Creative Video Blaster Webcam stores passwords in plaintext in world readable directories.
739307820ad708e68a8462688e8b119986d434cc090aa046029d8858aa73fd2d
Weaknesses in DNS label decoding leave Intrusion Detection Systems, sniffers, and many other security and network tools and software vulnerable to denial of service attacks.
371b9212bbae432bc7eedba5eada8bd430b25b2e4a3f56563e58a253b7e23eef
E2-Zip 1.0 is an excellent whitepaper about EXT2-weaknesses in the Linux 2.0.x kernels. "File-hiding" exploit code included.
195b6e749733909e4b6086b91a1477e49534512097e41aa7e7a7d68b1f0f13d6
Numerous security holes exist in the web interfaces of the CMail 2.3, FTGate 2,1,2,1, NTMail 4.20 server software (and probably many others) that allow remote attackers to read local files and exploit existing buffer overflows too.
9d30a0409fcac773432538c9ba7493b9c07e4be8a37244d200bea20f0bd0fbcb
Improved exploit for the Solaris 2.6 and 7 admintool buffer overflow that results in local root compromise. This version now works on Solaris 2.6 and 7 (Sparc). No vendor fix available.
8d303f6aa9b85116be01167ef7bfda7e644ba663dbb1af085c009878c26ce06c
Another admintool local root exploit for Solaris Sparc machines.
5f7899bb5deca8e860c107ee478601ece0f3eec639c83fb48b01b6ca4ea84fea
ex_dtprintinfo.c exploits a stack buffer overflow present in x86 versions of Solaris 2.6 and 2.7. Local root compromise.
d20c16ba969da78f14929354c24b66534be61ee27bd7c5016b680d6183b40e6f
Updated version of the dtprintinfo exploit for a stack buffer overflow present in x86 versions of Solaris 2.6 and 2.7. Local root compromise.
0a126629e58953e738df87fb52fae2479e7385e7b8e4df08713e9830cd64b0a0
Sparc port of the exploit code for the dtprintinfo stack buffer overflow present in Solaris 2.6 and 2.7 for Sparc. Local root compromise.
91942b965c81fd2dd50e8f406afc67f263dd8933de4e7b4590ecf0d88dfcf134
Modified version of the exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise. This version fixes offset issue that made Solaris 2.7 exploitation difficult.
0789dbfad2ea2989e8ddeaf60dc0a246322c44c72ae3301e16a14620452947e5
Exploit code for Solaris 2.6, 2.7 (sparc) libc/LC_MESSAGES buffer overflow that results in root compromise.
7834c650c1aee86bae61ec528b9b64d739e0cfb7d4b34c7217ceb9cb11a6222f
Updated version of the local root compromise exploit code for buffer overflow condition in lpset, for Solaris 2.6 and 2.7 x86 machines.
dcc9337cd406ecc8f22101df61bf9dccb5e8d48f756821114ef19e82651f2467
Local root exploit code for buffer overflow in lpset, for Solaris x86 machines.
093022951f61d3e66e4ff27f648ef0ce493f6eae6de8b1efa1e192e61c212869
Local root exploit for buffer overflow condition in sdtcm_convert, for Solaris Sparc machines.
fe609c3510ae259d42916b6e7e9db383db56b70e49de580105be5dd11bb6ae46
Microsoft's Excel Macro Virus Protection patch is flawed, allowing malicious attacker to easily bypass the macro virus warning.
55b25375d86614dd3d03871667176bea330f0c75ebdcd063d347b0684d07a27e
Improper permissions in ExLibris Aleph Web server software default configuration allow anybody to access any files on the server, including /etc/passwd.
688ac4e9265cac4f1b703d7cff79d34de91096dc3409b127f9455a8151b9ff57
AppManager 2.0 by NetIQ for Windows NT, a product which enables an enterprise to monitor the performance and availability of Windows NT server services such as Exchange, SQL, etc, displays passwords in clear text, allowing malicious attackers to sniff Administrator userids and passwords.
25a66b04b169c0738eb46099fff3bd01500b7c0bdd7ae01adcc2b418f2712e85
(spanish) Security vulnerability in sshd2 <= 2.0.11 allows remote attacker to make repeated brute force attempts on the login/passwd without being logged. Fixed in sshd2 >= 2.0.12.
b00d0657b08e92139e3138c0e718c59938d742ecaac0193975447e4d5075db76
(english) Security vulnerability in sshd2 <= 2.0.11 allows remote attacker to make repeated brute force attempts on the login/passwd without being logged. Fixed in sshd2 >= 2.0.12.
db162d27acdda51744563dec6172c820f16099310d31eb4b1f8a84bb22de5e16
xosview 1.5.1 buffer overrun root exploit.
b4b6cefeda37b7ceee7238056d5a8cdcd1bc920b277f48101b96b709feb1fdfc
Three examples of exploit code for the weaknesses in DNS label decoding discovered by scut. zlip-1.c - endless, pointing to itself message decompression flaw, ethereal crashes linux; zlip-2.c - endless cross referencing at message decompression, ethereal crashes linux even faster; zlip-3.c - creating a very long domain through multiple decompression of the same hostname, again and again, overflows ethereal, exploitable.
93295e200333c49dab5b478a1cd74c348e837feacd7c4a2bdc67938cb921b9e2
vibackup can be used to rm any file on the system on openbsd / freebsd / debian.
81f26965187bb7a2764123ea6a90d1c1e6a5893c006e6b6ab7b2574a37e6322a