sshdautoban is a script intended to automatically ban, in real time, attackers that are trying to connect on your sshd service without authorization. It blocks connections from an IP address when it issues too many login errors.
92c99f11e9285e5115c53e480348cda76acf61d9201ab7ead7b580bd444ea898
Joomla Kunena Forums remote blind SQL injection exploit.
4b5d078e010d6f14b8b290c7109fa8f0a07270eab29ed096e05db85a960ba0a9
CMS Made Simple versions 1.6.2 and below suffer from a local file disclosure vulnerability.
e1f75ca3639a9a2acd26c0bbe1910446e0d9fee255d4bd761931eda2c1ef8266
yPlay Player version 1.0 local file crash proof of concept exploit.
3563eea012fdd9b1b7c8e5568fe53730e030cf1966c5f7bb3a90abd093db9f1e
Zero Day Initiative Advisory 09-052 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates Unicenter Software Delivery. Authentication is not required to exploit this vulnerability. The specific flaw resides in the dtscore.dll library. The vulnerability is exposed through multiple processes listening on multiple ports. The vulnerable function is a token searching routine which will copy user supplied data into a fixed length stack buffer. Exploitation of this vulnerability leads to arbitrary code execution under the context of the SYSTEM user.
5c2c1fc9b1df8146f1cd54d5e489b53fd4f9617bc46f40661f1c2e26632c5ad7
Zero Day Initiative Advisory 09-051 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within the irccd.exe process which listens by default on a TCP port around 6700. The XML-based protocol this service communicates over accepts a RunProgram message. By supplying a malicious payload and requesting this functionality a remote attacker can execute arbitrary code on the remote system.
8c643db4f8ab350a79a30e94ebeb2343d48c574cfb7a3de4eb956640df9e38c9
CA's technical support is alerting customers to a security risk with Data Transport Services. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued patches to address the issue.
78f211144107349a0a9e2bd212649797f09f6055b037495a213771f42772cb2b
CA's technical support is alerting customers to a security risk with Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, and Unicenter Patch Management. The release of Tomcat as included with the products is potentially susceptible to a cross-site scripting vulnerability. CA has issued a solution to address the issue.
4e6ae1db6c1372dc4b1ee607383f5479a1887bf0e56983123d0dce8acdcf4d7f
iDefense Security Advisory 07.28.09 - Remote exploitation of a use after free vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in Internet Explorer versions 6, 7, and 8. Internet Explorer 5 does not appear to be vulnerable.
917be1ed0bdfbaec473ea16724416deeb91ee19bc0f5a333157bf7af42022f27
Mini-CMS version 1.0.1 suffers from a remote SQL injection vulnerability in page.php.
496bcdbdc3c8184c4109f96f31af8905b7ec834834bfcee4beeb1fb3530d5a77
iDefense Security Advisory 07.30.09 - Remote exploitation of an invalid Loader object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in latest Flash Player version 9.0.124.0. Previous versions may also be affected.
ba3b6f64ff3c55832b36504c20b948df07e0b8b45de5b882c9729b2d4d636714
Mandriva Linux Security Advisory 2009-196 - Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename. The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory. This update provides samba 3.2.13 to address these issues.
4d74757b18f42f251a7374fa6165b6b3ccd8d6d2da369b6ee183dbf60111b97c
SmilieScript versions 1.0 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.
4ff5ff90a53d54b50b74dc489311e10ee51dda4476ae7d3893284e5c924e0986
Spiceworks version 3.6 accept parameter overflow proof of concept crash exploit.
97160280f7a39829513cfc89560d3e4076e1cd77b06e48cfb5b3bdef51b07171
Logoshows BBS version 2.0 suffers from database disclosure and insecure cookie handling vulnerabilities.
1232fa95dd16407c9b7f4800b04c8696fa76fdac8c18aeb849e31d0a15c129d2
FaqRing version 3.0 suffers from cross site scripting vulnerabilities.
3be05c0161e2c188ea13f2596a6a4a3263ab1530161f5ebcbfb673de1f30cdaf
Debian Security Advisory 1853-1 - Ronald Volgers discovered that memcached, a high-performance memory object caching system, is vulnerable to several heap-based buffer overflows due to integer conversions when parsing certain length attributes. An attacker can use this to execute arbitrary code on the system running memcached (on etch with root privileges).
f71cf554ce3885432ea696405897c37491e96e62aac0cdc2acb222f696e060be
Debian Security Advisory 1852-1 - It was discovered that fetchmail, a full-featured remote mail retrieval and forwarding utility, is vulnerable to the "Null Prefix Attacks Against SSL/TLS Certificates" recently published at the Blackhat conference. This allows an attacker to perform undetected man-in-the-middle attacks via a crafted ITU-T X.509 certificate with an injected null byte in the subjectAltName or Common Name fields.
b2c279e9428381b4b79febdf015211782d03ec298a3ff8b389cda567f086028b
Arab Portal version 2.2 remote blind SQL injection exploit that provides authentication bypass.
a06d67bf24c568fe854bbfac13e880aab7737c67f7ee37757991816058bd505c
Logoshows BBS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0a1f6d3ed16deaa1dd577bdf068724edd315fc05ea058c95b3e4dafff93cde4c
Joomla PMS component version 2.0.4 remote SQL injection exploit.
c9fcec3cc2841ea3089562b6ac816a447c72f89b81aa4a5d8e922eb17ab98ac6
PHPCityPortal suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fb1e8c9fd8e8f5ab86eff066d189bab94f2a5ddd72929efc5669c830b370c125
FoxPlayer version 1.1.0 local buffer overflow proof of concept exploit that creates a malicious .m3u file.
d443561a511521f9609db6c3b17581a00a53bbeed9924142a39c867291d2b717
MediaCoder version 0.7.1.4490 universal buffer overflow exploit that creates a malicious .m3u file.
2430f4af610c2ac76118dd88b562b10ad33a6c0cfa444d2276ea5ba00f27568a
Secunia Security Advisory - Moudi has discovered some vulnerabilities in IsolSoft Support Center, which can be exploited by malicious people to disclose sensitive information.
a031288561eb01f75affe9548d3f5e5bfbe32c90c00b57ba2a752409c8b4d3b3