IM Lock 2006 suffers from a local password encryption weakness. Exploit included.
368a7c0f76d3e19857e301f235f6b477e58c7b5b2b374ad5d0f1c87ee29fc876
Cube engine versions 2005_08_29 and below proof of concept exploit that demonstrates related buffer overflow, invalid memory access, and crash vulnerabilities.
15f05ba213f222c50e09017b291e716a69b95c5c85ee4d21ba683472bd862e4b
Cube engine versions 2005_08_29 and below suffer from buffer overflow, invalid memory access, and crash vulnerabilities.
d6552aaae2b7e98742fa5635273935291b7868b08cc7a6b87608f461e42bd4b1
Proof of concept exploit for Liero Xtreme versions 0.62b and below which suffer from server freeze and format string vulnerabilities.
0edd9745165dc9dac46f02a9bc9acd7f6a867676c9c4033533b80490cee034a1
Liero Xtreme versions 0.62b and below suffer from server freeze and format string vulnerabilities.
c57877b437d2b8eea3cf6d0ad624de64d34e878b8925b72c1b7449f3afc316b8
Sauerbraten engine versions 2006_02_28 and below proof of concept exploit that demonstrates related buffer overflow, invalid memory access, and crash vulnerabilities.
a7232a9f7def00705ca8e95a3c2a372bfed3afc767bf03739401601e4704688d
Sauerbraten engine versions 2006_02_28 and below suffer from buffer overflow, invalid memory access, and crash vulnerabilities.
f242eddcce334a74afcc5bb4bf8db85590d813ced926c2ac5a2aa78e20721aed
Proof of concept denial of service exploit for Freeciv versions 2.0.7 and below.
44dcb8d5d26de7e1ca16cd513451c70ff23f9a7d4b4fc9666ced669177e9637b
Freeciv versions 2.0.7 and below are susceptible to a denial of service condition due to a bad memory allocation flaw.
96d039048126785567386828c5ccfa049cfa86c5233b903169c37886c8f37a14
evoBlog is prone to cross site scripting attacks via commentaries.
75e31cfb66f1290deaad2fe975db7f446baef3f7ac1a6768e4b7f89116b3f418
Simple Machines Forum, or SMF, version 1.0.6 is susceptible to a cross site scripting vulnerable in the X-Forwarded-For directive that can be used to commit attacks against an administrator.
bbb04a2ae436a9b5a1fae7328d29d939bcf34d704c12a5f228d83dc6d734db82
SyScan 06 Call For Papers - The Symposium on Security for Asia Network aims to be a very different security conference from the rest of the security conferences that the information security community in Asia has come to be so familiar and frustrated with. This two-day symposium will be held in a relaxed and informal atmosphere, allowing all participants to enjoy themselves whilst expanding their knowledge on information security.
1f6dac35a7f5a9e8763e8028a744c10d7e28467fbebdbf9a33860e20285814b8
Microsoft Visual Studio 6.0 SP6 malformed .dbp file buffer overflow exploit.
cc88b14c53181643f560c46f3d2fc89dc560148a4d0392f7981d084d89cc0810
DokuWiki suffers from an XSS vulnerability in the "Picture List" of the "mediamanager" It is possible to upload a picture with a specially crafted EXIF tag, containing script code. This code will be executed every time a user views the "mediamanager".
2b9c0351b951d6aa7308ec0aa1bca328612013d641e3a855f6a64c9d2136be51
The htpasswd program shipped with thttpd-2.25b can be tricked into executing arbitrary programs.
abdda0f4558def730529de9345400a2e8dcfde31ef1b3602b6dde851b696f909
LibTIFF local exploit - Tested on LibTIFF 3.7.1
6daf7251c3a7b593b29bb5bc29609135ec68cfa694394843e5dc9b96a6d9b9c7
Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies.
e4f00532cc0a2a0a8aa5c8df6c18a330e67b4b467007477dfb13944f2da3f558
exploit for a buffer overflow in RevilloC MailServer and Proxy version 1.21.
afff7d031624d10424b4a5bca421788cf97be945e85d898224f42ce78fe3d265
Link Bank does not properly sanitize user inputted data, which leads to a XSS vulnerability.
ea39408bfb8e377abecbb9466acc328753e8c77319aff091c40bd44d7fed0b1a
HitHost 1.0.0 suffers from XSS and other vulnerabilities due to improper input sanitization.
515d3f3fe8b1a8da521be95573ac435b66bde7a2146afc5fe6c06a509a721e72
DVguestbook versions 1.0 and 1.2.2 suffer from multiple cross site scripting flaws.
77e527786650af069b7dcca5fae0b701e0cc533c741277b09b04e4c6af83f69b
Bitweaver CMS version 1.2.1 allows for cross site scripting attacks via user supplied comments.
0ecc40da677e7e3ba4dc0ca07cbe8ad27fec6990fdf29911376bfbc3e6f448ee
PhotoBlogger versions 3.0 and below suffer from cross site scripting and SQL injection vulnerabilities.
449c56de560d9b374c3a92df9c3cdb251ac391d51f429449f2f2cbaf9334ecc7
Genie is a simple Telnet backdoor program that spawns on port 1179. Written for Windows 98/NT/XP. Version 1.4 Archive password is set to p4ssw0rd. Use at your own risk.
1538d91430aa24e37571c85221e221b703eee78aa0f6079fbe0e600460e84121
HITBSecConf2006 Call For Papers. Set to take place from September 18th - 21st 2006 at The Westin Kuala Lumpur, this years conference promises to once again deliver an International deep-knowledge security conference.
daa99740797b7c6862aaa2ba10e2281b2bc98ffc10e2a9a927c79b68fbc1c632