Microsoft Internet Explorer .ANI file handling exploit. Modified version of the houseofdabus exploit. Universal version of the exploit. Tested on: Windows Server 2003, Windows XP SP0/SP1, Windows 2000 SP2/SP3/SP4.
7d28b6b89f96a1823cf6133c4dfbbf4eeebb9afb847e5f3ffc5da17e887c96b4
Gentoo Linux Security Advisory GLSA 200501-41 - A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts. Versions below 1.8.5 are affected.
7b3a3fe50c91b53f142a4fdbc5fc1426702ce95d77746d0e6afdb04e2b6f4e47
The webmail portion of Infinite Mobile Delivery 2.6 from Captaris, Inc. contains a Cross Site Scripting vulnerability. In addition to the XSS, an even smaller issue exists where a user can determine the installation path of the client and where e-mails are stored.
ab16cccb8d5dac3bb83fa685da0c66ecaf107bea553a5bde32efb50a81721cbf
Compact mass scanner for Cisco routers with default telnet/enable passwords.
abd2a9fc125008f980986f130c505798029e1a956f0d037ae9b643b908ece46d
SquirrelMail Security Advisory - SquirrelMail 1.4.4 has been released to resolve a number of security issues. Manoel Zaninetti reported an issue in src/webmail.php which would allow a crafted URL to include a remote web page. A possible cross site scripting issue exists in src/webmail.php that is only accessible when the PHP installation is running with register_globals set to On.
5773619867fb37cf0ce9656875f5125f481bb03dec469652efec6634f72bd105
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
e9bb17e5004a4d17721d96c94f6f938f628eeab1776f4097de25699f57f91777
Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.
2f72998322fa1ea4c6c2c644becc01d4932c53fb305167832b92978f9a58c796
Gentoo Linux Security Advisory GLSA 200501-40 - ngIRCd is vulnerable to a buffer overflow that can be used to crash the daemon and possibly execute arbitrary code. Versions below 0.8.2 are affected.
9d2d8f54b4aaeed309eaf7cf77da5804c4ddb2197384ecfa2f424a8528311bc2
Secunia Security Advisory - Tem has reported a vulnerability in phpPgAds, which can be exploited by malicious people to conduct cross-site scripting attacks.
40071bb3a882ca30daa1e126643d423fc279f6c4959c72d5dd3c4836e2c2a3a1
Secunia Security Advisory - A vulnerability has been reported in PEiD, which potentially can be exploited by malicious people to compromise a user's system.
1b9b5869dcf0e988410613901202d078663d5ecde14311eabdcccae6c670c462
SCO Security Advisory - A vulnerability has been reported in UnixWare, which potentially can be exploited by malicious, local users to hijack local sockets.
31041ff5b45862c00e151b4e8be11d37a1e651ff64039f9ef1d718e496f98f69
Secunia Security Advisory - muts has reported a vulnerability in SnugServer, which can be exploited by malicious users to disclose sensitive information.
016588243f4aa629cc6885382fd7dd50f95beea53f7abb9e28c635aa63e938fb
Alt-N WebAdmin, the web application used to administer MDaemon and RelayFax, is susceptible to cross site scripting, html injection, and unauthenticated account modification vulnerabilities. Versions 3.0.2 and below are susceptible.
3248495f1d679d6e5e1767f9bda0c7cfd2ea42a402d286793af304c0def1cfd0
The MaxPatrol team has discovered that it is possible to defeat Microsoft Windows XP SP2 heap protection and data execution prevention mechanisms. Full analysis with code provided.
c13c505bd994bd2235753bb15f5a5a562e7f3bccf6d96db1ffa0b5e9e67ca4ab
Secunia Security Advisory - benjilenoob has reported some vulnerabilities in CoolForum, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.
b204f5fc2496d2c446e51ce0633a857dfac401316ff5aafe74dbe5f2299ad7ea
WebWasher Classic has a design flaw weakness where the CONNECT method allows remote attackers to connect to any server listening on the localhost interface of the proxy server.
2a29f5edeac813ac66ecbdbee56a1015c23933d41ef1785125f74e1a02901cf6
Secunia Security Advisory - A vulnerability has been reported in University of Washington IMAP server, which can be exploited by malicious people to bypass the user authentication.
5076f1631c337b3853afd5c8934a42884da91d0055a09398f94d0474d106ce64
Secunia Security Advisory - MC.Iglo has discovered a vulnerability in War FTP Daemon, which can be exploited by malicious users to cause a DoS (Denial of Service).
d935f35fe934218571f8fd9e546ef7c3523afbfbca4c799abeb0f46f676290a0
OpenPKG Security Advisory - A setuid and setgid application vulnerability was found in the Cyrus SASL library. At application startup, libsasl2 attempts to build a list of all available SASL plugins which are available on the system. To do so, the library searches for and attempts to load every shared library found within the plugin directory. This location can be set with the SASL_PATH environment variable.
2b51683b908ec938cb13adb29012b0ee3eb294a7a742091ff113cd0c39e5a8c4
Two exploits for Winamp 5.05 and 5.08. They make use of the buffer overflow vulnerability discovered by NSFOCUS.
3b29a4995e0aaccc260541dbb627b87fbe7fb0efadc0a8f4304d08d688585a97
authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
1546758d05794a4a37d199eaef73b3963ef4c4aa0a65cfcc38c69e834caa9fae
Shellcode Crypter is a shellcode encryption utility.
7036e758f501a16d557e1a68a5eec6b841a643a579614547a2c9f51501624c06
Secunia Security Advisory - Victor Ashik has reported a vulnerability in less in Red Hat Enterprise Linux 3, which potentially can be exploited by malicious people to compromise a user's system.
f094456e4d32799af64faf9d827b3a6e80912ab3d248970a16719ecdcf86f359
Secunia Security Advisory - SmOk3 has reported some vulnerabilities in eCommerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
254b72e5f5aa17e878bbd5b1667fc7937fa8afd093b034ed9d4b8a705108781c
Multiple vulnerabilities were found in Magic Winmail's Webmail, IMAP, and FTP services. Arbitrary file upload/download, cross site scripting, and directory traversal flaws all exist, along with the ability to access other user's mail. It really IS magic.
6cdd0f75b8a65fb62d8a4639fd3d414b32de01bbd3ab23bb7757fb4fa79da5d6