Tucows Client Code Suite versions 1.2.1015 and below remote file inclusion exploit.
8c7d5b4d9a9dfc82ac79fb8f2fedab577e49661b957d2b6322b0aec2f4fdb955
CM68 News versions 12.02.06 and below suffer from a remote file inclusion vulnerability.
4fbe17c6a6010d536536b580b3767f08cf848d5233eda6dea1a08f4697af66c9
ThinkEdit version 1.9.2 remote file inclusion exploit that makes use of render.php.
4971932d75405a4150baed935db4da30ab40d64a76faf9e41e79272cd369b797
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
eecb276af0d7e63530f92ed924b25f34ce0731b9cbaa8b16cbe7179077b93159
sauerkraut is a lightweight, multi-threaded and very fast IP scanner with a built-in banner grabber.
b2e699b7b162c30c8291ec7ada22b3d75012360bad189e68625b9ab34bff7109
Refspoof acts like a proxy server and is able to spoof your HTTP referrer and user-agent. This comes in handy to bypass certain authentication mechanisms or user-agent limitations for some download managers.
462eb0a9eca7d32154fd32846ca63fb75e1f3e01df8a7c208d4a14265c2e4f38
There is a buffer overflow in the Madwifi Atheros driver in some functions called by SIOCSIWSCAN ioctl.
ae78388667ab3deb4319d8f83bc674032a7c7b8df47d26ab5490c18a34bceb0c
CAID 34846 - CA BrightStor ARCserve Backup contains a buffer overflow that allows remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. This issue affects the BrightStor Backup Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.
14f77fd442c8352fa5dc275da7b933076426d1d4e5c398ae09e7d8bf4a539e90
OpenPKG Security Advisory OpenPKG-SA-2006.038 - The archive format utility GNU tar, versions up to and including 1.16, allows user-assisted attackers to overwrite arbitrary files via a TAR format file that contains a "GNUTYPE_NAMES" record with a symbolic link.
b3316815129634db7a89691f0f6a4712f63cc700167db955981aaf3a818c1b27
Debian Security Advisory 1230-1 - Rhys Kidd discovered a vulnerability in l2tpns, a layer 2 tunneling protocol network server, which could be triggered by a remote user to execute arbitrary code.
8230df9dcfe36fb3ec444fa7639580a9d7fd3a177c9f6938ce9d332eab814442
Midicart is susceptible to multiple vulnerabilities, including price manipulation.
e1bbdc3caebc99f8e5fb2f5a419d77b6d0b69c355c593fdc915e5e49d866d3d7
Google's Orkut suffers from multiple cross site scripting vulnerabilities.
90eb5daf15b7374085c9784f28b132d60291fa2de2c6168c2135461a2cfed66c
Ubuntu Security Notice 394-1 - An error was found in Ruby's CGI library that did not correctly quote the boundary of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU.
dbc6bd8f505cc59f27da20f6fba9d6e77f00c646983286b7fa8237386f38ec50
WebHost Manager version 3.1.0 suffers from multiple cross site scripting vulnerabilities.
e1bf3747ca646f6c87fdb80cdfeb12059f7f1ad3814014cd9e634a930a025d37
CPanel 11 suffers from a cross site scripting vulnerability in pops.html.
235937c3f1b5dc6cd241f31d76c19950d90fdefb664eb5251bfd1c4b9e75ead4
eEye Digital Security has discovered a vulnerability in all Intel network adapter drivers ("NDIS miniport drivers") that could allow unprivileged code executing on an affected system to gain unfettered, kernel-level access. For instance, a malicious user, malware, or exploit payload taking advantage of an unrelated vulnerability could additionally exploit this vulnerability in order to completely compromise a system at the kernel level.
6954f6306f926edd1c4a4b0dcac3b5fd90102d5b9255732d3a228f9efd4ef61a
OpenPKG Security Advisory OpenPKG-SA-2006.037 - Two security issues were discovered in the OpenPGP cryptography tool GnuPG, versions up to and including 1.4.5 and 2.0.1. The first issue is a heap-based buffer overflow which has been identified by the vendor during fixing a bug reported by Hugh Warrington. The second issue is a memory management problem.
e2ad975972bd8b4d3c70e676abce3b1376c3b1ef57af266813f375814ebfe63c
DUdirectory suffers from an administrative login bypass vulnerability due to a SQL injection flaw.
dcc29fc6d2780e6dbf5dddc7eab23a467951d2eff583c82381849f92dc6b349c
phpAdsNew version 2.0.4-p2 remote file inclusion exploit.
11838880a400f129bdc93818f912d6d0e58f6760673cc96633435fd9f4c752da
googlegath is a free open source utility to obtain informations through Google searches. It could be useful for penetration testing, security scanning, etc. googlegath has been tested on GNU/Linux, *BSD systems.
e754e380fcd9e0ba64eeb22cf691c7a8ed0da8b395cb718921623b3649666ab1
Gentoo Linux Security Advisory GLSA 200612-01 - The wv library fails to do proper arithmetic checks in multiple places, possibly leading to integer overflows. Versions less than 1.2.3-r1 are affected.
63088a4b5cd8ebe65242e5a4c05ea6c20e60c29a6f4bd14625159923def1068d
Secunia Security Advisory - sehato has reported a vulnerability in Windows Media Player, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.
361a3f9f71ab147c2fa2cb1a6d8bc9b1b2ecbaee9a26a19bee287cddd7926703
Secunia Security Advisory - Gummiente has discovered some vulnerabilities in the JCE Admin component for Joomla, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
11658e3c86cb3949f275818887c2654086148a490715b98fa5dc0462208f4d03
Secunia Security Advisory - Ubuntu has issued an update for ruby1.8. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
25990ce4f454c84640a0fc111b33080c35e75300e4cfed99333c0c25dad39ee8
Secunia Security Advisory - Secunia Research has discovered a vulnerability in MailEnable, which can be exploited by malicious people to compromise a vulnerable system.
32c494cbaacd3e3a6d069738cb5dc94d3c8191c1e46af49d91f38f1f7c62283c