osCommerce suffers from an authentication bypass vulnerability that allows for unsolicited mailing.
b9982ae7b67c17e621dd30b877cc77f1dbcf1eb0ccb066ecfb7e2b9dfdfab542
Whitepaper called Stack Overflow: Automatic write() Discovery.
7dd20ddde34b4bd6b3184e835048ba165de8f2a67f78832df404359fc6900db5
Whitepaper called The Metasploit Framework. It gives an overview of using Metasploit and is written in Macedonian.
036008cf890ff7cf679ba566708f3ad7df4541b2b777deb60594d8769699675b
This paper is a high-level overview of the threat space used during penetration testing and hacking.
918f60948d489c0585ead8648c0d9cce80ce8eb06b0aee3d219d723620a55bb8
HTC Peep, the Twitter application found on HTC mobile devices, suffers from multiple information disclosure vulnerabilities where your credentials are passed in the clear.
e7c8c2ae22980fd16b583c0a29bf1d2d1bdaf5be93cd3d9c83b6e8d2789f811d
Ubuntu Security Notice 1058-1 - Geoff Keating reported that a buffer overflow exists in the intarray module's input function for the query_int type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user.
1ecb13ec368acb58d5eeddec7b9324ef46d5faf2653e8c9b20252e2b42468c10
ssh2ftpcrack is a simple FTP and SSH dictionary brute force cracking tool written in Perl.
117bb96f36c8247626e9110c63097fe81c130b235dee0c2bec0d4bd579495eb1
Secunia Security Advisory - Fedora has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
7d69415927c6954c577c69d6bb6628accf82b001dcca62b56f62a6e251a7d7da
Secunia Security Advisory - A vulnerability has been reported in BMC products, which can be exploited by malicious people to compromise a vulnerable system.
221cb0c5ba636df00257194b8248901cc12d1c938c388f2f52278d22fd119d50
Secunia Security Advisory - Two vulnerabilities have been discovered Serendipity, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
6da965d17b48726b6ebaa978530bcfeb3dbae95d5bb40252215f9b3d7d467b1f
Secunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious users to conduct script insertion attacks.
854e3f118dc775b0674546478c38d70107ffc83ff4ef33fe1534aa932598e701
Secunia Security Advisory - Two vulnerabilities have been discovered CMME, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
ebf79924a6ff27e20552b1dd4e77ffa1a3b483b84a6031447702fd4db6e90262
Secunia Security Advisory - Two vulnerabilities have been reported in the Chatroom module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery and script insertion attacks.
4fda4e5800af010b6730367b8b5dcc02174a48e950c6de26ce1cfb59d86b867a
Secunia Security Advisory - A vulnerability has been discovered in Techphoebe QuickShare File Server, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system.
ba4c9034defe584a9a7c57f1aa06c3307c319e0246910935b4d79d19f8a1442c
Secunia Security Advisory - Some weaknesses and vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system.
4d2c717d68a0391e183e2a1578115110367ef3a896d939b982902e5ccf2625cb
Secunia Security Advisory - Red Hat has issued an update for php53. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information and cause a DoS (Denial of Service).
76fdec4767d30ef2e93a294140370a067c1807274d35c109d7675523671784ae
Zero Day Initiative Advisory 11-039 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BMC Patrol Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the service daemon which listens by default on TCP port 6768. When processing the BGS_MULTIPLE_READS commands a user-supplied length value is trusted and utilized in reading arbitrary data into a stack buffer. By providing large enough values a remote attacker can abuse this to execute remote code under the context of the SYSTEM user.
061fd2006621751204cc17fe12eb1ffd328b359ff870d2a5f19e1d7788ff829d
Ubuntu Security Notice 1057-1 - Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy.
9a69c98fb0ad40a633e5492b8214a1d0050651faf008c16b90593fb3071e0bc6
Debian Linux Security Advisory 2157-1 - It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution.
0805288cbab6faae214f58712edd9593ea0b1d674e40916709469f1f343a0b55
Mandriva Linux Security Advisory 2011-020 - Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
547327952f428a6f8dc055831561535a3f2070163a0f177dc4fec33a8c279c56