Savant Web Server version 3.1 remote buffer overflow exploit with French Windows support.
89050effe3dcbd193a8864b77cdcb028ed19a86e32efeeaa53483bd62f985f61
Proof of concept local exploit for typespeed.
6a6ff914f615eabfeff936e3dba4a9c79fa047ad7e78ef33797ad864bf5c9f3b
Local exploit for a2ps. Proof of concept and not setuid by default.
c0630b367b578e43ba17fda620061c3c67dd8919affa1ca08dcf6cc81e4243f2
Brute force utility for Cisco password authentication.
04878f9fcd2bba9a6a3be629e0e71407e6f2270b6bfdf8eb88077703d5592a2e
glftpd versions 1.26 to 2.00 suffer from directory traversal and information disclosure vulnerabilities.
110718097e5a28b9268a6032bf6f96515d6bdfd15d196ff2016190c1161b2bf3
Invision Power Boards 1.3.1 FINAL is susceptible to cross site scripting attacks.
b37cc241459613996ea38c595661f73a298bf77201e087fa514548c754502cd0
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
6562f374bb4320f0d58eed75a8bffb9139db8ef97bb941f041f7b91aa8cd191c
iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
0aa1e7a60e05bac9fb27fda8c52979cbbaa4e3aef6463983935d83691bd9fba9
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
e3f09a9a0399e01cdefafa2890c3035f00fe36e3496a0dcdbd5c67782f10de82
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
8cac95a3387474cd63da145291faa6517cbac1cda4d4961534a5a62f46a68ecc
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
ce6ebc5e75d69be73eaad1a544ad66ac2349127303622e8199b3a2d7b246f196
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
94986cfc9badef2e717524d1ec87e2870d2195d5abab0a4b3298b776d489cf2e
Adobe Reader is susceptible to a denial of service when the count value of a root page is set to a negative digit.
e425f612d9d694c26bdb66bdae05b00cd4ab166c5cc01a78de8ba4e9593863fb
Gentoo Linux Security Advisory GLSA 200502-24 - Midnight Commander contains several format string errors, buffer overflows and one buffer underflow leading to execution of arbitrary code. Versions below 4.6.0-r13 are affected.
b8dfa45cd13112d037062d121f1fa7b2a9ed98b0da56b0870ccf826c70d1c9c1
Nessus version 2.2.3 is a free, up-to-date, and full featured remote vulnerability scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available This is the automated *nix installer.
d78a335599794d0a8aa0f10f1acd60c107d024383f25d7b085e35f1b66861d3a
Debian Security Advisory 686-1 - Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client which is also present in gftp, a GTK+ FTP client. A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client.
2013d5592168515f5acf79dad97fbd472271cf916079902e6654592f80288f26
BibORB 1.3.2 is susceptible to SQL injection, cross site scripting, directory traversal, and arbitrary file upload vulnerabilities. Detailed exploitation provided.
6bbe10137333240ad47282adad90a3b7777a81f0dc780ee486ce04283ddce6b9
Secunia Security Advisory - Jarno has reported a vulnerability in NewsBruiser, which can be exploited by malicious people to bypass certain security restrictions.
e92c34f1367b9a091fd736112ed9d95e5a79312b1e1bbcf82953bff4856ddc4f
paFAQ Beta4 is susceptible to numerous SQL injection attacks.
e93c70d3cf090afbe29be64a3af553a2dfdc1a29c8e988f6657dd15a41a5887c
WebCalendar 0.9.45 is susceptible to SQL injection attacks.
615c93bb479d94b061ed24ec78d2b1ded739bd33bf88b25ece8f6975c2a55443
A variation of the status bar spoofing flaw in Internet Explorer has been discovered using the label for id trick.
c80295d0329225420d26b9c369016b8552f9c5bdb1bc1cf2e635891d75758745
RECON 2005 Call For Papers - RECON is a security conference taking place downtown Montreal from the 17th to 19th of June 2005. Reverse Engineering and Exploit development are the main topics of RECON; other domains of Information Security will be covered as well. The call for papers will end on April 15th.
66ffb05511c1bfd7d84e99ca008e97fab1edc7c077218de3dc0820f1e6e99bba
ASP .Net is susceptible to cross site scripting flaws.
29032900a26f70e0bb6647397526a9a550637719bdaa0abc86d78dee89e5b494
A bug has been found in the amihotornot.com.au gallery that lets a registered user modify other members' gallery photo's.
3c6410a3169baa6381f674a3619de9360df737c93d93c8b2353b06be90072b6e
Gentoo Linux Security Advisory GLSA 200502-22 - wpa_supplicant contains a buffer overflow that could lead to a Denial of Service. Versions below 0.2.7 are affected.
96cefbf89377a0a08e30577b6e46e178d47233c70049a1ed4ab7699332b3cf2d