Proof of concept exploit for Perforce Servers versions 2007.3/143793 and below which suffer from NULL pointer, invalid memory access, and endless loop vulnerabilities.
1dd163d775ebc9b1c4abf52d79d9f0cd78dd073b5c8fd08e2b09ec2daa6335d1
Perforce Servers versions 2007.3/143793 and below suffer from NULL pointer, invalid memory access, and endless loop vulnerabilities.
40b7c8196cc7d7c26a3289c793200a705f3c2b1cf9d1e9f9faff7eb34b7d0012
Physical Security Attacks On Windows Vista - A short whitepaper discussing the firewire unlock attack.
5f035da0bc475ea3fd4753cf55841d7118ed5b5a109b008da86072262ddd24dc
WebCT Campus Edition version 4.1.5.8 suffers from multiple javascript related session stealing vulnerabilities.
9f02a83db30f2b4f111a50f535c11c17913b5a61d6f146d92532ddc17b11e90b
It appears that the Linux Kiss Server version 1.2 suffers from a format string vulnerability.
cd1bc5ebd7a34b22360783ccff5fb8ddcf0dbbb025e55f10527277783e35dc7d
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. This paper is a study regarding wireless technology in implantable cardioverter defibrillators (ICDs) being susceptible to hack attacks.
0ed778576445793fa55a12ccf8d3fca0b36fba685620b7f8b9ad002005ac1a7c
Mandriva Linux Security Advisory - Several severe security issues were discovered in the Joomla! PHP-based content management system. These issues have been fixed in version 1.0.15 which is provided with this update.
58b45982d290a51264f847919958903b79ddff72163bf4857863b3a461c6e3fa
Gentoo Linux Security Advisory GLSA 200803-11 - Joey Hess reported that vobcopy appends data to the file /tmp/vobcopy.bla in an insecure manner. Versions less than 1.1.0 are affected.
25c681b9fa3e94c0fbd2ec1c18833c998326084332b3ec319444583e217b38d4
Ubuntu Security Notice 584-1 - Jonathan Clarke discovered that the OpenLDAP slapd server did not properly handle modify requests when using the Berkeley DB backend and the NOOP control was used. An authenticated user with modify permissions could send a crafted modify request and cause a denial of service via application crash. Ubuntu 7.10 is not affected by this issue. Ralf Haferkamp discovered that the OpenLDAP slapd server did not properly handle modrdn requests when using the Berkeley DB backend and the NOOP control was used. An authenticated user with modrdn permissions could send a crafted modrdn request and possibly cause a denial of service via application crash.
56b08681c41e3d1474d2d57c53bc9140ac991a5cde6cef4939f8c62c627861d7
Mandriva Linux Security Advisory - A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server's Tcl regular expression engine. This flaw can result in an infinite loop when processing certain regular expressions.
69bd180d13a45c0d100ed726b8f091f5ba4f9841bbaae42b85ac5daebcb4ab8d
Gentoo Linux Security Advisory GLSA 200803-10 - lighttpd contains a calculation error when allocating the global file descriptor array (CVE-2008-0983). Furthermore, it sends the source of a CGI script instead of returning a 500 error (Internal Server Error) when the fork() system call fails (CVE-2008-1111). Versions less than 1.4.18-r2 are affected.
360b597a94cb9975c44c892646eff653429144ecb590d27194b2bb0ecb765dc3
Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200801-09:03 - The previous version of the X.Org X server (1.3.0.0-r4) did not properly address the integer overflow vulnerability in the MIT-SHM extension (CVE-2007-6429). It failed to check on Pixmaps of certain bit depths. Versions less than 1.3.0.0-r5 are affected.
ec9718e4bc7cbfde57e6fbae71ba194bdc3199ce1bdd7c9822705ba14c88559b
Ubuntu Security Notice 583-1 - Ulf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails. A remote attacker could exploit this by sending a specially crafted email, resulting in arbitrary code execution.
de63b123c9a1cee483e103bd14102f1e7f065f80460804cae7ed3f45460c2dab
Mandriva Linux Security Advisory - A vulnerability was found in slapo-pcache in slapd of OpenLDAP prior to 2.3.39 when running as a proxy-caching server. It would allocate memory using a malloc variant rather than calloc, which prevented an array from being properly initialized and could possibly allow attackers to cause a denial of service. Two vulnerabilities were found in how slapd handled modify (prior to 2.3.26) and modrdn (prior to 2.3.29) requests with NOOP control on objects stored in the BDB backend. An authenticated user with permission to perform modify or modrdn operations could cause slapd to crash.
e1dd55f35e35b48f7bfc6c5d283befa889c1a4ab1ae5d0dfa300f4c283fd33ee
Debian Security Advisory 1512-1 - Ulf Harnhammar discovered that Evolution, the e-mail and groupware suite, had a format string vulnerability in the parsing of encrypted mail messages. If the user opened a specially crafted email message, code execution was possible.
9402a08a62d7316259919341c76df564fda29993750e3ba47d980ceef4d71148
OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.
92cf6287ca8648c58a1bf3ef82deb976f6a65163d8b7e3c4dd272d23e120518e
RadialNet is a network visualization tool. It consists in a graphical visualization of the networks mapped with Nmap, with some efforts to make it easy to find security problems.
20e1eae6181531547742d5a8550e56bb3110decb92e91e2ccd16b6cc4f4f2fbd
ICQ Toolbar versions 2.3 ActiveX remote denial of service exploit.
74da912743972bf3b6843c60fbd3962165a38f4108595d36b215ead70a4aec48
The XOOPS wfdownloads module suffers from a remote SQL injection vulnerability.
a27e450136288a1d7739cef79f2d864955cb92db8b691a099a1ce484370e097f
The XOOPS Glossario module version 2.2 suffers from a remote SQL injection vulnerability.
375839145f2f138740f92a0a527c12eac7975027b00a62a8f4dd438c26c42bc7
Secunia Security Advisory - Some vulnerabilities have been discovered in Numara FootPrints, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to compromise a vulnerable system.
02d0f6cd86adc17f9d864aa4c223da5b82edc4eff4625ab3ac161ea316ca4b40
Secunia Security Advisory - Nir Goldshlager (Avnet) has reported a vulnerability in IBM Lotus QuickPlace, which can be exploited by malicious people to conduct cross-site scripting attacks.
ebccc615089970f9c512c92ba454f2142bf36f14a52d6b2d1f9be66581e6d84f
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Evolution, which can be exploited by malicious people to compromise a vulnerable system.
160f72382ca176f72ca3f1e1551d96a1c2b0ca2575723a8afac62757ceb4830e
Secunia Security Advisory - Gentoo has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions.
ee3c5ca0f387783ede04102aae4fd89a27b8651562b4f391257110131bf5cde4
Secunia Security Advisory - Red Hat has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
d215c58aeca1f4ebfde19cd4adf9327391a88a4283219b5948313c5836e3238c