Coppermine 1.4.9 suffers from a SQL injection vulnerability. POC included that grabs the admin hash.
233e110528f5e5c98147d2f55f76bdfe62ed681f6f00fa71343aa8937ac8d85d
phpLedAds 2.0 suffers from multiple remote file inclusion vulnerabilities.
678775e57ffe6f1ba95259b927d3777ebc37be528c3b21419e1966f05f5a4aeb
PLS-Bannieres 1.21 suffers from a remote file inclusion vulnerability in bannieres.php.
f86e43db359a3d1f036951826c4a4008f694f8a60a2ce04c54d78cad0d7633ed
MiniBILL v2006-10-10 suffers from a remote file inclusion vulnerability in config[page_dir].
4497c5bf28738f1a00117966132decb92c65d93f8ec2b5ad5550590bfe003645
Mayhemic Labs Public Advisory MHL-2006-003: ezOnlineGallery Multiple Security Issues
30fdafcfcadf320aad18e94bba8f672133b81ad609dc739913ce31b1fbb68248
ArticleBeach Script versions 2.0 and prior suffer from a remote file inclusion vulnerability.
8466dccd2b2df63899cf1815a765f6d4d8df3651caebfb7eb9e042f70110682b
TextPattern versions 1.19 and prior suffer from a remote file inclusion vulnerability.
22594dae7756eb0ada8fce7eadd80bff5a5bba808f5c94888d16a6767d9b63bd
iDefense Security Advisory 10.26.06 - Multiple Vendor wvWare LFO Count Integer Overflow Vulnerability
8f68a8978984b0e3a5fe4be0692e8f18f211e7a2ad5bd97c2f7a27c96532b140
iDefense Security Advisory 10.26.06: Multiple Vendor wvWare LVL Count Integer Overflow Vulnerability
a15abfbcbe15b9bba54b79957b5fd2e640440079be1d05e1b450a95b561ef26a
Simple machines forum (SMF) suffers from a vulnerability that allows a malicious user to render any topic unreadable by sending false information to the avatar size checking function.
60fcdeb9b18f837d874922b5ebe66b0538ac7a86acf58ff9c56765280b9bb486
Cisco Security Advisory ID: cisco-sa-20061025-csa - Cisco Security Agent for Linux Port Scan Denial of Service
78c609fbecba3ff660e0c83fb136f710dbbaa5cfd0bbb15aa68ccfa4d92ed9cd
KAPDA Advisory #61: Multiple vulnerabilities in PacPoll versions 4.0 and prior.
2fe05620e83e90181d68ccf81e1524097d606db200aeeebf09ada457a165ce14
OpenPKG Security Advisory - OpenPKG-SA-2006.026: According to a vendor release announcement [0], a denial of service vulnerability exists in the virtual terminal application GNU screen [1], version 4.0.2 and earlier. The vulnerabilities exist in the handling of "UTF-8 combining characters" and allow user-assisted attackers to cause a Denial of Service (crash or hang of GNU screen) via certain UTF-8 character sequences.
3d1d7b3be9c6d2ccd5c51acc0f2c4f73714fb8ee5beedde2d14d7a6468e3b555
iDefense Security Advisory 10.25.06: AOL Nullsoft Winamp Ultravox Lyrics3 v2.00 tags Heap Overflow Vulnerability
4e87b0d9e96132057329eb9052b503645abb32dba5ae1a5e2f663dac5f6bc9c8
iDefense Security Advisory 10.25.06: Remote exploitation of a heap-based buffer overflow vulnerability in the Ultravox protocol handler of AOL Corp.'s Nullsoft Winamp media player could allow an attacker to execute arbitrary code in the context of the currently logged in user.
504bcb865578c3fbff3bfaf2fba7d5a1cf655dfcf44253f3a1fc43781e47d40d
iDefense Security Advisory 10.25.06: America Online 9.0 Security Edition ships with an ActiveX control which is marked as safe for scripting and contains a buffer overflow vulnerability which allows for the arbitrary execution of code.
a5023c957a2edcb61e500280df5b7eb3f11d62cbf1fc86ec2a18cc26a175cc42
iDefense Security Advisory 10.25.06: AOL YGPPDownload AddPictureNoAlbum ActiveX Control Heap Corruption Vulnerability
bc6ad719bdb1a058e5459389cefc84c7df7e4a6edc8671dfda0ae37823b13e85
rPath Security Advisory: 2006-0198-1: In previous versions of the screen package, the screen program had a bug which is known to make screen vulnerable to a minor denial of service attack in which the screen program would crash if presented with particular output. It is possible that this attack could also allow a user-complicit attacker to assume the privileges of the complicit user. The screen program is not setuid in rPath Linux, so any attack is limited to the complicit user.
9d6aa5849f0d951882c19d3c203f88b7b542c54aa21a1ef825a48ca850a0ca48
rPath Security Advisory: 2006-0195-2: Previous versions of the qt-x11-free package include Qt libraries contain an integer overflow flaw that causes them not to properly bound pixmap image data. This may enable a user-complicit denial of service attack (application crash), or possibly unauthorized access via arbitrary code execution, in applications which use vulnerable versions of the Qt libraries.
0bfa2913fc97e3bfc7630e182f6e6aceb9c1e399a7194c1829a5a615d64446fc
Trustix Secure Linux Security Advisory #2006-0059: multiple vulnerabilities in postgresql.
99d17aaa01752a5dfdc9b3630e376f955e2d374c7b81ff89b254c13476bba128
ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability.
eb5bfb0ae83feb926f3181599a8d113b5099355c3075f37ccc39f9e96f9dd7db
Gentoo Linux Security Advisory GLSA 200610-13 - Luigi Auriemma reported that the XM loader of Cheese Tracker contains a buffer overflow vulnerability in the loader_XM::load_intrument_internal() function from loaders/loader_xm.cpp. Versions less than 0.9.9-r1 are affected.
6836d8e6883b2d5667426d301fac2690e17ef78baea18bdf775a5cb8506f00f2
Mandriva Linux Security Advisory MDKSA-2006-187: An integer overflow was discovered in the way that Qt handled pixmap images. This flaw could be exploited by a remote attacker in a malicious website that, when viewed by an individual using an application that uses Qt (like Konqueror), would cause it to crash or possibly execute arbitrary code with the privileges of the user.
88cbe33bbc5f6a69752cb29e2e256cae7857261c5c3921cca8f4db01499eef28
Continuity is a free security convention running from 1st to the 3rd December 2006 in Manchester, United Kingdom, open to anyone with a interest in computer security, hacking, phone phreaking, telephony, cryptography, internet security/privacy, urban exploration, social engineering and related subjects.
798e584f0c13af1679e17bd401cb2c4d419d7f51886215acd04279d8385f287a
0xf_ftpxq.c - FTPXQ Denial of service exploit.
17cffd597c28ed6f74c92fc0b1f188134a9142a7841dde1b098fb31dddcd101f