Pinnacle ShowCenter 1.51 is susceptible to a denial of service attack when sent a GET request that points to a non-existent skin.
6a080d6eece24294fe3cc7308971c400eef6bd1eda302eb234157353029917b3
getmail versions 3.2.5 and version 4 releases prior to 4.2.0 suffer from a symbolic link vulnerability that allows for privilege escalation.
1ede5e8f95847bac68ac6e0bcf37788047f31e767417bebac5e0d47ac997e9d2
Remote denial of service exploit for Lords of the Realm III versions 1.01 and below that will crash the server.
aafd15c0fa22fa3995ac2f2f79ca9462b0147632305366fc1435344c6da002bc
Lords of the Realm III versions 1.01 and below suffer from a denial of service attack when an overly long string is supplied as the user's nickname.
be5e72d76f5affa99a38903610f3e2010c8305664ad5ec80ae808d6916a9e220
Secunia Security Advisory - GulfTech Security has discovered two vulnerabilities in YaBB, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
21c35aaf5e83952cbbf93d64407b511e627fd7eba72729464a1401d3d43f0f2e
Postnuke 0.750 Phoenix is susceptible to multiple full path disclosure flaws.
5de940cb2eb4befc2477653c74b806a79648a9acdc55290c066c338d344ba3f0
Sun Security Advisory - A buffer overflow vulnerability exists in the Netscape Network Security Services (NSS) library suite that is a security component used by most of the Sun Java Enterprise System (JES) components such as Web Server, App Server and Portal Server. This vulnerability may allow a remote unprivileged user to execute arbitrary code on vulnerable systems during SSLv2 connection negotiation.
a9f963b9c6343d5bbca49c391be294459d91ead6eb5f1780f867ac46130e35cc
Secunia Security Advisory - Multiple vulnerabilities have been reported in xine-lib, which can be exploited by malicious people to compromise a user's system.
75b98f70d4269127ed3bf1766ee6a39c21723a449ef498d1fc7e8951c8c66f33
Four default username/password pairs are present in the Sybase database backend used by ON Command CCM 5.x servers. One of the username/password pairs is publicly available in a knowledgebase article at ON Technology's web site. The database accounts can be used to read and modify all data in the CCM database.
dfc05a01176771202a8e0449359f5636358366e9a762b44fdb67cb186174f15a
Gentoo Linux Security Advisory GLSA 200409-24 - The foomatic-rip filter in foomatic-filters contains a vulnerability which may allow arbitrary command execution on the print server. Packages below and equal to 3.0.1 are susceptible.
55040b913532cf5112f4f0af8c33c868135f54a11521c320ab6406dc899a6184
Mambo versions 4.5 and below are susceptible to cross site scripting and remote command execution flaws.
f1adb6277c56b90345f1a0481e0f3f0ec78fce087033de3e0c2aa3b0ec129889
TUTOS 1.1 is susceptible to SQL injection and cross site scripting attacks.
f129e4fcfb3dcf070e7d8891ee5347a3f9ad30e61a026d6d217fe73f40a01787
Visual proof that God has possibly deliberately pushed the recent hurricanes in Florida through territories that voted for Bush.
fa58e9baf908c99700dfb53f74995250ef83df4a37919409d8c4594b5bee6c8d
Secunia Security Advisory - Multiple unspecified vulnerabilities have been reported in FreeRADIUS, which can be exploited by malicious people to cause a DoS (Denial of Service).
e72f4359f49f5a8ba1bc026952276e8d406f2f44f6f0b75e4fa12b5282a3a176
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
75ab919e6b0624a04b8db5c5ee1895e8db0cccbc43c794d7aa2b2476a1094b4d
Fakebust is a simple, open-source, user-friendly, intuitive and very rapid malicious code analyzer that can partly replace and in certain aspects outperform an expensive, strictly controlled sandbox setup.
819c715400d0031c57cdcd4ca690905959ddce6857b8c4b80a6dfe213f3e387f
SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
48285b5e0edae31b820b995a90abdf17758a4946dac7060fdb8d9c3e4a2679aa
The dupescan binary from glFTPd versions 2.00RC3 and below suffers from a stack overflow that can be exploited locally. Full exploit included.
160289b0841eaee7d277dbda03e49e1139d4b00c48d005bd5958349f4609a988
The Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This exposes the platform to a remote root problem discovered by scut of TESO back in 2001.
b774351baca900b321dda13082fb9c199c217207f04f1f3942bfc7692e1b6978
tcpreplay is a BSD-style licensed tool to replay saved tcpdump files at arbitrary speeds. It provides a variety of features for replaying traffic for both passive sniffer devices as well as inline devices such as routers, firewalls, and the new class of inline IDS's. Many NIDSs fare poorly when looking for attacks on heavily-loaded networks. tcpreplay allows you to recreate real network traffic from a real network for use in testing.
050dd6a8f0eaa2ee9f14437a20270c67a742c313435bda82190fcd7bde932931
Local exploit for sudo version 1.6.8p1 that makes use of a flaw in sudoedit.
ab1bfd7ddab1b1c6b89d7c8e3bdb7bc786b3bad054180fc0cc417bc68c3ca04f
MySQLguest from AllWebscripts is vulnerable to an HTML injection flaw that is exposed via the entry submitting form due to a lack of proper sanitization.
adff55a9298359f4f057edc112d12bbf74c373c97e76c2d43184798b9bc21eec
GulfTech Security Research - DNS4Me version 3.0.0.4 is susceptible to cross site scripting and denial of service vulnerabilities.
4d1fd96ce8b157a8c343db0d58f22a30793e5d9cc04af8a7764712643086bfd5
Mambo versions 4.5.1 and below are susceptible to a SQL injection vulnerability.
4d025889e22337402a892e1c2a8fc928680f8c29a942f1164367af073911141a
Airscanner Mobile Security Advisory - Airscanner Corp. has been able to reverse engineer and post a fix for the CE.Dust virus.
dfc04361209fb2f42302f257250840672dab84f49ad9f7075e8b4132dc448d24