that allows an attacker the ability to figure out whether or not a file or directory exists.
c1016c549082c639a7eb373daec02795b9f4f03545ad69076289d49c20930b4e
Dump2code is an ELF file section reader that allows you to dump any executable section, such as .interp, .dtors, .text, etc, from binary code to hex code.
39362ddad8bd8846dd8817b5c82a7118967f16a748a9bb579152867c976eb7bf
Secunia Security Advisory - Christoph Jeschke has reported a vulnerability in PForum, allowing malicious users to conduct script insertion attacks. Input passed to the IRC Server and AIM ID fields is not sanitised before being stored in the user profile. This can be exploited to execute arbitrary script code in a user's browser session in context of an affected website when a malicious profile is viewed. The vulnerability has been reported in versions prior to 1.26.
fd6e0e12c53992fcba1cd35801d8925ccfa22288fadc046780bbd1b9fd138dc0
Pads version 1.1 is susceptible to a stack overflow. This tool is not setuid by default so the risk is minimal. Version 1.1.1 fixes this.
8eb01b9fa435907293c656e16bd644ed33b266d2e35011469b5609b3d83acfab