Securiteam Exploits/Hacking Tools Newsletter (thread)

[EXPL] Internet Exporer Content Advisor Memory Corruption (Exploit, MS05-020), SecuriTeam, 2005/04/28
[NEWS] BEA Admin Console Cross Site Scripting, SecuriTeam, 2005/04/27
[NEWS] Oracle Webcache 9i File Appending Vulnerability (cache_dump_file), SecuriTeam, 2005/04/27
[NEWS] Oracle Webcache 9i Cross Site Scripting, SecuriTeam, 2005/04/27
[NEWS] Webcache Client Requests Bypass OHS mod_access Restrictions, SecuriTeam, 2005/04/27
[EXPL] MySQL MaxDB Webtool Buffer Overflow Exploit (%), SecuriTeam, 2005/04/27
[UNIX] Procps Buffer Overflow (pwdx), SecuriTeam, 2005/04/27
[UNIX] ImageMagick ReadPNMImage() Heap Overflow, SecuriTeam, 2005/04/27
[UNIX] MySQL MaxDB Webtool Remote 'If' Stack Overflow, SecuriTeam, 2005/04/27
[NT] Citrix Neighborhood Agent Buffer Overflow and Arbitrary Shortcut Creation, SecuriTeam, 2005/04/27
[UNIX] Netref Arbitrary Code Inclusion, SecuriTeam, 2005/04/27
[UNIX] phpMyVisites Arbitrary File Access, SecuriTeam, 2005/04/27
[EXPL] NetTerm's NetFTPd Buffer Overflow (USER, Exploit), SecuriTeam, 2005/04/27
[NT] Fastream NETFile FTP/Web Server Directory Traversal, SecuriTeam, 2005/04/27
[UNIX] Buffer Overflow in GOCR, SecuriTeam, 2005/04/26
[EXPL] Yager Buffer Overflow (Exploit), SecuriTeam, 2005/04/26
[EXPL] E-Cart index.cgi Command Execution (Exploit), SecuriTeam, 2005/04/26
[TOOL] TRIPP - Traffic Rewriter or IPv4 Packets, SecuriTeam, 2005/04/26
[UNIX] Shoutbox Administrative Hash Retrieval, SecuriTeam, 2005/04/26
[UNIX] Net::Server's log() Function Syslog Usage Allows for a Format String Vulnerability, SecuriTeam, 2005/04/25
[UNIX] All4WWW-Homepagecreator site Parameter Command Execution, SecuriTeam, 2005/04/25
[UNIX] Libsafe Safety Check Bypass Vulnerability, SecuriTeam, 2005/04/25
[UNIX] SNMPPd Format String Vulnerability, SecuriTeam, 2005/04/25
[UNIX] Canonicalization and Directory Traversal in iSeries FTP Security Products, SecuriTeam, 2005/04/25
[UNIX] Kommander Untrusted Code Execution, SecuriTeam, 2005/04/25
[UNIX] Multiple Heap Overflows in MMS and Real RTSP Streaming Clients (Xine), SecuriTeam, 2005/04/25
[NT] Adobe ActiveX Allows Local File Discovery, SecuriTeam, 2005/04/25
[UNIX] Kimgio Input Validation Errors, SecuriTeam, 2005/04/25
[NT] Novell's Nsure SSL DoS (webadmin.exe), SecuriTeam, 2005/04/25
[TOOL] WebRoot - Web Server Brute Forcer, SecuriTeam, 2005/04/25
[NEWS] Yawcam Directory Traversal, SecuriTeam, 2005/04/25
[NT] ASP Nuke Multiple SQL Injection and XSS Vulnerability, SecuriTeam, 2005/04/25
[UNIX] MPlayer MMST and Real RTSP Multiple Heap Overflows, SecuriTeam, 2005/04/25
[EXPL] Morpheus Information Discloser Exploit, SecuriTeam, 2005/04/25
[EXPL] Multiple Exploit Codes for Oracle (interMedia, DBMS_CDC_SUBSCRIBE, DBMS_CDC_ISUBSCRIBE and DBMS_METADATA), SecuriTeam, 2005/04/21
