Secunia Security Advisory - Donnie Werner has reported a vulnerability in E-Data, which can be exploited by malicious people to conduct cross-site scripting attacks.
97e3bac1d56bac5d4427900a7fd74464dc471bef67d261ab7d47889acca2edb7
Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Sacred, which can be exploited by malicious people to compromise a vulnerable system.
fcc85ddccaa3037be324238d4ec5030f90993855d85dff57990d37cbad458b27
Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in The Settlers: Heritage of Kings, which can be exploited by malicious people to compromise a vulnerable system.
59735ed172f228e6eef49b6eac899527784bc2f72b8d71668ba0d3385dd018d0
MIT krb5's supplied telnet client is vulnerable to buffer overflows in the functions slc_add_reply() and env_opt_add(). These can be exploited by a malicious server to which the client is trying to connect.
e4c1476ad7afba11079985f9690f65b19a9f0750826a16ff4f4d3bf05f3d8da9
Secunia Security Advisory - A vulnerability has been reported in Smarty, which can be exploited by malicious people to bypass certain security restrictions.
f5001cf5cd35592cacc83ae523ab9aa51805228767b10545dbb32eb310544cf7
Secunia Security Advisory - Gael Delalleau has reported two vulnerabilities in Kerberos V5, which can be exploited by malicious people to compromise a vulnerable system.
8d77c0524576df8beefe2fa2340b441c05a2f186b4492e6fd771811835f33ac6
Whitepaper discussing the use and setup of SFTP in the business place.
052c8fbeded90b605ab6795770b8ba0e89ec1e1dae6c1741e49090e771529bb1
Iron Bars SHell is a restricted Unix shell. The user can not step out of, nor access, files outside the home directory. Two ASCII configuration files are used for more control. The system administrator can define which commands may be executed by the user. No other executables are allowed. The admin also has the opportunity to define what kind of files the user may create. If a file has a certain extension (such as .mp3, .c, etc.), ibsh automatically erases it.
9a2cef47abd5caa27076db8a28060b9ab94e7678e57aad299fdce735b7b099ae
The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.
565021bb9e0539ec81c98acd63a4c0549afb0521bf1f38458fe8c4be5711574d
Wepdecrypt is a wireless LAN tool based on wepattack that guesses WEP keys using an active dictionary attack, a key generator, a distributed network attack, and some other methods.
3db0be559dbe7bcd566eec14bbe223bce313111a82237de8b8433c43779a53ec
Multiple SQL injection and cross site scripting vulnerabilities have been discovered in AspApp. Sample exploitation provided.
03e90c2cb4195bc7bc382495197baedd3e0d909a18bcfb755d1062bb38afca07
Multiple SQL injection and cross site scripting vulnerabilities have been discovered in PortalApp. Sample exploitation provided.
ef8774a270f7cf5c3c385dd44115e3f3ab80760745b1a26d5d9c111db428ebee
ACS Blog version 1.1.1 is susceptible to multiple cross site scripting attacks.
0c6942c90bd3e4344142bcb9a42ec2ca5feae9635b10587ede08a046069e3c05
Remote root exploit for the preparse_address_1() heap buffer overflow in Smail versions 3.20.120 and below.
03fa4cf4484ee5197112b1be3896401a73baeca9c53af9ffcfb129454017221e
Photopost PHP Pro Photo Gallery software is susceptible to multiple cross site scripting and SQL injection attacks. Detailed exploitation provided.
37b9312ab67645bf7aa36fdc72203dd12b60bfbd3bfb1f48fa1936e2f2486c61
PTT Security Advisory - Sun Answerbook2 version 1.4.4 is susceptible to cross site scripting and administration attacks. Exploitation provided.
f84f8926bae5020beca593a0122297f5f39ac778c3820f5996098cd6a9e123be
iDEFENSE Security Advisory 03.28.05 - Remote exploitation of a buffer overflow vulnerability in multiple telnet clients could allow the execution of arbitrary code. The vulnerability specifically exists in the env_opt_add() function of telnet.c. iDEFENSE has confirmed the existance of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.
de99e8ea1329dbc1f15a968b8c0756e881aa440162190742655fdb287e67ea1c
iDEFENSE Security Advisory 03.28.05 - Remote exploitation of an buffer overflow vulnerability error in multiple telnet clients may allow execution of arbitrary commands. The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer. iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.
9a3b7b73eb08fc8817b92e7dac30a75b72f3c015d5bbd074dbfb8f930414a6f2
Practical guide to advanced network attack and reconnaissance techniques using Python. Includes topics such as firewalking, port scanning, ARP poisoning, and DNS poisoning.
916232dd57df1886350cf72bfea0c2c2b0deabc436b2c432950fbf0ce8bdd015
Proof of concept exploit for a remotely exploitable buffer overflow in the Tincat network library used in various games.
59a3b89267c5dd0e34a3c1f1ddfd3867902e562a8c7054b2a8a2a37ea1878f70
The Tincat network library used in various games is susceptible to a remote buffer overflow in the code that logs players entering the server. This flaw allows for remote code execution.
c211634e8ceb1aabbd24adf99b61d5686e280b0581dced699b041982f50b4780
Gentoo Linux Security Advisory GLSA 200503-34 - A routine security audit of the mpg321 package revealed a known security issue remained unpatched. The vulnerability is a result of mpg321 printing embedded ID3 data to the console in an unsafe manner. Versions less than 0.2.10-r2 are affected.
e3b4a0926c6deb1e52dbd27635780082fa5bbda54ada9fec46a0718dc8882384
THai's Shoutbox is susceptible to a cross site scripting bug.
ed49a7e339d0891d132dc79e327caf12fabaf981cbcaf07676c4f8b3aa3c5658
The Bluetooth code in the Linux kernel has a flaw that allows for local privilege escalation. Versions affected are greater than or equal to 2.4.6, less than or equal to 2.4.30-rc1, and 2.6.x up to 2.6.11.5.
3af1e2b575930a55ef4b0186165f28931f8a985f60a7c3067e9481a97e6a86a3
Vladersoft Shopping Cart version 3.0 is susceptible to multiple cross site scripting and SQL injection vulnerabilities. Sample exploitation provided.
ff883a1159901250b604c992c505e6b30d38334d06fe39e24596c33f727d5e37