Secunia Security Advisory - A vulnerability has been reported in Xerox Document Centre, which can be exploited by malicious people to cause a DoS (Denial of Service).
a3758ab02b851256080c099a942573a6b3b3445416d0551a102b2a89395d4f9b
Secunia Security Advisory - Nico Steinhardt has reported a vulnerability in Ipswitch Collaboration Suite, which can be exploited by malicious users to compromise a vulnerable system.
621169b25bfe9f53b16d0869e2f04e924feb28c3647847ae0c19d2c084e47d6b
Secunia Security Advisory - A vulnerability has been reported in Xerox Document Centre, which can be exploited by malicious people to bypass certain security restrictions.
48fac8728f5e730145d1b3918fe487ed69a23c4c6af236cbcb31571915bcc2c0
PaX double-mirrored VMA munmap local root exploit. This exploit has only been tested on Debian 3.0 running Linux 2.4.29 patched with grsecurity-2.1.1-2.4.29-200501231159.
60c1ceed2d16f7931996d9a19b03526bcb19cf2759c368e25b75293b7ef9f6f5
Secunia Security Advisory - Sowhat has reported two vulnerabilities and a weakness in Active Webcam, which can be exploited by malicious people to cause a DoS (Denial of Service) and detect the presence of local files.
d4555263f2f0ba1ba7d9f6b9a118f0343c66cb58b9d1046601a8a8cc620f15d4
Multiple denial of service flaws have been discovered in PY Software's Active Webcam webserver version 5.5.
26151850928cc836c6124073c2ae43a20e7622af212d9438d9c3507060f714fc
Secunia Security Advisory - A vulnerability has been reported in SafeHTML, which potentially can be exploited by malicious people to bypass certain security restrictions.
d01032d055bca1e95022e3564d7976493da73307489004f4bf7dca7e181f8e06
Secunia Security Advisory - Joseph VanAndel has reported a vulnerability in grip, which potentially can be exploited by malicious people to compromise a user's system.
fb4a13ee916084a18d0a27929fe39db699af061cb00757b69da2801c3fb92a7a
Secunia Security Advisory - Fidel Costa has reported a vulnerability in WEBInsta Mailing list manager, which can be exploited by malicious people to compromise a vulnerable system.
c388690dea87a5c0635cd153c973a326d5e21b2a7e30ecd4464e867ea1cc4a2d
Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Xpand Rally, which can be exploited by malicious people to compromise a vulnerable system.
c6c9164047e88f947b2bd8ab81ce4d95389bf8d4b5473836ddda622ae5ff3274
Astalavista security newsletter number 14 - This issue has security news, various recommendations, site of the month, and more.
aafa54abb010678dcdb6c9e9a786f8d8a4d6d5129740be2dfe9e753d4b3d9b63
OpenBSD 2.0 through 3.6 remote denial of service exploit that makes use of a timestamp flaw that causes the system to crash.
6653cb777111a43670a8d6b390377005deca3c99d3b0d6229b1feb884a315415
It appears that some antivirus vendors allow zip archives with invalid CRC checksums to pass as clean.
30230d15bf57169610a6c6eada332fd47468d80fe59fc45bb0c3406153eba193
P/L SQL port scanner is a TCP CONNECT port scanner in P/L SQL code. In order to run these procedures you must have access to the UTL_TCP package. By default the DBSNMP user has access to this package. The tool can be useful during penetration testing if you want to gain more knowledge about the networks residing behind the actual database. Also, if you can access an Oracle database only through SQL injection or sqlplus you now have a simple functioning port scanner within the database system.
7387314cb69cb8ee5755023c86869b1e9a8277c97d833d14087cc67d0e3ca5e2
HP Security Bulletin - There is a potential security vulnerability on HP Tru64 UNIX systems message queue where a local unpriviledged user may cause a local Denial of Service (DoS). The vulnerability may impact processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
5bae27d97cbf9a4893609d37ce966a25e3b600ce29aa9ca0a874cd9eb17b4e00
Secunia Security Advisory - Adrian Pastor has reported a security issue in various Avaya products, which can be exploited by malicious, local users to gain knowledge of sensitive information.
78e304c9ac3107384e34b87deed4d4a5a384ab1ed1949f06ee1fc7d15fbd2cbb
Secunia Security Advisory - Leon Juranic has reported a vulnerability in Ethereal, which potentially can be exploited by malicious people to compromise a vulnerable system.
16f365ecbd66d83b874b7e44a69900e18795d671bd5800785beefdbb34a99ddf
Secunia Security Advisory - A weakness has been reported in Novell iChain, which can be exploited by malicious people to gain knowledge of certain system information.
689fc6e1e9a9d436264a2607e28908fe917cee7a7c9053530d44af9183ec72ba
Secunia Security Advisory - Francisco Amato has reported a vulnerability in iChain, which can be exploited by malicious people to bypass the user authentication.
4f70ec57dbed79ed5c9a248fc957fd04f397fee30d1413a7f0f842824eb7f5a2
Secunia Security Advisory - Atom Smasher has reported a security issue in UTStarcom iAN-02EX, which can be exploited by malicious people to bypass certain security restrictions.
4ceede2f068e94517de76c35fcc720c93623528342dcd3b91cad288d49ebc6f6
Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server 2003, which can be exploited by malicious users to cause a DoS (Denial of Service).
bfddbbfa0fcbaed7e054860595ce030c530aa5b1d3fa762d57bb0d8c2f75d9d9
Ubuntu Security Notice USN-94-1 - Paul Szabo discovered another vulnerability in the rmtree() function in File::Path.pm. While a process running as root (or another user) was busy deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write permissions in any subdirectory of that tree.
b72a8c28043c269ff04c54ca3e7114d29187c658a73a7a780df46d36a3481d93
Secunia Security Advisory - Altrus Wollesen has reported a vulnerability in Participate Enterprise, which can be exploited by malicious users to cause a DoS (Denial of Service).
0c4689d9beaede6839ecff296131fa24b18104fdd63ba744d6d3738f42b9f477
covertsession is a command line tool that allows you to create a TCP session that IDS sensors cannot parse correctly. What this tool lets you do is inject bytes into your outbound data stream that an IDS sensor will treat as part of the data stream but the remote OS will ignore. If used correctly it can cause a signature not to match. This tool provides command line options to control how bytes are injected. It can use a file as its source of input. Or it can listen on a local port, redirecting the TCP session covertly to an IP:Port specified on the command line. Tested against Snort 2.2.
0ae15acc4feea9b3deae43d9277a060af770fcb25fc29192f6682a0b370d77d1
Secunia Security Advisory - Benjilenoob has reported two vulnerabilities in ProjectBB, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
22f68ed8d21d0707260d9c018d896a9ae2f317eab084145506c7828bc68bb5ba