AutoScan is an application designed to explore and to manage your network. Entire subnets can be scanned simultaneously without human intervention. The objective of the program is to post the list of all equipment connected to the network. A list of ports preset is scanned for each equipment.
e54fa60c48c4066b1430dc57dcbbc629f3bce5059cfc23d75006c86a807c0a92
Exploiting Windows Device Drivers - this paper introduces device driver exploitation techniques, provides detailed descriptions of techniques used and includes full exploit code with sample vulnerable driver code for testing purposes.
b286889865b77044980a2bb8f1907f8f08f978a367c7253d029233b9bc7b2e6d
Local exploit for winrar versions less than or equal to 3.50 ENG version.
72532d2181fcd53d15f1e8bd9f2d67844fe4b60830d28411c6b8cc7676e69520
This is a GUI for the windows TCP portscanning tool ipEye. ipEye GUI comes with a copy of ipEye, and include visual basic 6 source code.
c69d3f4736a110468704dae8d908b9cf710651ad7daa097a86b90d9832a2de03
Raw Fake AP is a program that emulates IEEE 802.11 access points thanks to wireless raw injection. It aims at creating/injecting both beacon and probe response frames in order to emulate valid IEEE 802.11 access points. This program is a basic proof-of-concept code.
9e4755e10859803427684f739877b9269934518fdc21233cc9616a6e38bfee03
e107 content management system versions 0.617, 0.6171, 0.6172 resetcore.php utility SQL Injection, login bypass, remote code execution, and cross site scripting exploit.
4ca6f9a0dff81c384f644a6d180792da376a530181b5b35ff06c8f4bc10d5a0b
W-agora 4.2.0 Remote code execution and cross site scripting poc exploit.
286eeb0997736e342ccc111a7f9f077f8c4c62c9862a968ebc49cb15f13f614c
Ubuntu Security Notice USN-210-1 - A buffer overflow was found in the "pnmtopng" conversion program. By tricking an user (or automated system) to process a specially crafted PNM image with pnmtopng, this could be exploited to execute arbitrary code with the privileges of the user running pnmtopng.
e8c7ce7d86f898ba4ab2ed0d8d231d930fc18255b947d73a0f13e9fe292e29c2
Ubuntu Security Notice USN-208-1 - An information disclosure vulnerability has been found in the SSH server. When the GSSAPIAuthentication option was enabled, the SSH server could send GSSAPI credentials even to users who attempted to log in with a method other than GSSAPI. This could inadvertently expose these credentials to an untrusted user.
b24947e48e021abe6262e9d8879719d4f81e60d88671e9c6d9843103b15efe52
Ubuntu Security Notice USN-207-1 - A bug has been found in the handling of the open_basedir directive handling. Contrary to the specification, the value of open_basedir was handled as a prefix instead of a proper directory name even if it was terminated by a slash ('/'). For example, this allowed PHP scripts to access the directory /home/user10 when open_basedir was configured to '/home/user1/'.
c852c01ceef1f4598383b83e3061e4f73f06ed53f1c9dbf279fb79d5d0054245
Ubuntu Security Notice USN-206-1 - Ulf Harnhammar discovered a remote vulnerability in Lynx when connecting to a news server (NNTP). The function that added missing escape chararacters to article headers did not check the size of the target buffer. Specially crafted news entries could trigger a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user running lynx. In order to exploit this, the user is not even required to actively visit a news site with Lynx since a malicious HTML page could automatically redirect to an nntp:// URL with malicious news items.
4b6361b06b6efcaf52522e3904afc75117232a9f7bf5c7fb14936353de5f181d
Ubuntu Security Notice USN-204-1 - Yutaka Oiwa discovered a possible cryptographic weakness in OpenSSL applications. Applications using the OpenSSL library can use the SSL_OP_MSIE_SSLV2_RSA_PADDING option (or SSL_OP_ALL, which implies the former) to maintain compatibility with third party products, which is achieved by working around known bugs in them.
