subexp.c
Subversion 1.0.2 remote exploit that makes use of a stack overflow in the svn_time_from_cstring() function. Binds a shell to port 36864. Tested against RedHat 8.0 Psyche build.
View Articlex1bpackV1.tar.gz
The x1b pack is a series of scripts written by the author as an exercise into socket programming with perl. Included are a port scanner with banner grabbing capabilities, a DNS service enumeration...
View Articlecgitelnetdbman.pdf
CGI-Telnet 1.0, a cgi telnet script that runs on various Unix and NT webservers has vulnerabilities which can be manipulated into giving a user access. The password file is accessible in the web path...
View Articlehspoof-v0.2.tar.gz
hspoof modifies an incoming HTTP GET request with a spoofed HTTP referer and user agent.
View ArticleExploit Labs Security Advisory 2004.2
SurgeMail 1.x is susceptible to a cross site scripting attack.
View ArticleibmSSL.html
Multiple IBM products have been diagnosed with a denial of service vulnerability caused by malformed SSL records. This is unrelated to the OpenSSL handshake vulnerability found last year. Affected...
View ArticlephpEscape.txt
PHP offers the function escapeshellarg() to escape arguments to shell commands in a way that makes it impossible for an attacker to execute additional commands. However due to a bug in the function,...
View ArticleSecunia Security Advisory 11794
Two vulnerabilities have been discovered in Webmin, which can be exploited by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions. Versions below 1.150 are...
View ArticleIntegrigySQL.txt
Integrigy Security Alert - Multiple SQL injection vulnerabilities exist in the Oracle E-Business Suite 11i and Oracle Applications 11.0. These vulnerabilities can be remotely exploited simply using a...
View Article