[EXPL] Microsoft MSHTA Script Execution Vulnerability (PoC, MS05-016), SecuriTeam, 2005/04/21
[NEWS] Neslo Desktop Rover Remote DoS, SecuriTeam, 2005/04/21
[NT] Windows File Selection May Lead to Command Execution, SecuriTeam, 2005/04/21
- [NT] Windows File Selection May Lead to Command Execution, support, 2005/04/25
[NEWS] SQL Injection in CREATE_SCN_CHANGE_SET Procedure, SecuriTeam, 2005/04/21
[NEWS] SQL Injection in ALTER_MANUALLOG_CHANGE_SOURCE Procedure, SecuriTeam, 2005/04/21
[NEWS] Multiple SQL Injection Vulnerabilities in DBMS_METADATA Package, SecuriTeam, 2005/04/21
[NEWS] Multiple SQL Injection Vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE Packages, SecuriTeam, 2005/04/21
[TOOL] GoogleSweep - Google Information Gathering Tool, SecuriTeam, 2005/04/21
[NT] Internet Explorer wininet.dll URL Parsing Memory Corruption (Technical Details, MS05-020), SecuriTeam, 2005/04/21
[NEWS] Oracle interMedia DoS, SecuriTeam, 2005/04/21
[UNIX] UBB Thread SQL Injection Vulnerability (main), SecuriTeam, 2005/04/21
[EXPL] PMSoftware Simple Web Server Remote Buffer Overflow (Exploit), SecuriTeam, 2005/04/21
[EXPL] BitchX Buffer Overflow, SecuriTeam, 2005/04/21
[NT] OneWorldStore Cross Site Scripting and SQL Injection Vulnerabilities, SecuriTeam, 2005/04/21
[REVS] Buffer Overflow Exploitation and Prevention, SecuriTeam, 2005/04/21
[UNIX] Jaws Cross Site Scripting (GlossaryModel.php), SecuriTeam, 2005/04/21
[EXPL] ICMP Attacks Against TCP Vulnerability Exploit, SecuriTeam, 2005/04/21
[NT] DUPortal Pro SQL Injection, SecuriTeam, 2005/04/21
[EXPL] Sumus Remote Buffer Overflow Exploit, SecuriTeam, 2005/04/20
[NT] Yager Multiple Vulnerabilities (Multiple Buffer Overflows and DoS), SecuriTeam, 2005/04/20
[NT] DameWare NT Utilities Information Disclosure, SecuriTeam, 2005/04/20
[NEWS] AppleWebKit XMLHttpRequest Arbitrary File Disclosure, SecuriTeam, 2005/04/20
[EXPL] Microsoft Exchange X-LINK2STATE Heap Overflow PoC (MS05-021), SecuriTeam, 2005/04/19
[EXPL] PostgreSQL Remote DoS (plpgsql), SecuriTeam, 2005/04/19
[NEWS] Coppermine Photo Gallery Multiple XSS, SecuriTeam, 2005/04/19
[NT] Yahoo Musicmatch Remote File Inclusion, SecuriTeam, 2005/04/19
[REVS] Introduction to HTTP Response Splitting, SecuriTeam, 2005/04/19
[NEWS] WebSphere Widespread's JSP Configuration Disclosure, SecuriTeam, 2005/04/19
[UNIX] PHP-Nuke HTTP Response Splitting, SecuriTeam, 2005/04/19
[NT] PMSoftware Simple Web Server Buffer Overflow, SecuriTeam, 2005/04/19
[UNIX] SPHPBlog Multiple Vulnerabilities (Exploit), SecuriTeam, 2005/04/19
[UNIX] PHP-Nuke Blind SQL Injection (Download Module), SecuriTeam, 2005/04/19
[EXPL] Webcam Publisher Buffer Overflow (Exploit), SecuriTeam, 2005/04/19
