BL4s SMTP server versions less than 0.1.5 suffers from a flaw that can allow remote attacker to cause a denial of service or execute arbitrary code due to a buffer overflow in the SMTP service.
99261d09b996c6e2db11f243f986cb42f1fa42ed71d2b262cada4e5389f00d47Invision Power Board 2.1.4 SQL injection in func_msg.php exploit.
b35e8803e4ad5242d872d623728a37554dd4632c7e35bb4ec895a48a77d65f67A paper discussing the various vulnerabilities in DNS: "The vulnerabilities described in this advisory affect implementations of the Domain Name System (DNS) protocol. Many vendors include support for this protocol in their products and may be impacted to varying degrees, if at all."
d5c3453b8775ce662de82820c87934d3586b2daf744da4869731b0767a4a765aRFIDIOt is a python library for exploring RFID devices. It currently drives a specific RFID reader made by ACG, called the HF Dual ISO Reader. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
0abfcd4ef2ced12418a67f696cb697dc8fd1d9d45de528c0681c56ae7119ca91CoolMenus Event suffers from a remote file inclusion vulnerability. POC included.
c9d67d9b0ea47e1c5f547120ec105f0df4485bb5140b7528685506acadf3fe00Artmedic Event suffers from a remote file inclusion vulnerability. POC included.
077c4928d96b80ba46e9d5413980945c81c426c4a61a1b4da83bcf6f1311bf80Description of a Yahoo! Mail XSS vulnerability that has been patched silently by Yahoo.
49be6d3832e58169091bb8bd1a3af60369ca7fd7e23a79e16dee47991ca06fc3I-RATER Platinum suffers from a remote file inclusion vulnerability. POC included.
66d7dc8c07f4455c9d40751cb297d9e5094805ceccde0090e27fa08be5a80805Secunia Research 28/04/2006 - Servant Salamander unacev2.dll Buffer Overflow Vulnerability - Secunia Research has discovered a vulnerability in Servant Salamander, which can be exploited by malicious people to compromise a user's system.
f652fcd564524b621f1cee3d74f4f0a21942f1b4b1f93a12381f5d8356ae006a[ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability. A format string vulnerability in Sws Web Server allows remote attackers to cause the program to execute arbitrary. The format string vulnerability and buffer overflow can be found in sws_web_server.c ayardosyasi.h file.
f8646aeecd77b8cbcd678f4cf8a66b6822ed939407bb6c8c805b6299c63bd614Neomail suffers from XSS in Neomail.pl.
f12e48e9d70135ab7131651b0fcc46961410e7e1885d87c88227508cc82d6e0dCireos Portal from SirceOS suffers from XSS in buscar.php.
169593e65366f35f19f969828b67320a1a5f9e01937f74356a6ed66526c26adfThere is a vulnerability exists in WinISO and UltraISO, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability has been confirmed in version WinISO 5.3,UltraISO V8.0.0.1392, PowerISO v2.9,Magic ISO 5.0 Build 0166
71af3606163dc754a646b1ae9fe7da5983c7be7d2835bd08dc5f40059c5be068Microsoft Internet Explorer suffers from a potential user interaction race in its handling of security dialogs. As a result, it may be possible for a malicious web site to install software on a visiting system or take other actions that may compromise the privacy or the security of the visitor.
2e80f78b30be81e611a091caa94ab96e849742fa4ccfafa6ca94c1f6bd9cb89feEye Digital Security has discovered a critical vulnerability in Juniper Networks SSL-VPN Client ActiveX Control. JuniperSetup.ocx ActiveX control is automatically loaded through the web interface of Juniper Networks SSL-VPN. There is an exploitable buffer overflow in the handling a parameter of ActiveX control that will allow a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code though the web browser.
ae91c48bc6230bd6f8a1f277d0928e54cb08c88233c50af6a00fc28ae3d57404Open Bulletin Board suffers from multiple XSS and SQL injection vulnerabilities.
d3fee9252fa517b97f432351ede590dce498caba98f8504309eb92ac4b8e139dCisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack. A malicious user may be able to send crafted packets to a concentrator which may cause the device to halt and/or drop user connections. The power must then be reset on the device to recover.
e03f528adcfde374db304956080fda8b73d48836f3835c1b5011ddf389ebcb4cMySmartBB v1.1.x suffers from SQL injection and XSS.
c0985406bbf1ec97555373249ec9cabd96f14826fb71a9e07111d44a95170d0cDevBB versions less than or equal to 1.0.0 suffer from XSS.
acb9af4df47311a50014b69491af9568cff581cb65eb06f627563fa273c91ad3Secunia Research 26/04/2006 - SpeedProject Products ACE Archive Handling Buffer Overflow: Secunia Research has discovered a vulnerability in various SpeedProject products, which can be exploited by malicious people to compromise a user's system.
eb48fcd8d4efd5cd002dce6a626ef809a2bc31b7ea9d31354d46bee0d36b2213eVuln ID: EV0125 - warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities.
106d635e3a71f8c60a3e6faf2e38fe7f2866b945027d44c71d8a69dfdd002665HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006: Oracle(R) has issued a Critical Patch Update which contains solutions for a number of potential security vulnerabilities. These vulnerabilities may be exploited locally or remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
863d6b0838da3a62db08d3423a378b026358c3a5b663c0b72c7dd9680e10e223HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access: A potential security vulnerability has been identified with HP-UX running xterm. The vulnerability could be exploited by a local user to gain unauthorized access.
51e4cde9cd57544ba96cc38922cd56e25abdcaaeb865f2be7c99261f8c148ea9HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code
8b5495d81f7480de2b5bf6cfb215e510e38b24196e87c3bdc86d72a7e73291b0ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail.
70ec9a4add873515b39c5531866ba5b0da716b3456083b4b73454101b5fb0135
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed