Windows FTP Server remote DoS exploit.
09f7d64247dd629ee0c3ef325046fa7070e1dca518a3fe1d8522fe57b31418f1
Local lame root exploit for exim version 4.42 and below.
ec28e8d69b8b86c44fad479d0693408bfb48bc65e3408120c89f1ea7d95c22a5
mimic-ftpd remote DoS exploit.
889acafb8d0bd7ec59b468ad5e0304c227eca219ff2b54505ede73fa88ce1b69
GNU less local exploit.
58a7a9a42bea20075104c3381ea5615bb56bb62a0b6c2d5e9eb359d26ba79dc6
Spider game local buffer overflow exploit.
e3cc4d7d111162ecb945ae14b0176162973648ebee57c23965c8b7c11d36145f
SuS local root exploit.
3da4ab0d6149a4ab235794752844be10fea1ee9025046d1e74fcfcf4c206074d
Unreal tournament 2004 DoS checking tool.
51f811fb7cfa07eb5ae025a22aa0760feaa2f1db96fb71b1dce6650aee331c63
MyWebServer 1.0.3 Remote DoS Exploit.
6acc8684762cfb946734f53d2729329e0f5edc5922f0802aa8a6be99a49f045b
OpenSC consists of a SmartCard library that uses any common transport API (e.g. PC/SC, CT-API, OpenCT) as its backend and applications that use the library. It has been tested extensively on Finnish Electronic Identity (FINEID) cards, but a number of other PKCS #15 and ISO 7816 compatible cards work too. Also implemented are a PKCS #11 module (e.g. for Mozilla Web/email usage), a PAM module, somewhat working OpenSSH support, an OpenSSL engine, a few basic tools, and a PKCS #15 structure generation tool for supported cards.
9435f99ec870df6a5d233515042679e40d1a2ca4c473df92e0d106071cbe40ad
VisualRoute is a traceroute tool which displays a map of the path to the destination server by looking up the geographical location of each traceroute hop. The network service provider is identified for each hop, and instant domain and network whois information enable quick problem or abuse reporting.
2db0fc895cb8f4652f3daf2ecf8d693cff12eb3130f327c005064fa6daf44441
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
c3847b96379983d0f3f4c0a1a649e54a5d96e8ea9930b2222a45f39f34176b70
News2Net, a newspaper, magazine and newsletter publication manager, is susceptible to SQL injection attacks.
30ebe8bbd9726e841bf34724ba07a952af46fcee79d00465ed4f75837ee8d164
Mandriva Linux Security Advisory - Hugo Vazquez Carames discovered a race condition when writing output files in wget. After wget determined the output file name, but before the file was actually opened, a local attacker with write permissions to the download directory could create a symbolic link with the name of the output file. This could be exploited to overwrite arbitrary files with the permissions of the user invoking wget. The time window of opportunity for the attacker is determined solely by the delay of the first received data packet.
7e115d8991a9797e2f3f2b6ed79b0f1a7de2b16574020b5d6b227f051ca1ef71
Mandriva Linux Security Advisory - Steve Kemp discovered two format string vulnerabilities in libgda2, the GNOME Data Access library for GNOME2, which may lead to the execution of arbitrary code in programs that use this library.
378a3bb3bd65b6721236614552678331e4f6568a1c96bb31004ec88b67f61a0b
Mandriva Linux Security Advisory - A vulnerability in the way that SquirrelMail handled the $_POST variables was discovered. If a user was tricked into visiting a malicious URL, the user's SquirrelMail preferences could be read or modified. This vulnerability is corrected in SquirrelMail 1.4.5 and the updated packages provide the latest stable version.
38d012159f550540052a190c03297e4e408b45ee6e6df8daba89f25aa918e87e
Cisco Security Advisory - An issue exists in one of the components of the Cisco Management Center for IPS Sensors (IPS MC) version 2.1 during the generation of the Cisco IOS IPS (Intrusion Prevention System) configuration file that may result in some signatures belonging to certain classes being disabled during the configuration deployment process.
3f0895320db32100d30cddd028ec47aa58e5305ef4e40c498066c7db9d565ee0
The web management interface for the Gateway 7001 A/B/G AP contains an input validation vulnerability that allows anyone authenticated with the device's built-in web server to configure the device to use channels not regulated for 802.11a/b/g use in their geographic region. The potential impact is that a user could configure the device to operate outside the allocated bandwidth for 802.11 within their country, thus causing interference to other radio systems. In addition, the device will not be visible to other 802.11 devices operating in the area.
181891375992f06bb1441c99dbb5f6f4f49782f5fa61e8b0268d391aef28bbac
Multispoof is an application, which exploits weak, address based authentication very frequently implemented by ISPs in Ethernet networks. In such networks customers are identified with IP-MAC address pairs, and only those paying the ISP are granted access to the Internet. Multispoof uses IP and MAC spoofing to impersonate legitimate customers. The idea is not new, but multispoof does it in a smart way. As it impersonates only inactive customers, there are no address conflicts.
45cf382c348417b1bedd99c56a86d8d25b93467dbac49fffaef1d19870c966eb
VUBB Alpha RC1 is susceptible to cross site scripting and path disclosure flaws. Details provided.
04077c920bd3d7027c8c2bbac8d73904b1e94fbad3a94c8ad700e51e0c2d7da2
Remote Snort Back Orifice preprocessor overflow Metasploit exploit for Win32 targets. Exploits Snort versions 2.4.0 through 2.4.2. Tested against Snort 2.4.2 Binary with Windows XP Professional SP1/SP2, Windows Server 2003 SP1, Windows Server 2000 SP0, and Windows 2000 Professional SP0.
eae99138b91426ab5eb58667181b07b717710bab0115262472624f15edd0aba7
Elite Forum version 1.0.0.0 is susceptible to a cross site scripting vulnerability.
509afb7afe2ee9e99903007f4cca3e53552a6b54178d4a52c16a3fa39cb4e99d
The POSIX readdir_r function is susceptible to a race condition which could possibly be exploited to cause a buffer overflow.
8daf6f642a27b44e7da7cc61cef3e19e955fb8486d282daa2d7daa96ece5bc53
Secunia Security Advisory - Ryan McGeehan has discovered a vulnerability and a security issue in eyeOS, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose sensitive information.
b96fd5854fc5409a5aed7dabb962abc53605d17f38a54eec8958f44fd4767570
Secunia Security Advisory - Gladiator.KHF has reported a vulnerability in Elite Forum, which can be exploited by malicious people to conduct script insertion attacks.
bcf4733c23bb00165c64ab08a08b1123c2d05ddc2bb3f7397a00b7104cd92154
Secunia Security Advisory - Apple has issued an update for Mac OS X. This fixes some vulnerabilities and a security issue, which can be exploited by malicious, local users to bypass certain security restrictions or to gain knowledge of potentially sensitive information.
846809a76370ca38b8a920cc055e9e0482b6e7953a0c39246c66d21f2ef39cf0