[NT] McAfee Internet Security Suite Race Condition Vulnerability, SecuriTeam, 2005/04/19
[EXPL] Openssl-Too-Open: Apache / OpenSSL Remote Exploit, SecuriTeam, 2005/04/19
[NEWS] Mozilla Suite and Firefox Firesearching Vulnerabilities, SecuriTeam, 2005/04/19
[TOOL] OPHCRACK with Windows and Linux GUI, SecuriTeam, 2005/04/19
[UNIX] Mafia Blog Privilege Escalation Vulnerability, SecuriTeam, 2005/04/19
[Full-disclosure] - Argeniss - Oracle exploits and workarounds, Cesar, 2005/04/18
[Full-disclosure] [VulnWatch] [AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages[Scanned], Team SHATTER, 2005/04/18
[Full-disclosure] [VulnWatch] [AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia[Scanned], Team SHATTER, 2005/04/18
[Full-disclosure] [AppSecInc Team SHATTER Security Advisory] Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages, Team SHATTER, 2005/04/18
[Full-disclosure] [AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia, Team SHATTER, 2005/04/18
[UNIX] Mozilla Suite and Firefox "favicons" LINK Code Execution (Exploit), SecuriTeam, 2005/04/18
[EXPL] Explorer.exe WMF Parsing DoS (Exploit), SecuriTeam, 2005/04/17
[REVS] Placing Backdoors Through Firewalls, SecuriTeam, 2005/04/17
[EXPL] Vulnerabilities in TCP/IP Allow Remote Code Execution and DoS (MS05-019, Exploit), SecuriTeam, 2005/04/17
[TOOL] GLd - GreyList Daemon, SecuriTeam, 2005/04/17
[NEWS] GNU oSIP URI Parsing Heap Overflows, SecuriTeam, 2005/04/17
[UNIX] AS/400 Users Enumeration via POP3, SecuriTeam, 2005/04/17
[NT] Multiple Vulnerabilities in Internet Explorer (Heap Corruption, Race Condition), SecuriTeam, 2005/04/17
[NEWS] JavaMail Directory Traversal Vulnerability, SecuriTeam, 2005/04/17
[EXPL] Serendipity exit.php SQL Injection (Exploit), SecuriTeam, 2005/04/17
[UNIX] AzDGDatingPlatinum SQL Injection and Cross Site Scripting, SecuriTeam, 2005/04/17
[NEWS] LG U8120 Mobile Phone DoS, SecuriTeam, 2005/04/17
[UNIX] DoKuWiki Weak File Validation, SecuriTeam, 2005/04/17
[NT] Vulnerability in Message Queuing Allows Code Execution (MS05-017), SecuriTeam, 2005/04/13
[EXPL] Internet Explorer DHTML Arbitrary Code Execution (MS05-020), SecuriTeam, 2005/04/13
[NT] Vulnerability in Windows Shell Allows Remote Code Execution (MS05-016), SecuriTeam, 2005/04/13
[NT] Microsoft MSHTA Script Execution Vulnerability, SecuriTeam, 2005/04/13
[NT] Buffer Overflow Vulnerability in Microsoft Windows (CONSOLE_STATE_INFO, MS05-018), SecuriTeam, 2005/04/13
[NEWS] Oracle Forms SQL Injection, SecuriTeam, 2005/04/13
[NT] Vulnerabilities in TCP/IP Allow Remote Code Execution and DoS (MS05-019), SecuriTeam, 2005/04/13
[NT] Multiple Vulnerabilities in Windows Kernel Allows Elevation of Privilege and DoS (MS05-018), SecuriTeam, 2005/04/13
