alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
513f8027101c4b71d47b66f0d5ac923f25cc01d337f140dbeb0b8d6830f214fa
The PostNuke Subjects module 2.x is vulnerable to multiple SQL injection attacks. Detailed exploitation provided.
f2e43ce81a4b458af38d2996bd7bac9a704d17169dbb72af1dc7eb272204e227
Proof of concept denial of service exploit for Halo: Combat Evolved versions 1.4 and below which suffer from an off-by-one vulnerability.
279e28068546b26d15850b461f9ae8cba371825079e3efe747efcb055aab12fb
Halo: Combat Evolved versions 1.4 and below suffer from an off-by-one vulnerability that can result in a denial of service.
ab368723fc5910a5e72174769904c58f6bf0ed7dfd96ac0223fcb7fbb731516f
Gentoo Linux Security Advisory GLSA 200409-14 - Samba is vulnerable to a remote denial of service attack due to out of sequence print change notification requests. Versions below 3.0.6 are affected.
734c55be7f74b7105607ffc3f19c3b92fdd780cbdd9dac1ec2254fe1039e224d
A huge list of IP space for various Federal agencies. Interesting to cross reference to logs and see who may be accessing your web sites, etc.
73f31ee9cf759edddd06e96a9c43a4ceedd2b123dbb9551c20ef02cde5a19713
1n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.
3d4f0cad3bf5909482a41b6cd90458a4c7d884937342ee058bb2ffbf732e9cd2
MAC OS-X rootkit that has a lot of standard tools included, adds a TCP backdoor via inetd, does data recon, and more.
21e6ef5bbf484ae909d8e4ab55e0e47d82f7478c4941f5cca236f04306b9f98e
chroot_safe is a alternative method for chrooting dynamically linked applications in a sane and safe manner. By using a little dynamic linking trick it delays the chrooting until after dynamic linking has completed, thereby eliminating the need to have a copy of the binary or libraries within the chroot. This greatly simplifies the process of chrooting an application, as you often do not need any files besides the data files within the chroot. In addition to chrooting the application, it also drops root privileges before allowing the application to start.
a7edcb94d5151e85cfca6aa29e7fa53b02ba44a136a77ce6928f25e9fff09d1d
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
5e2de03ae3a29fbeb42b795289a23f1f27bbb4e951203b99eef70a1694be5de3
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
0a355f80b17e169797c3ba872c4786c668cc8fa3dd3a3293e61372cb4899d27c
ArpSpyX is an ARP packet sniffer that displays a list of IP and MAC addresses found by analyzing ARP traffic on your network. It can be used to easily gather MAC addresses of network machines remotely, quickly identify new clients on your wireless network, and identify ARP poisoning attacks by tracking multiple MAC addresses for a single IP address.
a030c43f4e839d18e6f130674bc762c7831d43bed2bbf33cbd40797b64ef43bf
Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.
184e0a6a76c2d05f1b27f32e7c164f6a2b57a8361b644492a11ac52f86539dda
Secunia Security Advisory - A vulnerability has been reported in F-Secure Internet Gatekeeper 6.x and F-Secure Anti-Virus for Microsoft Exchange 6.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the exception handling in the F-Secure Content Scanner Server component. This can be exploited to crash a process in the component via specially crafted packets.
b3ca10c3e6df929147caeb5c692f7f7718af84037ebe064bdbe7ca9960545ca7
Secunia Security Advisory - A vulnerability has been reported in MailEnable Professional and Standard 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing DNS responses. This can be exploited to crash the SMTP service by returning a DNS response containing over 100 MX records.
f5b8aa714888662a42f8bbfaaa1434adcc6dda119cf4c088df06fc3f53402ddc
Gentoo Linux Security Advisory GLSA 200409-13 - Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code. Versions 114i-r3 and below are affected.
3f6655c18e8e9c6b298a4899b7be30784a18b4b8ae9377ad8e50072ac22cd18e
Simple unix-based backdoor that is very compact and provides a bindshell.
d2da29c47b3ffc365cc6f096647ffb62a5dbc2a4f8fd08c29068fed3eb20d0c9
Secunia Security Advisory - A vulnerability has been reported in Emdros, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak in the CFeatureDeclaration::TypeTypeCompatibility() function. This can be exploited to consume available system resources by issuing a large amount of malformed CREATE OBJECT TYPE or UPDATE OBJECT TYPE statements. Versions below 1.1.20 are affected.
90af5467e7cf6e5b9248568c49e8662738511456e0f7b51b556f0b12a910b107
Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages.
4cc09851766971746c5b08e98353c8b4df3cf74fec7ad589cdc3d141e138eea7
A buffer overflow vulnerability in the Trillian basic edition version 0.74i occurs in the MSN module when receiving a string of around 4096 bytes ending with a newline character from an MSN messenger server. This vulnerability is remotely exploitable but requires the use of a man-in-the-middle attack. Full exploit included.
045f8b6357fcbfcb5e4a9b20c60a3c2a36c5c1fdbf410125e1aea34ddaf40e1a
Local root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable.
2871e27ea81a6a71a847badaf4a16cae0b8f374ea8a414b249ac51d9cffa940d
Mandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.
6f38c8ce8d76f1228e8d3ca2e1b81434d0f2613330175e2b3a098eeec3ceb160
Gentoo Linux Security Advisory GLSA 200409-11 - star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker. Versions below star-1.5_alpha46 are affected.
0a764fb0ae2a0a1b04bf81b961a04d56e2ddd3be02fad962dccb42f9025e8af6
Gentoo Linux Security Advisory GLSA 200409-12 - ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.
376ef73790324660fa24345695c0cd32047f99fa788ed69b7787d37def69f456
Secunia Security Advisory - A vulnerability in net-acct can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The write_list() and dump_curr_list() functions create temporary files insecurely. This can be exploited via symlink attacks to overwrite or create arbitrary files with the privileges of a user executing net-acct. The vulnerability affects version 0.71 and prior.
b396350780b8c1b8f374c9455b36472cd9ed1ffcecc1ac74c6273db16b32ce54