Securiteam Exploits/Hacking Tools Newsletter (thread)

[EXPL] BlenderPlayer Local Buffer Overflow (Exploit), SecuriTeam, 2005/09/29
[UNIX] Serendipity Account Hijacking and CSRF Vulnerability, SecuriTeam, 2005/09/29
[UNIX] SquirrelMail Address Add Plugin XSS, SecuriTeam, 2005/09/29
[REVS] Exploring Windows CE Shellcode, SecuriTeam, 2005/09/29
[EXPL] Mercury/32 Mail Buffer Overflow (LIST, Exploit), SecuriTeam, 2005/09/29
[UNIX] TWiki Command Execution Vulnerability, SecuriTeam, 2005/09/29
[EXPL] MCCS Server and Client Command DoS (Exploit), SecuriTeam, 2005/09/29
[UNIX] UMN Gopher Client Buffer Overflows (Exploit), SecuriTeam, 2005/09/29
[UNIX] MAXdev MD-Pro Multiple Vulnerabilities (Code Execution, Path Disclosure and CSS), SecuriTeam, 2005/09/29
[UNIX] Alstrasoft Epay Pro Directory Traversal, SecuriTeam, 2005/09/29
[NEWS] HP LaserJet Information Disclosure, SecuriTeam, 2005/09/29
[NEWS] Nokia OBEX DoS, SecuriTeam, 2005/09/29
[EXPL] GNU Mailutils Imap4d 'search' Format String (Exploit, C), SecuriTeam, 2005/09/29
[NT] Novell GroupWise Client Integer Overflow, SecuriTeam, 2005/09/29
[NEWS] Mac OS X malloc() Local Privilege Escalation, SecuriTeam, 2005/09/29
[NT] FL Studio Heap Overflow, SecuriTeam, 2005/09/29
[EXPL] Barracuda Spam Firewall img.pl Command Execution (Exploit), SecuriTeam, 2005/09/29
[NT] PowerArchiver ACE and ARJ Archive Handling Buffer Overflow, SecuriTeam, 2005/09/29
[REVS] Exploiting kmalloc Based Buffer Overflows, SecuriTeam, 2005/09/29
[NT] 7-Zip ARJ Archive Buffer Overflow, SecuriTeam, 2005/09/29
[UNIX] PHP-Fusion msg_send SQL Injection, SecuriTeam, 2005/09/29
[NT] AntiVirus Filename Bypassing, SecuriTeam, 2005/09/29
[UNIX] WordPress User Privilege Escalation, SecuriTeam, 2005/09/28
[NEWS] Opera Mail Client Attachment Spoofing and Script Injection, SecuriTeam, 2005/09/28
[UNIX] Bacula Insecure Temporary File Creation and Information Disclosure, SecuriTeam, 2005/09/28
[UNIX] CuteNews Code Execution (ip2long), SecuriTeam, 2005/09/27
[UNIX] Perl Module pam_per_user Authentication Bypassing, SecuriTeam, 2005/09/27
[UNIX] myBloggie SQL Injection/Privilege Escalation, SecuriTeam, 2005/09/27
[NEWS] HelixPlayer Based Players Format String, SecuriTeam, 2005/09/27
[NT] SecureW2 Weak Random Seeding for PMS, SecuriTeam, 2005/09/27
[EXPL] Qpopper Poppassd Local Root (Linux, FreeBSD, Exploit, ld.so.preload), SecuriTeam, 2005/09/27
[EXPL] Gadu-Gadu Invisible Users Detection Vulnerability, SecuriTeam, 2005/09/27
[EXPL] Mozilla Browsers Remote Heap Buffer Overrun (Exploit , 0xAD HOST), SecuriTeam, 2005/09/27
[UNIX] Webmin and Usermin PAM Authentication Bypass Vulnerability, SecuriTeam, 2005/09/27
[EXPL] HP LaserJet Network Username and Information Enumeration, SecuriTeam, 2005/09/27
[NEWS] Gecko Based Browsers Proxy Auto-Config Script DoS, SecuriTeam, 2005/09/27
[UNIX] kcheckpass Insecure File Operation, SecuriTeam, 2005/09/26
[NEWS] MultiTheftAuto Privileges Escalation and DoS Vulnerabilities, SecuriTeam, 2005/09/26
[UNIX] My Little Forum SQL Injection, SecuriTeam, 2005/09/26
[TOOL] GreenPlaque - Multi-dongle Bluetooth Discovery Scanner, SecuriTeam, 2005/09/26
[NEWS] Gecko based browsers Stack Corruption, SecuriTeam, 2005/09/26
[REVS] Exploiting The XmlHttpRequest Object In IE, SecuriTeam, 2005/09/26
[EXPL] Wzdftpd Code Execution (Unfiltered Pipe in Popen), SecuriTeam, 2005/09/26
[REVS] Writing Small Shellcode In Windows, SecuriTeam, 2005/09/26
[NT] Antigen for Exchange and SMTP Rule Bypassing Vulnerability, SecuriTeam, 2005/09/20
[NEWS] Mozilla / Mozilla Firefox Authentication Weakness, SecuriTeam, 2005/09/20
[UNIX] Two Bugzilla Information Disclosure Vulnerabilities, SecuriTeam, 2005/09/19
[UNIX] vBulletin Information Disclosure (backup.php), SecuriTeam, 2005/09/19