[EXPL] Microsoft JET Reverse Shell Buffer Overflow Exploit, SecuriTeam, 2005/04/13
[NT] Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (MS05-023), SecuriTeam, 2005/04/13
[NT] Vulnerability in MSN Messenger Could Lead to Remote Code Execution (MS05-022), SecuriTeam, 2005/04/13
[NT] Vulnerability in Exchange Server Allows Remote Code Execution (MS05-021), SecuriTeam, 2005/04/13
[NT] Cumulative Security Update for Internet Explorer (MS05-020), SecuriTeam, 2005/04/13
[NT] Ublog Multiple Vulnerabilities (Cross Site Scripting, Database Disclosure), SecuriTeam, 2005/04/12
[NEWS] Vulnerabilities in Cisco IOS Secure Shell Server, SecuriTeam, 2005/04/12
[UNIX] Multiple Vulnerabilities in ModernBill, SecuriTeam, 2005/04/12
[EXPL] PunBB change_email SQL Injection, SecuriTeam, 2005/04/12
[NT] Computer Associates BrightStor ARCserve Backup UniversalAgent Buffer Overflow, SecuriTeam, 2005/04/12
[UNIX] TowerBlog Administrative Authentication Bypassing, SecuriTeam, 2005/04/12
[UNIX] LiteCommerce SQL Injection and Source Disclosure, SecuriTeam, 2005/04/12
[NEWS] OpenOffice document Heap Overflow, SecuriTeam, 2005/04/12
[NT] Microsoft JET Multiple Vulnerabilities (Exploit), SecuriTeam, 2005/04/12
[REVS] Bugger The Debugger, SecuriTeam, 2005/04/12
[NEWS] Jar Tool Directory Transversal Vulnerability, SecuriTeam, 2005/04/11
[NT] PopUp Plus Plugin for Miranda Instant Messenger Buffer Overflow, SecuriTeam, 2005/04/11
[UNIX] Double Choco Latte Remote Code Execution, SecuriTeam, 2005/04/11
[NT] OpenText FirstClass Arbitrary File Execution, SecuriTeam, 2005/04/11
[EXPL] Linux Kernel Bluetooth Local Root (Exploit), SecuriTeam, 2005/04/11
[UNIX] TowerBlog Administrative MD5 Username and Password Retrieval, SecuriTeam, 2005/04/11
[UNIX] zOOM Media Gallery SQL Injection Vulnerability, SecuriTeam, 2005/04/11
[NEWS] MacOS X JRE Remote DoS, SecuriTeam, 2005/04/11
[NEWS] Nokia Terminal Gateway Default Installation Vulnerability, SecuriTeam, 2005/04/11
[NT] SurgeFTP DoS Vulnerability (LEAK Command), SecuriTeam, 2005/04/11
[UNIX] Rsnapshot chown() Follow Symlink Bug, SecuriTeam, 2005/04/11
[UNIX] Kmail HTML Support Allows Spoofing of Emails' Content, SecuriTeam, 2005/04/11
[UNIX] SGI IRIX gr_osview Multiple Vulnerabilities, SecuriTeam, 2005/04/10
[UNIX] RadBids Multiple Vulnerabilities, SecuriTeam, 2005/04/10
[NT] Microsoft Multiple E-Mail Client Address Spoofing Vulnerability, SecuriTeam, 2005/04/10
[EXPL] IBM Lotus Domino Server Web Service DoS (Exploit), SecuriTeam, 2005/04/10
[NEWS] Cisco Linksys WET11 Password Resetting, SecuriTeam, 2005/04/10
[NEWS] IBM Lotus Domino Server Web Service DoS Vulnerability, SecuriTeam, 2005/04/07
[NT] MailEnable AUTHENTICATE Buffer Overflow (Exploit), SecuriTeam, 2005/04/07
