ppscan is yet another portscanner. However, it can scan an entire Class C subnet for a range of ports not only using tcp-syn/tcp-connect but also by tunneling through HTTP proxies (either HTTP GET or HTTP CONNECT), or using FTP servers which allow arbitrary connections via PORT bounce method. It is multi-threaded, so it can blaze through connection attempts.
662c1cf506bf0d8bb74216f8ea2f0047e7c33238eb1860284b5d9c9fbb2ccc27
Whitepaper discussing man-in-the-middle attacks against the chipTAN Comfort online banking system.
173c757d24d9c5b57918ebadcbe6919bbbf6f503ff59afc5031181d05111efdd
OpenX versions 2.8.1 and below are vulnerable to remote code execution.
6a808fe4a1876118ed275a0f17968d069581aa4e6cb05cf27628827b81ecc0ff
TYPSoft FTP server remote denial of service exploit that makes use of APPE and DELE.
150ed27b3194fd15afb4196da0b3242fafea00c033ef3d9bc7a6952922cdb67d
The harbour.pl script builds 1941 and below suffer from a remote denial of service vulnerability.
6025ad2f20319b92507cebe17960e3c31744c65c9fc8f412d122a8c4b6378d43
Ubuntu Security Notice 861-1 - It was discovered that libvorbis did not correctly handle ogg files with underpopulated Huffman trees. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service. It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges.
eae0d2f3f32cf33000f3d2bc776104ba25f98a9675818118f9d38a10b34071ae
Quick.Cart version 3.4 and Quick.CMS version 2.4 both suffer from cross site request forgery vulnerabilities.
a291709208fa14adc1a5eab49ffc15c878c487a510f9d3913c92d128302ffe83
PEAR Security Advisory - Multiple remote arbitrary command injections have been found in the Net_Pingand Net_Traceroute.Net_Ping versions below 2.4.5 and Net_Traceroute versions below 0.21.2 are affected.
1f8e26e5d2a3b7524f9d89fd9fd45aede051f3408d7534eb1f57bbb1ea3b1a36
WP-Cumulus version 1.20 for WordPress suffers from path disclosure and cross site scripting vulnerabilities.
35a4d37e5ffba03af02fb610a6aab2f8fa7fc1f4a0756d7ec716da27b29ecaf2
Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.
0ef70f47c3adce44a408f33695e621cada2197cc52493bbf25e2fd2bf6891dd4
XM Easy Personal FTP Server version 5.8.0 remote denial of service exploit.
7e36fe5d6389fdf072223910ed5c194801e09d85b293396f06d2f170cf7c5dde
Whitepaper called English Shellcode. In this paper, they challenge the assumption that shellcode must conform to superficial and discernible representations. Specifically, they demonstrate a technique for automatically producing English Shellcode, transforming arbitrary shell-code into a representation that is superficially similar to English prose.
520adbcbc20b5b74ff45288dfb818039f329155c76d5816f3314408df708f644
Secunia Security Advisory - Some vulnerabilities have been reported in Cacti, which can be exploited by malicious users to conduct script insertion attacks.
333331899898787e5e5522b4afe7fde7168e219ebf1f38a21893c0fc044c54af
Secunia Security Advisory - Fedora has issued an update for asterisk. This fixes a weakness, which can be exploited by malicious people to determine valid user names.
d973e210dab9d6f6ce9a5b8513db87c271f2993b9e0179df6771db17bd6322b1
Secunia Security Advisory - Fedora has issued an update for snort. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
af3da90fe0e352b6521bda8cfada7a29c3da06f3a6c227834f76d83c462e0db1
Secunia Security Advisory - A vulnerability has been reported in the Net_Ping package, which can be exploited by malicious people to compromise a vulnerable system.
9302426d9890da8283b7322863ae0678a1feb2f8edbdf0a275efd1a4c58cba2c
Secunia Security Advisory - Debian has issued an update for php-mail. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
f2611540200e590892c4ad0805cc671edd41d827f28e4f5da9f8a799a294fd99
Secunia Security Advisory - A vulnerability has been discovered in the Sage extension for Firefox, which can be exploited by malicious people to compromise a user's system.
b299d21d7630f92201c9650e2a3b470d2d5d804146fd6b8f9f691bd303f27541
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and spoofing attacks, and potentially compromise a user's system.
dc2051888225c1f75fddf90b3733d45b9910a09203a25e8dee2fb8b83a958a81
Secunia Security Advisory - MustLive has discovered a vulnerability in the WP-Cumulus plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
7f54d633d855f7288314e1e9d2dbeea33668ed79918aaf896b82da238544ffa7
W3infotech suffers from a remote SQL injection vulnerability that allows for authentication bypass.
01ab51727bf20650b3e60a32cde842a6173b660c8f99728161c18a31b1439908