alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
a829f32c211a8955b599210fd7ba9d9c9b47eec285505aa366825e90bf86d2af
The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..
bbd9955f30cf74997cae2d96220a2a2bc43d92f8264f4f08bef39d096cfc85d3
phpBB 2.0.14 suffers from various cross site scripting flaws.
ee024debdb52106fa23484c02ebbb9c2c78307481e1985c44c278dba87455d2b
using net::packet allows an attacker to take advantage of the MS05-019 vulnerability allowing remote command execution and denial of service.
aa7cc3acb178d16703da6d5d8b2a2722d5c69cc910a12a1c0e6c1151329c4e4a
MailEnable HTTPMail Enterprise <= 1.04 Professional <= 1.54 is vulnerable to a buffer overflow on a header field definition which would allow an attacker to execute arbitrary code.
020b6ab6e3581762060ba2c2990b16bc68cb8380fa57614477c9506a4bada0d4
A local file detection flaw has been found in the Adobe Reader ActiveX control. Adobe Reader versions 7.0 and below are affected.
62e66376041cb0ead9f4c69cac186a4d750f6d7ab4a0b76dad3a4a5b944a91d3
artmedic_links5 remote file access exploit.
9e67672b845828367bde9de18a165c0bdffd6ad8e7514174a7941f877fa6fd5c
BK Forum version 4 is susceptible to SQL injection attacks.
a512cecf40d797596c6f2bae6fc4d511e3d8a078ce88159cf0adebb516fef8d6
Argosoft mail server pro 1.8.7.6 (maybe others) are vulnerable to a cross-site scripting attack due to the mail server not filtering out some HTML tags in email messages.
730284972fd0b3761d247cb3b7dd3853f2ca689faf375d53b1b01457d4281fe0
BitDefender 8 suffers from a race condition.
144ed35679c7a23080f5531a8b32b1563435c1fab49422956aae4a75e3491e13
Woltlab Burning Board versions 2.3.1 and below suffer from cross site scripting vulnerabilities.
6fd4ea8f1ac5b793c50dfdbb68a87da068debbff2b6cbe1ece0f3f5e4a881fbc
FreeBSD Security Advisory FreeBSD-SA-05:05 - Multiple programming errors were found in CVS. In one case, variable length strings are copied into a fixed length buffer without adequate checks being made; other errors include NULL pointer dereferences, possible use of uninitialized variables, and memory leaks.
0955613e37e271809f7afef6711a84a64f2032dbe02f04eb08d63144b31158fa
KDE Security Advisory: kimgio contains a PCX image file format reader that does not properly perform input validation. A source code audit performed by the KDE security team discovered several vulnerabilities in the PCX and other image file format readers, some of them exploitable to execute arbitrary code.
541b770d166d535ed31873d7fc040185169e96ce83b2851ceec63ccf5120c5fe
KDE Security Advisory: Kommander executes without user confirmation data files from possibly untrusted locations. As they contain scripts, the user might accidentally run arbitrary code.
15c0b15e1f97fffefbb19b6f2354efaea247f2f23d0219684a0be903991619c5
ASP NUKE 0.80 and below Comments.asp SQL injection exploit.
981d3f36902696faecf7a43a4d797bb696472092239b78de66bda029cb1f7d1e
A vulnerability exists in Macromedia ColdFusion 7.0 which allows a remote attacker to execute arbitrary HTML and script code to a users browser session.
b7e5adbb8cca2e19fa11f114f83ccae2400d714542e19d777713e7dbe4d4ba6f
ASP NUKE 0.80 and below Details.asp SQL injection exploit.
72c4ff5b2772a277406869c2f29d056924f410322f486103fc3d8fe6e4ce2b33
Kali's tagboard allows for remote command execution.
5d979e79e6dc02951be37826d1ce5fc6cf06f268e8c20212f58a00eb94c57e4a
By a user receiving data from a malicious network streaming server, an attacker can overrun a heap buffer, which can, on some systems, lead to or help in executing attacker-chosen malicious code with the permissions of the user running a xine-lib based media application.
64c779246d4d9ccbe30d863aa28db22a229e66a2202abdc8598582b09109fb72
WebSphere Application Server version 6.0 suffers from a cross site scripting flaw.
f68cc25f25bdda26b2281f384909d577b5ea7ee94e8abe5de53465cf42838c22
E-Cart version 1.1 remote command execution exploit.
575b7215f959d66769b1032e70023be88c3fe7affcae81a5810a504a97e4be9b
Debian Security Advisory DSA 713-1 - Several bugs have been found in junkbuster, a HTTP proxy and filter.
e72c5e4ea90565cb61629b1743d0c4d4a8c3617c8103bc58829339968c1ee261
Yawcam 0.2.5 suffers from a directory traversal flaw.
b182d057b90cd3f81c55e8e073477556ee02a409f252428b6e2bfb479dd98c59
Gentoo Linux Security Advisory GLSA 200504-20 - Gangstuck and Psirac from Rexotec discovered that openMosixview insecurely creates several temporary files with predictable filenames. Versions less than 1.5-r1 are affected.
23bccb90f85bbabb24a271ae05653d64a2d16cae3deeed52271cecd0e763eda1
PayProCart versions 3.0 and below suffer from multiple cross site scripting flaws.
d3290939d4dbf61bb90cdf17383c0e72a809f38a0a5aecbfd15e950038d1445f