[UNIX] Chatness Multiple Cross Site Scripting, SecuriTeam, 2005/04/07
[NEWS] SonicWall SOHO Cross Site Scripting and Arbitrary Code Injection, SecuriTeam, 2005/04/06
[TOOL] OllyDbg Breakpoint Manager, SecuriTeam, 2005/04/06
[NT] Computer Associates eTrust Intrusion Detection System CPImportKey DoS, SecuriTeam, 2005/04/06
[NT] MailEnable SMTPd DoS (Exploit), SecuriTeam, 2005/04/06
[EXPL] Cyrus IMAP Server Preauthentification Overflow, SecuriTeam, 2005/04/06
[UNIX] Sybase ASE Multiple Security Issues, SecuriTeam, 2005/04/05
[EXPL] ArGoSoft FTP Server Buffer Overflow Exploit (DELE), SecuriTeam, 2005/04/05
[NEWS] Star Wars Jedi Knight: Jedi Academy Buffer Overflow, SecuriTeam, 2005/04/05
[EXPL] phpBB Calendar Pro catergory Parameter SQL Injection, SecuriTeam, 2005/04/05
[NEWS] RPC-3 Telnet Host Authentication Bypassing, SecuriTeam, 2005/04/05
[UNIX] phpMyAdmin convcharset Parameter Cross Site Scripting, SecuriTeam, 2005/04/05
[NT] SiteEnable XSS and SQL injection, SecuriTeam, 2005/04/05
[REVS] Rootkiting Your Database, SecuriTeam, 2005/04/05
[NEWS] PHP getimagesize() Multiple DoS Vulnerabilities, SecuriTeam, 2005/04/05
[NT] Explorer.exe WMF Parsing Causes a DoS, SecuriTeam, 2005/04/05
[NEWS] Quake 3 Engine Buffer Overflow, SecuriTeam, 2005/04/05
[UNIX] Linux Kernel "AIO" Local DoS (PPC64 and IA64 Architecture, Exploit), SecuriTeam, 2005/04/05
[UNIX] E-Store Kit-2 PayPal Edition Cross Site Scripting, SecuriTeam, 2005/04/05
[TOOL] Yersinia - Layer 2 Attack Framework, SecuriTeam, 2005/04/05
[UNIX] AS/400 FTP Server User Accounts Disclosure, SecuriTeam, 2005/04/05
[EXPL] Vulnerability in WINS Allow Remote Code Execution (Exploit, MS04-045), SecuriTeam, 2005/04/05
[UNIX] Aeon HOME Environment Buffer Overflow, SecuriTeam, 2005/04/05
[REVS] The CS^2 Block Cipher, SecuriTeam, 2005/04/05
[TOOL] Klister - Windows Kernel Level Rootkit Detector, SecuriTeam, 2005/04/04
[NT] SQL Injection and Cross Site Scripting in MaxWebPortal, SecuriTeam, 2005/04/04
[UNIX] Turnkey Websites SQL Injection, SecuriTeam, 2005/04/04
[NT] Comersus Shopping Cart Remote Code Inclusion, SecuriTeam, 2005/04/04
[NEWS] BakBone NetVault configure.cfg Local Buffer Overflow (Exploit), SecuriTeam, 2005/04/04
[NT] Multiple Buffer Overflow In RUMBA, SecuriTeam, 2005/04/04
[UNIX] Squirrelcart PHP Shopping Cart SQL Injection, SecuriTeam, 2005/04/04
[UNIX] Gaim Buffer Over-Reading and Code Injection, SecuriTeam, 2005/04/04
[REVS] The Heart of Web Security, SecuriTeam, 2005/04/04
[NT] Cross Site Scripting in Yet Another Forum.net, SecuriTeam, 2005/04/04
[UNIX] Linux Kernel Ext2 Implementation Information Leak, SecuriTeam, 2005/04/04
[NT] ASP-Dev Multiple Cross Site Scripting Vulnerabilities, SecuriTeam, 2005/04/03
[NEWS] Cisco VPN 3000 Concentrator SSL DoS, SecuriTeam, 2005/04/03