A vulnerability allows remote attackers to execute arbitrary code on affected installations of Novell NetMail. Successful exploitation requires the attacker to successfully authenticate to the affected service. The specific flaw exists in the NetMail IMAP server's handling of the APPEND command. A lack of bounds checking on a specific parameter to this command can lead to a stack-based buffer overflow. This vulnerability can be exploited to execute arbitrary code. Novell NetMail 3.5.2 is affected.
d83fcb45bcf0511752fc543515acd50fb5294460571860e33791f4a4924a19b1
A vulnerability allows remote attackers to execute arbitrary code on affected versions of Novell NetMail. Authentication is not required to exploit this vulnerability. The specific flaw exists in the NetMail IMAP service, imapd.exe. The service does not sufficiently validate user-input length values when literals are appended to IMAP verbs to specify a command continuation request. The memory allocated to store the additional data may be insufficient, leading to an exploitable heap-based buffer overflow. Novell NetMail 3.5.2 is affected.
00ad158430d6267397d77d4a8855ec99e1348d084819e68e63f872d23a2fcd20
A vulnerability allows remote attackers to execute arbitrary code on affected installations of Novell NetMail. Successful exploitation requires the attacker to successfully authenticate to the affected service. The specific flaw exists in NetMail's implementation of the Network Messaging Application Protocol (NMAP). The NMAP server lacks bounds checking on parameters supplied to the STOR command, which can lead to an exploitable buffer overflow. The vulnerable daemon, nmapd.exe, binds to TCP port 689. Novell NetMail 3.5.2 is affected.
4056879f41eafb341738b16f36fa861255cdb891a2b2c6a31272e521c3dd1f2f
Keep It Simple Guest Book version 5.0.0 suffers from remote file inclusion vulnerabilities.
c627cff3eb5c559feb07dae01c335ab111cfb6454af87ed59eb8510cbb412b24
Efkan Forum version 1.0 suffers from a SQL injection vulnerability.ShaFuck31
abf997c7e80ce8c1795252fe574e4a9ab059d19df0b7dac1b6e70ea94036e9a1
Oracle Applications/Portal versions 9i and 10g suffer from cross site scripting vulnerabilities.
5b903f77def68bd3894d4ffe4af3835c54da78e7599fb0ef3aad439f57a5fd37
wbkdr is a proof of concept WinAmp backdoor that makes use of the plugin interface. It spawns cmd.exe on port 24501. Archive password is set to p4ssw0rd. Use at your own risk.
fe41f3a09a95545baef7687f0d242178eb78bfd291f95131bd02ac398d747362
Xt-News version 0.1 suffers from cross site scripting and SQL injection vulnerabilities.
c79a86210fc91a389f13db530a4a2f177cb36fdc3e0bfc918fb30b9c4f6a8b12
SQL injection digger is a command line program that looks for SQL injections and common errors in websites.
4fe72effb2b5fe4a4e0a32f8eeddedee32c437bd740a3f932037e89848773791
untidy is general purpose XML Fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input. It's released under GPL v2 and written in python.
4e6d1c8a2c04fa8b84ff9712946037521667fcfc677d2c11efeaea0732184f3d
Microsoft Windows XP/2003/Vista suffers from a memory corruption flaw.
705bd57347d0e6a7a932a0cbc5376bb71bc6bb86572f00fc641439dee19e2f8e
OpenPKG Security Advisory - As confirmed by the vendor, a Denial of Service (DoS) vulnerability exists in the programming language Ruby, versions before 1.8.5-p2.
b21d0c433a93a826301e000c138a2d7578c7c9e437c3c15008d465d9d44ccda3
Secunia Security Advisory - Some vulnerabilities have been reported in Novell NetMail, which can be exploited by malicious users to cause a DoS (Denial of Service) or compromise a vulnerable system and by malicious people to compromise a vulnerable system.
303a7a813036490e6bc27961859127a26c88310b4ab03e79d00a09f9184f3769
Secunia Security Advisory - Fukumori has reported a vulnerability in a-blog, which can be exploited by malicious people to conduct cross-site scripting attacks.
f700ca902e4bb852afdf9f5fcd05cdcc4519c51b26b61e88c5abca9cb663a34e
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
fbf9951b091a5603cac45f89db5722e7a024756b614f5c3cfb9a4ed9ed16519d
Secunia Security Advisory - nuffsaid has discovered a vulnerability in PowerClan, which can be exploited by malicious people to compromise vulnerable systems.
2819be4a4b81cd25d9bcdb04f6f83cdcb09ee07ddd6c30d9d890a0c142714543
Secunia Security Advisory - Michael Meeks has reported a security issue in GConf, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
bbbc59c831e3466b094f6a12cf5e3432a21224f679f22bafba45ae4cd0a64b7a
Secunia Security Advisory - DarkFig has reported a vulnerability in Ixprim Content Management System, which can be exploited by malicious people to manipulate data.
511a5088ce3ab1b2dece6841abcb51a58c8e1ebbfbddb1981295752903efa890
Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions.
5d4d02728c06955c4267b6e3299ab78ee44e445f03436bca41f4ccb4b7fd5955
Secunia Security Advisory - Mr_KaLiMaN has discovered some vulnerabilities in Xt-News, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
df12471db9f96eeb252368a58be9a55aac14d9d2edcb0afd3bdbd9043561f7d3
Secunia Security Advisory - putosoft softputo has reported a vulnerability in Oracle Portal, which can be exploited by malicious people to conduct cross-site scripting attacks.
a0eeb5da1d7332c6f2f0b5f42a75dbde59618c10d57bdd5d12933e23b3100976
Secunia Security Advisory - Debian has issued an update for links2. This fixes some vulnerabilities, which can be exploited by malicious people to expose sensitive information and manipulate data.
576543b4a1e897866facb491bd4e70130fdd95b46a796b06e4f2f054fb087b4f
Secunia Security Advisory - rPath has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of certain information, conduct cross-site scripting attacks, and potentially compromise a user's system.
5ceb725ea16594d3707ae5771eec5774bb51efd96d26ed8106207221813fd54b
Secunia Security Advisory - CorryL has reported two vulnerabilities in logahead UNU edition, which can be exploited by malicious people to bypass certain security restrictions and compromise vulnerable systems.
b6e929f4282889518b81199a7d1c61927de355a190cfa15cd8a2486533e163de
Secunia Security Advisory - InTeL has discovered a vulnerability in Dream FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
70c128142d38b4c29f8419f55a898b180bc9ba6103d81602de8064945caed34c