guninski27.txt
Georgi Guninski security advisory #27 - There is a security vulnerability in IE 5.x, Outlook, and Outlook Express which allows searching for files with specific name (wildcards are allowed) or content....
View Articleexchange.dos.txt
Remote denail of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service. A message containing charset ="" causes mail service to crash.
View Articlerhsa.2000-102-04.pine
Red Hat Security Advisory - Adding specific headers to messages, the pine mail reader v4.21 and the imap server could be made to exit with an error message when users attempted to manipulate mail...
View Articlesadmind-sun.brute.c
Remote exploit for rpc.sadmind which brute forces the offset. Tested against Solaris X86 and SPARC v2.6 and 7.0.
View ArticleXATO-112000-01
Xato Security Advisory XATO-112000-01 - The Cart32 shopping cart v3.5 and below for Windows contains multiple remote vulnerabilities. Common user misconfigurations and bad password encryption make the...
View Articleslackware.pine.txt
Slackware Security Advisory - Pine 4.21 and below contains remote vulnerabilities. Upgrade to at least Pine 4.30.
View Articlerhsa.2000-075-07.usermode
Red Hat Security Advisory - The usermode package contains a binary (/usr/bin/userhelper), which is used to control access to programs which are to be executed as root. Because programs invoked by...
View Articleadv_novellleak.txt
Object Enumeration in Novell Environments - Due to a combination of legacy support and default settings, Novell Netware servers using native IP will leak system information via TCP port 524 when...
View Articlenew.phf.txt
An exploitable buffer overflow vulnerability has been found in phf which is unrelated to the well known bad filter problem. All versions of phf should be removed.
View ArticleiXsecurity.20001107.compaq-wbm.a
iXsecurity Security Vulnerability Report - The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files to anyone who can access TCP port 2301. Allows...
View ArticleCA-2000-20.bind
CERT Advisory CA-2000-20 - Name servers running ISC bind v8.2 through 8.2.2-P6 contains two denial of service vulnerabilities. The first vulnerability is referred to by the ISC as the "zxfr bug" and...
View Articlepgsql_php3
This is a php script which goes to the database (Postgresql) and generate some statistics from the data. For more info see this snortdb page.
View Articleex_winproxy.c
Shadow Penguin Security Advsory #37 - WinProxy 2.0.0/2.0.1 (now known as Black Jumbo dog) contains many remotely exploitable buffer overflows. Exploit for the POP3 service included, tested on Japanese...
View Articlebsdi_filter.c
BSDI /usr/contrib/bin/filter v2.* local buffer overflow exploit. Tested on BSDI 3.0, provides a shell with GID mail.
View Articlelocal_nonexec_sun.c
Solaris Sparc 2.6 / 7 local root exploit against /usr/bin/passwd which uses the yet unpatched libc locale bug and bypasses non-executable stack protection.
View Article