33d74febe976b92e71fbcce56756131cfefa799708b336adad778a3b248b3a90
Mandriva Linux Security Update Advisory - Ulf Harnhammar discovered a remote buffer overflow in lynx versions 2.8.2 through 2.8.5
48154abcdff3ecaa89fc76b7d19a1d5210df7e297fbbe99f9d51d9641259ff78
Mandriva Linux Security Update Advisory - Chris Evans reported a heap based buffer overflow in the RTF importer of KWord. An attacker could provide a specially crafted RTF file, which when opened in KWord can cause execution of arbitrary code
7a3183c390645fecb2cac0f42f9b73b4f054919dbc1eb75ea65cc15ca3e7262d
Mandriva Linux Security Update Advisory - Javier Fern
a472be172d6fc469059b32dbc8d04e92cd576537b8caa4a88e1e5ba9d613c3d2
Gentoo Linux Security Advisory GLSA 200510-16 - Maksymilian Arciemowicz reported that in libraries/grab_globals.lib.php, the $__redirect parameter was not correctly validated. Systems running PHP in safe mode are not affected. Versions less than 2.6.4_p2 are affected.
66a323473db99d345d87b5284f3d354bfe715d7716a78173566caa395b50ba98
Gentoo Linux Security Advisory GLSA 200510-15 - When accessing a NNTP URL, Lynx connects to a NNTP server and retrieves information about the available articles in the target newsgroup. Ulf Harnhammar discovered a buffer overflow in a function that handles the escaping of special characters. Versions less than 2.8.5-r1 are affected.
96ff7abb18de7be6479057dae7e292abc783d595f4362e1a32011d9530ef2b88
Gentoo Linux Security Advisory GLSA 200510-14 - Some packages may introduce insecure paths into the list of directories that are searched for libraries at runtime. Furthermore, packages depending on the MakeMaker Perl module for build configuration may have incorrectly copied the LD_RUN_PATH into the DT_RPATH. Versions less than 5.8.7-r1 are affected.
a9bd91ef80d18ad1875134941d9177edbe0235c6471cf08fa37570a4c01e027f
Gentoo Linux Security Advisory GLSA 200510-13 - It was reported that due to an oversight all SPE's files are set as world-writeable. Versions less than 0.7.5c-r1 are affected.
02ffcdffe15e546465f149a2aec88a549b0b029876a1b4601146fa7b8e56da06
Gentoo Linux Security Advisory GLSA 200510-12 - Chris Evans discovered that the KWord RTF importer was vulnerable to a heap-based buffer overflow. Versions less than 1.4.1-r1 are affected.
43aa5977d57f188c2ea992007cfc6328fca1d1164de0d60cb67f9293f0e5bb14
Secunia Security Advisory - Some vulnerabilities have been reported in DB2, which potentially can be exploited by malicious users to cause a DoS (Denial of Service) or to bypass certain security restrictions.
142d91e59ee787316e326b5b4a00787ff244ae1db6dfd9e87c0bd66980d53470
Secunia Security Advisory - Some vulnerabilities have been reported in OpenWBEM, which potentially can be exploited by malicious people to compromise a vulnerable system.
f1f204798e59aad92531350143ffdbabd250b84f3d5b949e506145124f18f5a1
Secunia Security Advisory - rgod has discovered some vulnerabilities in W-Agora, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
6a4d66d6c0584dd08f99bbbc0dbeeb1c74d5ec3908aed50fbabda96fc9163eeb
Secunia Security Advisory - Seth Fogie has reported a security issue in iTunes, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
ee9fe3b91babcf212ea0fd270c17e7a05fdb62c1b3005b2d723e25205fabfa17
Secunia Security Advisory - A vulnerability has been reported in Gallery, which can be exploited by malicious people to disclose sensitive information.
4997bdc71277a9b662beb55030265659e9f16c479165438c9a7347ec3324a9a0