All Full-Disclosure subscriber accounts were compromised using a previously unpublished flaw in Mailman 2.1.5 on January 2nd, 2005.
1371e58c1a308d16f412036e25cbf4ae34c4b163b4e6554ca896c2c8f4ec7a5c
Debian Security Advisory 672-1 - It was discovered that programs linked against xview are vulnerable to a number of buffer overflows in the XView library. When the overflow is triggered in a program which is installed setuid root a malicious user could perhaps execute arbitrary code as privileged user.
23fa8e65cac87fce460d8afae4b2bf4c2ace7863510f0893158f13ea3b8699f4
DelphiTurk FTP version 1.0 local exploit.
7b2edbd886fa5926e7ff8db32dec2e47e15c9862d007aebfe62c1807f75cc664
Secunia Security Advisory - Some vulnerabilities have been reported in Emdros, which potentially can be exploited by malicious users to cause a DoS (Denial of Service).
90fd86f33243a4bf13776e4d2f8339d38cbf6708f6777e9469eb6dd9adb2b285
Secunia Security Advisory - ISS X-Force has reported a vulnerability in multiple Symantec products, which can be exploited by malicious people to compromise a vulnerable system. Due to ISS being very childish and not allowing anyone to reprint their advisories (along with threatening legal action), this advisory is posted in place.
bcc2a95361d7a70f0cc3b64e8810e2295db137909b8f8b1e1a8faa7eabf4cf3f
Mercury Board versions 1.1.1 and below suffer from SQL injection vulnerabilities. Detailed exploitation provided.
23ea46dff8eca495cf9d1561a86e7c38983ac523a335371c8657203321701552
Technical Cyber Security Alert TA05-039A - Microsoft has released a Security Bulletin Summary for February, 2005. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Exploitation of some vulnerabilities can result in the remote execution of arbitrary code by a remote attacker.
87596d60cd4f0692f2b358658434d04066f06a1ed7c55009039306b836649efb
Secunia Security Advisory - Secunia Research has discovered a weakness in Sun Java Plugin, allowing malicious web sites to write arbitrary content to a file with a predictable name. The weakness has been confirmed in version 1.5.0 (build 1.5.0_01-b08). Other versions may also be affected.
8ac5907e09fa5b9dd46bb903505f7837bf71e510eb6eeaa7181394353c2b6742
Secunia Security Advisory - Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's system.
cfc371aa9d3af8a86ee818ecd87241070754f1ac30bdf18b02a49898ce765c57
iDEFENSE Security Advisory 02.08.05 - Local exploitation of a format string vulnerability in the auditselect command included by default in multiple versions of IBM Corp.'s AIX operating system could allow for arbitrary code execution as the root user.
ae86384708e57f3a554282ca553ecff43d6fc5e0a7f0c40f6314cddd0666d553
Secunia Security Advisory - A vulnerability has been reported in Windows SharePoint Services and SharePoint Team Services, which can be exploited by malicious people to conduct cross-site scripting attacks.
9701a37ef7a5b0de71cfa3caf7632c0af29bdc3876828f876cf84c427af038d6
Secunia Security Advisory - Kostya Kortchinsky has reported a vulnerability in some versions of Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
ff806e8f109426fb7b31241bd93b0e180322f761f77d004963312216c806d6ba
Finjan has discovered a new vulnerability in Microsoft Word XP that would allow a hacker to launch a buffer overflow attack. This attack could occur when a user opened a Word document using Internet Explorer.
88ddeadbe4476a6f5b1f5544ec3482bcd443d604087437ea5acb0aaa974b10e9
Secunia Security Advisory - Jean-Baptiste Marchand has reported a weakness in Microsoft Windows XP, which can be exploited by malicious people to gain knowledge of certain system information.
ecd401ba66f42fa283b815f8e95648826f828dd795fe9cc6c18d92bbefd5563f
Secunia Security Advisory - Anna Hollingzworth has reported a vulnerability in Microsoft Windows, which potentially can be exploited by malicious people to compromise a vulnerable system.
0b0857cce465af68b41499c01e4f82b5df10fdd22f63eeb3d4deecba2b211618
eEye Security Advisory - eEye Digital Security has discovered a vulnerability in Windows SMB client's handling of SMB responses. An attacker who can cause an affected system to connect to the SMB service on a malicious host may exploit this vulnerability in order to execute code on the victim's machine.
fb5cde16136522ffabad3105abe6c68b80f0e9d341455fd15d9d4f83ad98b828
Core Security Technologies Advisory ID: CORE-2004-0819 - A vulnerability found in the parsing of PNG images could allow an attacker to execute arbitrary code in the chat partner's machine and gain access to the system with the privileges of the user running the MSN Messenger client program.
250f272fbc92a965e425c8cd048b613553ff4b6c3eb39c848ca79f39aace37fe
Secunia Security Advisory - Two vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system.
3f10a7ca25fe842fa8dd64d585a4b92afaab8ccfd414e5ece0341f8f2179f234
Proof of concept exploit that makes use of a directory traversal flaw with RGP files in RealArcade versions 1.2.0.994 and below.
962ad2be6158967b0cb8e38e82dbb988f520bbb6b77e04e566e6b1c37b2e9b1c
Proof of concept exploit that makes use of an integer overflow in RealArcade versions 1.2.0.994 and below.
4ce4c8c83fbaba2229272915e034271f2135a47a08c5f10282f6f0d6cba9fadf
RealArcade versions 1.2.0.994 and below suffer from an integer overflow and arbitrary file deletion flaws in RGS files.
b18e8cf01a4d38a5144e8df66bacc908773a89c4b67410bfa9a4fa2ec9a6de46
Secunia Security Advisory - A vulnerability has been reported in Frox, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error when parsing Deny ACLs. This can be exploited to bypass some Deny ACLs and gain access to/from systems, which should be blocked. The vulnerability affects versions 0.7.16 and 0.7.17.
fd41e147ecb81733075c6d923603a4410ceb828c7432e2e65b253f6034e2ede6
Secunia Security Advisory - Albania Security Clan has reported a vulnerability in xGB, which can be exploited by malicious people to bypass the user authentication and gain administrative access.
b9825e945fdda11ebcd8621510479206c7ce10c1d7c229e8ca4bf6843c195ea1
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
4ab4044b2c8a44466409f668919156b4d8429e0449c6c482ea2063730d727293
SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
fd1710c9ac8bb6f2afc8701e8f4fea9c92f589266c690791b9b5ebd8ee580fcd