Mandriva Linux Security Advisory - MDKSA-2006:064: MySQL allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function.
4a4244ae0beeb209f950fccdf977eb49bbd29281b7f1fe880225a0c331f5ca48
Mandriva Linux Security Advisory - MDKSA-2006:063: A vulnerability was discovered where the html_entity_decode() function would return a chunk of memory with length equal to the string supplied, which could include php code, php ini data, other user data, etc. Note that by default, Corporate 3.0 and Mandriva Linux LE2005 ship with magic_quotes_gpc on which seems to protect against this vulnerability "out of the box" but users are encourages to upgrade regardless.
78262414453a18d74993749df6712321776cbd76fef99b47a0376bcdd40706e5
Mandriva Linux Security Advisory - MDKSA-2006:062: Three buffer overflows were discovered by infamous41md in dia's xfig import code. This could allow for user-complicit attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid color index, number of points, or depth.
46a668207512540b5308a4296ea6e5d10a881784569110a52dc660a41a65aa78
Horde Help Viewer remote PHP code execution exploit.
3783e4752241a7aa60e7b46a703cfaba27d243c8a50eca9106fa2a651bd7385d
PHPMyChat "SYS enter" remote command execution exploit patched to work on the 0.14.6dev to 0.15.0dev branch.
38f842312aedd97bbc094d9b66bd6dd19a72a194a0e2484372b8c1f981853092
PHPMyChat less than or equal to 0.14.5 "SYS enter" remote command execution exploit.
73bfdce3a8b3605243c6b28f32b500b1210c726241864d8f1082e403efe9d28d
SSHeater is a program that infects the OpenSSH daemon in run-time in order to log all future sessions and implement a backdoor where a single password, chosen by the user, can log into all accounts in the system. There's a log parser included in the package that can display authentication information about sessions as well as play the session just like TTYrec/play.
ddc5f0ffbef955cabdf2fb58ed422c04a74622619744e0a7698ca94c6723c5ab
Secunia Research 03/04/2006 - AN HTTPD Script Source Disclosure Vulnerability - The vulnerability is caused due to a validation error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files (e.g. PL, CGI, and BAT) from the server via specially crafted requests containing dot and space characters.
3168e45f9455ce990326326f5827fc180003afd049d6d88213c158675d75fbe9
FleXiBle development script suffers from remote command execution and XSS
10296054362eb5e6ab48fde7a2d864ba1709f39b7e2858a56aba2be7c25dd632
pid-check is a perl script that uses the kill() and setpriority() system calls to find hidden processes.
c84e1506e2f1e46b1bb4e29b75e781654f04b72ae63c91d5917174c5ee8c0182
w3wp remote DoS exploit due to improper reference of STA COM components in ASP.NET.
012bbb7a3a8e236db1320cbab6d721129dda52a8403343cea4180f2a6ff96e14
This is the IOS binary image packing and unpacking for reverse engineering program capable of calculating a correct checksum for these images.
14ea902c6b350ddcf1c39c10938e90194d7999bb6cb7ea744ea111062d369d36
TFTP-bruteforcer is a fast TFTP filename bruteforcer written in perl.
2af969e3ce63a74869227e49056fa595115bfee36f4d4b0b86b4006dd1feceb5
EIGRP Tools - This is a custom EIGRP packet generator and sniffer developed to test the security and overall operation quality of this Cisco routing protocol. Using this tool requires a decent level of knowledge of EIGRP operations, packets structure and types, as well as the Layer 3 topology of an audited network.
f8918de3a4115310e2c6fb3f16c9d1d669736e7d41b9985c6de42cc177d00707
THC is proud to be the first who are releasing an comprehensive attack toolkit for the IPv6 protocol suite. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. Included is a fast and easy to use packet crafting library to create your own attack tools.
577fb708c202a62615c74e3fff77c90277801dc6ef131673f0b978d0059a198d
Secunia Security Advisory - Two vulnerabilities have been reported in NOD32, which can be exploited by malicious, local users to gain escalated privileges.
ea0502d548d8d9d82096da408779c5de32402083dce1a5b367de1364c0283490
Secunia Security Advisory - r0t has discovered some vulnerabilities in Crafty Syntax Image Gallery, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct SQL injection attacks.
37d142afaff0b2f4708465d7ebe44f4769b096ba296277b93dc0a438136d04ca
Secunia Security Advisory - r0t has reported some vulnerabilities in SKForum, which can be exploited by malicious people to conduct cross-site scripting attacks.
9021f262c26bff2e922f6c9a6341f6d2eeb2d92ef7d17ba75f323ed0166d5308
Secunia Security Advisory - Pratiksha Doshi has discovered some vulnerabilities and a weakness in Interact, which can be exploited by malicious people to gain knowledge of certain information, and conduct cross-site scripting and SQL injection attacks.
225af40f1f5a0084dae4a3cdebf15e895068c473c036034600875c12dc442959
Secunia Security Advisory - Mandriva has issued an update for freeradius. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
78300f248e4e5b40cfa915e87a2ff2320aed0d062aae1d2cc6a5fea3cce403fc
Secunia Security Advisory - Luigi Auriemma has reported two vulnerabilities in Ultr@VNC, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
2fd0e94ebdebf42a70812e15cc08b6ce7bfef12fef479bbfdf74f83bd1514ad2
Secunia Security Advisory - Gentoo has acknowledged some vulnerabilities in doomsday, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
a23746e378664458d421fc336f2074ffae2df8d295cf685cb3af23758953d585
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered some vulnerabilities in N.T., which can be exploited by malicious people to conduct script insertion attacks and by malicious users to compromise a vulnerable system.
9903eac740d284e7d26048d26e303089e1a140c796be0aa8eeb25fb4c687c08e
Secunia Security Advisory - Gentoo has issued an update for freeradius. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass certain security restrictions.
040287a5156dbed1c180b0b99449a267b92e78779951bd3d9b31c3255e7c3056
Secunia Security Advisory - Gentoo has issued an update for horde. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.
568a9673c461691bfff6a29b3749040d4afce0bd130e16d9b485f4ca3598a63b