Exploit for wu-ftpd that makes use of the globbing denial of service flaw.
77b446fb929c57c3b6eb8452ee7f7f4034c86535094cd0eb6f01b548f2c92aea
Awstats remote exploit that allows for remote command execution on the host with privileges of the httpd process. Versions 5.7 through 6.2 are affected.
e0d6aacf97481633bcc02f886a5337792a2211c0e98331682b0c4276982738ae
Trillian Basic 3.0 PNG image processing buffer overflow exploit.
0d9a068f2b0a271b2df57c4326763f0cf3aa4f856d5d81c504e510b3c6b4206c
Secunia Security Advisory - A vulnerability has been reported in Burning Board and Burning Board Lite, which can be exploited by malicious people to conduct SQL injection attacks.
8b9df74bda168c0e8ed93ae86c92d47ef4a7b26960f0c2739ad091b56fa1a204
Secunia Security Advisory - benjilenoob has reported a vulnerability in D-Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
28c1b87add96dedadfd3053d5851b094bb52be0f059af7407d36c36f4629895a
Secunia Security Advisory - Tavis Ormandy has reported a vulnerability in Xloadimage, which potentially can be exploited by malicious people to compromise a user's system.
92b3dec816734412430c81903822f3bc1d9ed64ffe828af7c1b6ce44140c2caf
Secunia Security Advisory - A security issue has been reported in Squid, which may disclose sensitive information to malicious people.
3cb7e4e96647594c0e336eac43de4125889643d83169ccc9a6d0425e9a10e6da
Built on top of the IDA Function Analyzer, pGRAPH (Pedram's Grapher), provides an interface to generate more detailed and user defined control-flow graphs using the bundled Wingraph package. Extended features include: support for chunked functions, instruction level coloring, edge customization (manhattan vs splines), layout algorithm and more.
e884794cd3dfa8188c3837653c79596619bda49502f9fe0b4395d9e6fd15a5b0
Written as a C++ class, Function Analyzer was originally developed to provide an abstracted layer over chunked functions frequently found in Microsoft optimize compiled binaries. As of IDA version 4.7 much of this functionality is built into the SDK. However, Function Analyzer can be used to construct plug-ins compatible across older versions and provides abstracted next_ea()/prev_ea() routines for stepping through an internal unchunked instruction list. The abstraction layer also exposes the following function-level information: basic block enumeration (nodes, edges), call count, MD5 hash, CRC and customizable GDL (Wingraph) generation.
e45937cff22b0b58d2d2f6281711df2324ba077e1b6057559639aaee26a72207
IDA Sync was written to allow multiple analysts to synchronize their reverse engineering efforts with IDA Pro in real time. Users connect to a central server through the ida_sync plugin. Once connected, all comments and name changes made with the registered hot keys are immediately transmitted to all other users working on the same project. The central server stores a copy of all changes as well, allowing new analysts to jump on the project and immediately receive up to date information. Included in the source release is a C++ class providing IDA Pro plugin developers with an abstracted asynchronous I/O interface.
a8ace8b8c3a60a7793256dfbcfd40b4789f253acf72167fdee3968a049b8502c
eEye Security Advisory - eEye Digital Security has discovered multiple stack-based vulnerabilities within the licensing component that processes incoming network requests in the Computer Associates License Management software.
5797432c9b96dca5b15d0492af228f5700c812e44f776bf9de0dc187869c5343
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenVMS VAX version 7.x and 6.x and OpenVMS Alpha Version 7.x or 6.x that may allow a local authorized user to gain unauthorized privileged access to data and system resources.
e283f4530ed6c29bc71d9222276c349099fe3ce03e49783411729c4b5ee35948
KSB26, Kernel Socks Bouncer for 2.6.x, is a Linux 2.6.x-kernel patch that redirects full tcp connections through a socks5 proxy. KSB26 uses a character device to pass socks5 and the target IPs the the Linux kernel. This is obviously quite useful if you want to transparently tunnel certain things through a given proxy to remain anonymous, or if you want to transparently be able to sniff certain network traffic.
6e77a4eefdcf7a4ffe8778d62bb3ea5a419a26bb287f59e4098593cb0dc2e714
iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests. Exploitation allows remote attackers to execute arbitrary code under the privileges of Local System.
3ed8db083fbddded4122d2db0cd334c7599112b3c46d0ccaef1dc9ab0e5deb0e
iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests.
571fd92ea5c1f9ef9b16940e571fdaee9943fa6dd6db5d5d980657782898d14e
iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GETCONFIG requests.
9211269875c1cbd81361a79ae27cd7a41120c3167d87b09ffbbce8fcf8003b14
iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a directory traversal vulnerability in Computer Associates International Inc. License Client can allow attackers create files in arbitrary locations. The vulnerability specifically exists in the handling of the filename used in PUTOLF requests.
91475277c8d64cb526f375cd267e3a59760b6b528b6b0b3e126b4fea519944a6
iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server can allow attackers to execute arbitrary code. The vulnerability specifically exists in the handling of the filename used in PUTOLF requests.
d4a15d53bb20b276509b0955bd2cf55df0ef8988e6f2aee00122c68bed36686a
iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server and License Client can allow attackers to execute arbitrary code. iDEFENSE has confirmed that CA License Server 0.1.0.15 and CA License Client 0.1.0.15 are vulnerable. It is suspected that most CA products are running vulnerable versions of the client and/or server.
e0658a00eaab03b8c22bd160e7374593472c52c0576efd78f3408ab8e94cba54
Computalynx CProxy versions 3.3.x and 3.4.x are susceptible to denial of service and directory traversal attacks. Detailed exploitation provided.
b59285890b0fe1711b6b600c33215928b7523920cb4f2953589670170c16e8ae
Golden FTP server version 1.92 suffers from a buffer overflow when more than 284 characters is entered in the Username field at logon. As EIP can be overwritten, it is possible to execute arbitrary code in systems running this version of the daemon.
fb180903ad4f40525a0bd52a26b62cfbed17d7b32acbc0a71a31803bce43357b
Secunia Security Advisory - Multiple vulnerabilities have been reported in the CA License software, which can be exploited by malicious people to compromise a vulnerable system.
cf79713a6a36ec63c6ab81b386e68182ce44209b2fb7698bd3657992f627fd5e
Gentoo Linux Security Advisory GLSA 200503-05 - Tavis Ormandy of the Gentoo Linux Security Audit Team has reported that xli and xloadimage contain a flaw in the handling of compressed images, where shell meta-characters are not adequately escaped. Rob Holland of the Gentoo Linux Security Audit Team has reported that an xloadimage vulnerability in the handling of Faces Project images discovered by zen-parse in 2001 remained unpatched in xli. Additionally, it has been reported that insufficient validation of image properties in xli could potentially result in buffer management errors. Versions less than 4.1-r2 are affected.
8e3ec8f40b0fa45953e55fa9394ff35a9ebfa317cd56f3360a74d8f41b36ab01
Secunia Security Advisory - Doctor Grim has reported two vulnerabilities in MercuryBoard, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
1c3fa07d1abbadda1a3e6c240e19764126338fd3f134321b8bc7edd8defafcd8
Secunia Security Advisory - FraMe has reported a vulnerability in CuteNews, which can be exploited by malicious people to conduct script insertion attacks.
82f70aaed32df0aadd45f5641e71f066a91a179a09b6b89847dea5ac2cfe6c48