TWiki 20030201 VIEW string remote command execution exploit.
ffd1fb66748fb194d52e0c5a6b688695dcb044946458aaff1efc4b59ca8671c9
Qcrack is a program written to test the security of md5/md4/md2 passwords by attempting to brute force them. The user can also specify the characters to use when brute-forcing.
4db44d32b1e7394054d140a283fad3ef2dc515e670dac66f5b22129cfa4c7676
PHPFM is susceptible to a remote command execution vulnerability.
48f148c2eb51c34a455f4c215f8a0d436968ee1ec6a93c978ec65d4d82ffa96d
A vulnerability in the voicemail retrieval system for the Asterisk PBX software allows an authenticated user to download any .wav/.WAV file from the system, including other users' voicemail messages. Versions affected: Asterisk versions 1.0.9 and below, Asterisk Beta versions 1.2.0-beta1 and below, Asterisk @ Home versions 1.5 and below, and Asterisk @ Home Beta versions 2.0 Beta 4 and below.
f7a5df0e22275c8fdebf7ed2d4e110a0ea24464a098ba12734cae3db12a6c84b
NetBSD versions 2.1 and below ptrace() local root exploit.
e206abdb40eb38c1a16aff4226d7394d290524b17f83c8baa92a4a7a2137452e
Secunia Security Advisory - Mandriva has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and to compromise a vulnerable system.
08f9a32fdc97a961844391101ec8406791e78c09677cd74d0dba2a34e9226e0b
Secunia Security Advisory - kcope has reported a vulnerability in Linux-ftpd-ssl, which can be exploited by malicious users to compromise a vulnerable system.
988e04240af7a1ddad52aff2c3f0fce6d316656825a3a8bd3d2b10c98a9696b4
Secunia Security Advisory - Bernhard Mueller has reported a security issue and a vulnerability in toendaCMS, which can be exploited by malicious people to disclose sensitive information.
586dc2002695f600db8ab1a63066e9357bebb0b1254dda27a4bb813c891b497a
Secunia Security Advisory - Kevin Finisterre has reported a vulnerability in GpsDrive, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
1e1f08a9377b190d538b638a067879cd533a027f7697c7ebb10c814b18ca93e4
Secunia Security Advisory - Slackware has issued an update for elm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
53fdb69344bf06ae3c156ed049d3fde6e5c4bd2559218732bc6621bb705c0ec6
Secunia Security Advisory - Ubuntu has issued an update for libungif4g. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
2b5e52dea5f1d5ee2cc633a19ed2749c53180d33cd5ea95451962aa80dc1bebe
Secunia Security Advisory - Debian has issued an update for chmlib. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
e9d4c7749c9fb5baf776f91369c8cf341b9ca462f23a6465b1c51cc5fcab3554
Secunia Security Advisory - Fedora has issued an update for libgda. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
6d21be0634f913034388194454afafa92d2cc72b539b3dc28aa45506707d2381
Secunia Security Advisory - Debian has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and to compromise a vulnerable system.
e36c1312244c845ee3b8264616e4ffc426a05b059740600a3854a89cf007b670
Gentoo Linux Security Advisory GLSA 200511-07 - The OpenVPN client contains a format string bug in the handling of the foreign_option in options.c. Furthermore, when the OpenVPN server runs in TCP mode, it may dereference a NULL pointer under specific error conditions. Versions less than 2.0.4 are affected.
b600218c519f3c3477bb578cb710c3daf3ef864b0db33240d66d18b020f13c08
Gentoo Linux Security Advisory GLSA 200511-06 - Thomas Wolff discovered that fetchmailconf opens the configuration file with default permissions, writes the configuration to it, and only then restricts read permissions to the owner. Versions less than 6.2.5.2-r1 are affected.
f1ccc9beb116883ad3d1f2d0489f7fb6535e0ed23946c70b86e8930c3f46bfd8
Gentoo Linux Security Advisory GLSA 200511-05 - Steve Kemp reported about two cross-site scripting attacks that are related to the handling of files. Also reported is a directory traversal vulnerability which comes from the attempt to sanitize input paths. Versions less than 2.9.7 are affected.
e15a5a42284b156ea009dae325a3560cde4cc62286452aaee259b804b704602f
Gentoo Linux Security Advisory GLSA 200511-04 - ClamAV has multiple security flaws: a boundary check was performed incorrectly in petite.c, a buffer size calculation in unfsg_133 was incorrect in fsg.c, a possible infinite loop was fixed in tnef.c and a possible infinite loop in cabd_find was fixed in cabd.c . In addition to this, Marcin Owsiany reported that a corrupted DOC file causes a segmentation fault in ClamAV. Versions less than 0.87.1 are affected.
8eb93af3c78d8894931eefbd1761c2d7fbbf69a6cca7785b094fdd6851154089
Invision Power Board version 2.1 is susceptible to javascript injection and cross site scripting attacks. English version of this advisory translated by Jerome Athias. Exploitation details provided.
8b1b5097ef20b451fcda26afa6d66afb1521d2ef736c3cb1b0b83a5a13cd856d
EUSecWest/core06 CALL FOR PAPERS - The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and to collaborate and socialize with their peers in one of the world's hubs of IT activity - downtown London.
73462471efd04c9f54d576b53ac695a1b3c90b25066b1430b40ff6c6428623f9
write(0,"Hello core!\n",12); shellcode for Linux x86. writehello-core.s is appended.
41fd3af95203826a26802304166e8c49b0a8f32ba4bc6763401241d7c8b03ebf
read and chmod shellcode for Linux x86. readnchmod-core.s is appended.
5cd6262dd473ef3cfd822593dd79d775204a412f232377a407335a80515dd956
if(read(fd,buf,512)<=2) _exit(1) else buf(); shellcode for Linux x86. h3ll-core.s is appended.
d3520474d0b54fff6d65387a6361d6638be7d0e9f057c1a62cb7801571603558
_exit(1); shellcode for Linux x86.
ba689a9bd5eb2cf68686500b209ee31348604a6d736dc138f474e6e70bf88b53
dup2(0,0); dup2(0,1); dup2(0,2); shellcode for Linux x86. dup2_loop-core.s is appended.
b4cc8feaf73d1c1548958a27f11126de31bfc8a7af149ae4c738f23de3915083