Proof of concept exploit for the Windows ANI File Parsing vulnerability along with a complete detailed paper describing the process of creating it.
ffba59f6dfec03389c5e1d961d4a05a3a53fc3cbbf541367bf3885c7b77566d2
SGallery version 1.01 suffers from path disclosure, file inclusion, and SQL injection bugs.
63e83634fdc1f28b76fb5d6c48aae1837f5ddd74bbe1b90923816331b5dbc867
Secunia Security Advisory - Dylan Griffiths has reported a vulnerability in AirPort Express and Airport Extreme, which can be exploited by malicious people to cause a DoS (Denial of Service).
30cf37a245e6f8e9475f7bf3a7140465dd2d32814c35484edecdda99b2639e4b
Secunia Security Advisory - Michael Holzt has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files.
a4eb691d6fec927b376663260a7a45b16696f5132ddd699da0f404739fd0bcf5
A flaw in AOL Instant Messenger allows for old passwords to be used.
fe826e1884b71b57eedb7c5322fd834598aab600b7b6e2a666b8e5969ba0d44c
Secunia Security Advisory - bratax has reported a vulnerability in Dokeos, which can be exploited by malicious people to conduct script insertion attacks. Various input passed when creating a new course is not properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious course is viewed.
2aee353a7c5693427aa5c09150e4729ee20431276336b0f81c352e15e8791f62
Secunia Security Advisory - A vulnerability has been reported in Netscape Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
145bcad41c52e3b9faf9d5b381b8e6fa7720fe457d0170c3a022e82ede3649c8
Arkeia versions 4.2.x, 5.2.x, and 5.3.x all have blank default root passwords and various other flaws.
7d5be354b29fc5701ad583c134c26444425e523e05d233ff9ea5ff438ba0f3f2
This patch is for john the ripper and adds the ability to crack MS Cached Credential hashes. To be used in conjunction with the Cachedump tool. This version uses a slower but portable md4 implementation.
7fdd732996b4e3a473102028ee1d49679de02550673f88528c5a3c22ba52bd53
Debian Security Advisory 636-1 - Several insecure uses of temporary files have been discovered in support scripts in the libc6 package which provides the c library for a GNU/Linux system. Trustix developers found that the catchsegv script uses temporary files insecurely. Openwall developers discovered insecure temporary files in the glibcbug script. These scripts are vulnerable to a symlink attack.
ecf96ce0bebe95a4b7e9b26f4e8bebb7a28ac97d160e4fe84306169da911cc67
InternetExploiter 3, .ANI-file Animation header length stack based buffer overflow exploit for Internet Explorer. Uses Cascading Style Sheets to load a malicious animated cursor. Runs a bindshell on port 28876.
2c241ffbbd01971af65ed38f537c9d5cc267d13e058013c5e7fd39635abbc94c
Secunia Security Advisory - Peter Samuelson has reported a vulnerability in BMV, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
21b0080890768d740229a471edbb8f913eb6c0c82ec75c33c9df60e2f720eba5
Secunia Security Advisory - A vulnerability has been reported in Hitachi Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
94c6c46c84251612cccef4ffb078c32cb72cdc0e1f819c35c3d9ddd01785032e
expand_stack SMP race proof of concept exploit that makes use of a locally exploitable flaw in the Linux page fault handler code.
d3d25f66960b33f304bf4382ad16d8f3fcd86d9c63cf0fd47c4257c388fa98d0
A locally exploitable flaw has been found in the Linux page fault handler code that allows users to gain root privileges if running on multiprocessor machine.
214351de609f4dc4b72e3eef348a9ef9870d7de16823db0bf41a51b7d21295e6
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in Winamp. The vulnerability is reportedly caused due to an error in in_cdda.dll and can be exploited to cause a buffer overflow.
1d14b389a02ff35eea41f5f2dd24c642f0e3d7bf600bae6a7b6f7c4d093b623c
Secunia Security Advisory - A vulnerability and a weakness have been reported in Mailman, which can be exploited by malicious people to conduct cross-site scripting attacks and potentially brute force a user's password.
ba809c0ebcda8850f9e18c5bc0dcaef2b2f99a184ce62d3d88f6d68bf2d45925
Secunia Security Advisory - MaDj0kEr has reported some vulnerabilities in Amphor@ GATE, which potentially can be exploited by malicious users to bypass certain security restrictions.
98c01150519d693992e5b4c60d914a041857063e2b590aec1927c4611ba9a94b
Secunia Security Advisory - SmOk3 has reported a vulnerability in Guestserver, which can be exploited by malicious people to conduct script insertion attacks.
1c54fa654892b6a1c1c0ffdf98422c10990d2db86b3a6f5c3180adb1a3863f19
Gentoo Linux Security Advisory GLSA 200412-25-2 - CUPS was vulnerable to multiple vulnerabilities and as a fix, Gentoo recommended upgrading to version 1.1.23_rc1. This version is affected by a remote Denial Of Service, so they now recommend upgrading to the final 1.1.23 release which does not have any known vulnerability.
69bb4c804fbbd34b625e230a3d262643a03f5dbcc8538e2443d14887dadf9fdd
TFTPD32 is susceptible to a remote denial of service attack.
08d63438b5eeee5c70a2de34a5848af21d0b764e94caf2d59984c64995ca09c9