Unhide is a forensic tool to find hidden processes and TCP/UDP ports that are hidden via rootkits, LKMs, or other techniques.
21ef6128232d02bba981acdf20f92b92258189f0660c4dac9a8d2dfdcc83e6ab
SWFUpload version 2.5.0 Beta 3 suffers from an arbitrary shell upload vulnerability.
f863f473a9dccafc4f6a726b39aabb7e05973820593a670f48ab825ac05c69a9
Zero Day Initiative Advisory 11-050 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Informix Database Server. SQL query execution privileges are required to exploit this vulnerability. The specific flaw exists within the oninit process bound to TCP port 9088 when processing the arguments to the USELASTCOMMITTED option in a SQL query. User-supplied data is copied into a stack-based buffer without proper bounds checking resulting in an exploitable overflow. Exploitation can result in arbitrary code execution under the context of the database server.
c93b3cc1ed68f2c7b1e808552b38bf3283f34bd5ad7779fd7bbae003dc87e56e
Zero Day Initiative Advisory 11-049 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SMTP service while processing a malformed e-mail. The process continually appends each argument within a filename parameter into a buffer in memory. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
ebbcaa4bec81a1bbb394b6c38c7ac9e750d79863940b1731be2281fede698df9
This Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
54537a2f3c86ad8f52de968df257b060a5829f88749fc6e25a04fdb2eccaf7be
Hanso Converter version 1.1.0 language file buffer overflow exploit that causes a denial of service condition.
576ec4679abab1f7bf25faf550436b83cfa1320d8a13addb6b17280e77f1de0a
Zero Day Initiative Advisory 11-048 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed calendar meeting request. The process copies the contents of the name parameter within the Content-Type header into a fixed size stack buffer. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
9e6b48942aef107760324058e3ae367162c825c55a3df189d7b05a6b4a064e41
Devilzc0de E-Zine Volume #2 - Code Reborn. Written in Indonesian.
bcbc9b3ff5672c2d1980d438fa226b53f536d504d0dc6adf7a5e126b9303b5ff
JAKCMS version 2.0 PRO RC5 suffers from a stored cross site scripting vulnerability that is leveraged via user-agent HTTP header injection.
0fa14945da66a1025b90d7c2d83ae4c10d8911af357302c935b38825ea48f490
Zero Day Initiative Advisory 11-047 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nLDAP.exe component which listens by default on TCP port 389. When handling the an LDAP Bind Request packet the process blindly copies user supplied data into an undersized shared memory buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
41b863a920f2e077d4e8d4b985be52979de4aae9f297bd311177ea3850049f02
Zero Day Initiative Advisory 11-046 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable code copies data from the ATTACH:CID and Content-ID headers within an e-mail into a fixed length stack buffer. By providing a large enough file name, this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
bdd4162ce5354caa85ddefb3baeb8113ed3c2ef0947470f6bc5a8bacece36c39
Whitepaper called Exploit Writing Made Easier With !pvefindaddr.
66b7858c35b089481af0d5520aedb019d9b02b6f2f4d0285470d966ad1c5c0dd
MyMarket version 1.71 suffers from a remote SQL injection vulnerability.
e3aa53300aed6e8c75213e460cc425f2cd16de34449e84a3f2f3225b3c630538
FreeBSD versions 5.4-RELEASE and below ftpd version 6.00LS sendfile kernel mem-leak exploit.
eefed0dbbad6b3a33771d66d5982aa28599fb1b4cd1b98cee1510a3870d2da9a
Zero Day Initiative Advisory 11-045 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the POP3 and IMAP services while processing malformed e-mails. The vulnerable code expands specific non-printable characters within a "mail from" command without allocating adequate space. By providing enough of these characters, memory can be corrupted leading to arbitrary code execution under the context of the SYSTEM user.
2452239f3ac3458dd571744680a1b8ac260cc8c727681ae26b4e843899ce1e0a
Mandriva Linux Security Advisory 2011-022 - The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. The updated packages have been patched to correct this issue.
0907e6c5d4173e25e259887f08f190600dc45ea47fe116dcd9c69bf869eece36
Zero Day Initiative Advisory 11-044 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Powerpoint 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with the way the application will parse external objects within an Office Art container. When parsing this object, the application will append an uninitialized object to a list. When destroying this object during document close (WM_DESTROY), the application will access a method that doesn't exist. This can lead to code execution under the context of the application.
0ea356c09b72a57afdde9c938bdf003ac0689a0483a1a28528a2b8f22bbde479
QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
dc87a58f04f0b475b53ccfc4234f13f78e8702769fabed12d980b08093c21c01
Zero Day Initiative Advisory 11-043 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support for the office drawing file format. When parsing shape data within a particular container, the application will add a reference to an object to a linked list. If an error occurs during parsing, the application will free each element yet fail to remove the reference. Afterward, the application will use this reference. This can lead to code execution under the context of the application.
cdce45fecc3bb177be0dab0963fd961d57b7d98a21dbed908dd8415374edf78b
Zero Day Initiative Advisory 11-040 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
89e75ed8eb6aa720b5030f67347313090098d12b25ec923d446e5723f9202db8
PySpoof is a threaded packet spoofer / flooder for Linux. Written in Python.
0bdccc9c5f22ee57cd6eb1d6883a4ad869d7e9e730faaffc90228737eeda43a7
Zero Day Initiative Advisory 11-042 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's usage of a specific field used for incrementing an index used in an array. Due to the application failing to verify the usage of the index into the array, the application will copy the contents of the specified element into a statically sized buffer on the stack. This can lead to code execution under the context of the application.
4cc8f1ede7810b3c469689b6849e9e246704b7c18ae0263e92c569bfc607cc6d
Zero Day Initiative Advisory 11-041 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the application parses an Office Art record within a Microsoft Excel Document. Specifically, when parsing an office art object record, if an error occurs, the application will add a stray reference to an element which is part of a linked list. When receiving a window message, the application will proceed to navigate this linked list. This will access a method from the malformed object which can lead to code execution under the context of the application.
6d762785aa20c3f9c41e04a636c4b36b5677eac5bd392a9891ea69f24a7df824
Mandriva Linux Security Advisory 2011-021 - Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
ae730be155787f04cc8e64b17e00deb20b930df75ebed07e700085d13b9802e2
T-Content Management System suffers from multiple remote SQL injection vulnerabilities that can allow for authentication bypass.
ac312cef4d47130e440bb9326da596411b61800971717ecaa3ec60c20e2ac385