MultiTheftAuto versions 0.5 patch 1 and below allow anyone to modify the motd and cause a crash in Windows.
c64d313f5dc7c205478d5c7de60955c0bda03b5c79cb6ea40f3641bdbca0b54e
Ubuntu Security Notice USN-187-1 - A Denial of Service vulnerability was detected in the stack segment fault handler. A local attacker could exploit this by causing stack fault exceptions under special circumstances (scheduling), which lead to a kernel crash. Vasiliy Averin discovered a Denial of Service vulnerability in the tiocgdev ioctl call and in the routing_ioctl function. By calling fget() and fput() in special ways, a local attacker could exploit this to destroy file descriptor structures and crash the kernel.
fae87c160625ea0aa26f17338f7d6f5053368777a81d857b5ae41a045d0dc217
The ContentServ CMS allows for remote file disclosure. Exploitation details provided.
7f023ffca1207787da7967c8d5fbee488ab07f7b2629827e0b3f0fd32b87fb26
Linux Qpopper poppassd latest version local root exploit.
359257daa77f9f0e2c89be1a887fb0aee80f2b97f3cb11af5a5f3c2e3e21073d
FreeBSD Qpopper poppassd latest version local root exploit. Tested on FreeBSD 5.4-RELEASE.
ec9e82155213753b712f0aa73de5fe9e2ef20be39dbc88b2b8f9c0fc19bed853
WzdFTPd versions 0.5.4 and below remote command execution exploit.
f7f9963844c4f4bd7d1a8a49da8c384e861ff2cf0f68aaf1cb006cec8543227d
Whitepaper entitled "Exploiting the XmlHttpRequest object in IE - Referrer spoofing, and a lot more."
f9a2ac7567ed51e0a9e6e4ff4008bf10f202d346e42b74a07fdaa5b5d39e055f
GeSHi version 1.0.72 is susceptible to a local file inclusion vulnerability.
1b769d2ceebbe29458133f77b4b4f3c635e125a1a866a8a371bdfc04f5cfe7df
Suresec Security Advisory - The malloc() function on Mac OS X insecurely trusts a debug variable, regardless of the fact that the calling application may be suid root. This can result in an arbitrary file being overwritten, which can be used to escalate privileges.
cdb59539bd347748b5b59524ac993ceffaf516ffabd88ddfebd8dcd9e1a43d1b
CMS Made Simple 0.10 is susceptible to a cross site scripting attack.
ef63f404102edc1137d3a52efae22ba5c90c46ae26e8aab7cf1e6a21d42a4e3e
This presentation was given by the keynote speaker at the FiTech Summit 2005. It is entitled "How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk".
3ab52b06315c51be5592e0eb263596d926684a34f932ce28649184d7e7e1d185
Bilbo is a wrapper for nmap which makes it easier to scan lots of machines or networks.
bff8373389454c65b14bc6b10a52eeb0a1fc61967fab8ade193b6092b2787f01
MailGust 1.9 is vulnerable to a SQL injection attack that allows for board takeover. Exploit provided.
28ab60a0500bfc5e64b00a09e3e5cfc960c5842cc91fd51bd3f9c015be26ab73
AlstraSoft E-Friends is susceptible to a remote command execution flaw. Details provided.
04558972c962230e473329bbe394de586e275912854405ac5f3ace9b2e51a9bd
Gentoo Linux Security Advisory GLSA 200509-17 - Keigo Yamazaki discovered that the miniserv.pl webserver, used in both Webmin and Usermin, does not properly validate authentication credentials before sending them to the PAM (Pluggable Authentication Modules) authentication process. The default configuration shipped with Gentoo does not enable the full PAM conversations option and is therefore unaffected by this flaw. Versions less than 1.230 are affected.
a2b323a8185b1247befd647c72d00f474b4dae1d7389cfb354d32de11d1f3ec6
Gentoo Linux Security Advisory GLSA 200509-16 - Mantis fails to properly sanitize untrusted input before using it. This leads to an SQL injection and several cross-site scripting vulnerabilities. Versions less than 0.19.2 are affected.
7943ef5dd4c3e9711bd373818cc301f5f129200015fc560385abe50b03004649
Debian Security Advisory DSA 820-1 - Jakob Balle discovered that with Conditional Comments in Internet Explorer it is possible to hide javascript code in comments that will be executed when the browser views a malicious email via sqwebmail. Successful exploitation requires that the user is using Internet Explorer.
d39e1b10d15a759ca8220ce2607902c1ac4d3eea7d83cd7421c8f083820eb551
Riverdark RSS Syndicator version 2.17 is susceptible to cross site scripting attacks.
6088a27b40b8d5a5418660901ae75e2e548a229ca66a4042b59480a19e67bc68
Small write up entitled "Hijacking Bluetooth Headsets for Fun and Profit".
77323c05bbb2580095063a300d007938e1bc5d61ac068734b800ab7a87e42caf
Ubuntu Security Notice USN-186-1 - Peter Zelezny discovered that URLs which are passed to Firefox or Mozilla on the command line are not correctly protected against interpretation by the shell. If Firefox or Mozilla is configured as the default handler for URLs (which is the default in Ubuntu), this could be exploited to execute arbitrary code with user privileges by tricking the user into clicking on a specially crafted URL (for example, in an email or chat client).
a55ca2e35e593d050ddf54300ab88ea5d9ec5a91596f7da1133b8128d74794d2
Secunia Research has discovered a vulnerability in PowerArchiver, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when reading the filename of a compressed file from an ACE/ARJ archive. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is opened. Successful exploitation allows arbitrary code execution. Versions affected: PowerArchiver 2006 version 9.5 Beta 4/Beta 5, PowerArchiver 2004 version 9.25, PowerArchiver 2003 version 8.60, PowerArchiver 2002 version 8.10.
d91f317dc4dfa469154642413a7d8614b4d771da4b5bc132088b13598dfad62d
jPortal versions 2.2.1 through 2.3.1 suffer from a SQL injection vulnerability. Exploitation details provided.
0ba299252a5279ea725d0580269305521c10ef80d327e966584571381b79bb1f
Debian Security Advisory DSA 819-1 - An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular expression.
81da3abd2ec36bf75527851c662acd3db1a2bf4da02cf816f39b873cca9be400
Secunia Research has discovered a vulnerability in 7-Zip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling an ARJ block that is larger than 2600 bytes. This can be exploited to cause a stack-based buffer overflow when a specially crafted ARJ file is opened. Successful exploitation allows arbitrary code execution. Affected versions are: 7-Zip Version 3.13, 4.23, and 4.26 BETA.
21f735293b5f28bb27d6b63dd540c87041eb152dc9e1fbffb657bd18d8139676
Secunia Security Advisory - rgod has discovered a vulnerability in My Little Forum, which can be exploited by malicious people to conduct SQL injection attacks.
3bad1aa628298941fd8dce61478171d94c00ae7a0db1292b310148826c0ed534