[UNIX] ncompress Insecure Temporary File Creation, SecuriTeam, 2005/09/19
[NT] FileZilla Weak Password Encryption, SecuriTeam, 2005/09/19
[NEWS] QNX RTOS inputtrap Arbitrary File Reading, SecuriTeam, 2005/09/19
[NEWS] Silc Server and Toolkit Symlink Attack, SecuriTeam, 2005/09/19
[EXPL] Stoney FTPd Buffer Overflow (PORT, Exploit), SecuriTeam, 2005/09/19
[UNIX] GWCC Insecure Temporary File Creation, SecuriTeam, 2005/09/19
[UNIX] ARC Insecure Temporary File Creation, SecuriTeam, 2005/09/19
[TOOL] Analyzer - PHP Security Prober, SecuriTeam, 2005/09/19
[NT] BNBT EasyTracker DoS, SecuriTeam, 2005/09/19
[NT] Computer Associates BrightStor ARCserve/Enterprise Backup Agents Buffer Overflow, SecuriTeam, 2005/09/19
[NEWS] Oracle Reports Lexical References SQL Injection, SecuriTeam, 2005/09/19
[EXPL] CuteNews Code Execution (Exploit), SecuriTeam, 2005/09/19
[TOOL] OpenAAPD - Anti ARP Poisoning Daemon, SecuriTeam, 2005/09/15
[UNIX] Gtkdiskfree Insecure Temporary File Creation, SecuriTeam, 2005/09/15
[EXPL] Wireless Tools Local Buffer Overflow (Iwconfig, Exploit), SecuriTeam, 2005/09/15
[EXPL] Fastream NETFile FTP/Web Server HTTP HEAD DoS (Exploit), SecuriTeam, 2005/09/15
[EXPL] GNU Mailutils imap4d 'search' Format String (Exploit), SecuriTeam, 2005/09/15
[UNIX] GNU Mailutils imap4d 'search' Format String Vulnerability, SecuriTeam, 2005/09/15
[UNIX] Jaws Multiple Code Execution Vulnerabilities (XML_RPC, path), SecuriTeam, 2005/09/15
[NT] AVIRA Antivirus ACE Archive Handling Buffer Overflow, SecuriTeam, 2005/09/15
[NEWS] Linksys WRT54G Router Multiple Vulnerabilities (Buffer Overflow, Multiple Authentication Bypass, DoS), SecuriTeam, 2005/09/14
[EXPL] VisualBoy Advanced Local Buffer Overflow (Exploit), SecuriTeam, 2005/09/14
[TOOL] OpenSC Smart Card Library, SecuriTeam, 2005/09/14
[EXPL] Counter Strike 2D DoS (Exploit), SecuriTeam, 2005/09/13
[UNIX] PPPd DoS, SecuriTeam, 2005/09/13
[UNIX] URBAN Multiple Vulnerabilities, SecuriTeam, 2005/09/13
[NEWS] Gecko Based Browser IDN Buffer Overflow, SecuriTeam, 2005/09/13
[TOOL] Ycrack - Yahoo Mail Password Brute Forcer, SecuriTeam, 2005/09/13
[NEWS] Mercury Mail Multiple Buffer Overflows, SecuriTeam, 2005/09/13
[NT] Windows XP Firewall Bypassing (Registry Based), SecuriTeam, 2005/09/13
[NT] KillProcess "FileDescription" Local Buffer Overflow, SecuriTeam, 2005/09/13
[NT] COOL! Remote Control DoS, SecuriTeam, 2005/09/13
[NT] Ipswitch Whatsup Multiple Vulnerabilities, SecuriTeam, 2005/09/13
[NEWS] Zebedee DoS, SecuriTeam, 2005/09/13
[TOOL] TAPiON - Polymorphic Deciphering Algorithm Generator Project, SecuriTeam, 2005/09/13
[NT] Rediff Bol Exposes WAB Contacts, SecuriTeam, 2005/09/13
[UNIX] Bluez Hcid popen() Explained, SecuriTeam, 2005/09/13
[UNIX] Frox Aribitary File Access, SecuriTeam, 2005/09/13
[UNIX] Snort SACK TCP Option Handling DoS, SecuriTeam, 2005/09/13
[UNIX] mutt mutt_decode_xbit() Buffer Overflow, SecuriTeam, 2005/09/08
[REVS] Understanding and Preventing DNS-related Attacks by Phishers, SecuriTeam, 2005/09/08
[NT] Fastream NETFile FTP/Web Server HTTP HEAD DoS, SecuriTeam, 2005/09/08
[EXPL] Microsoft Windows CSRSS Local Privileges Escalation (MS05-018, Exploit), SecuriTeam, 2005/09/08
[NT] Quake 2 Server Format String (Lithium II), SecuriTeam, 2005/09/08
[UNIX] ncpfs Buffer Overflow, SecuriTeam, 2005/09/08
[NEWS] Mozilla XPCOM Library Race Condition, SecuriTeam, 2005/09/08
[NT] WebArchiveX Unsafe Methods Vulnerability, SecuriTeam, 2005/09/08
[NT] SecureOL VE2 Information Disclosure, SecuriTeam, 2005/09/08
[NEWS] Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow, SecuriTeam, 2005/09/08
[NT] IIS 5.1 Source Disclosure Under FAT/FAT32 Volumes Using WebDAV, SecuriTeam, 2005/09/07
[UNIX] phpCommunityCalendar Vulnerable to SQL Injections and Cross Site Scripting Attacks, SecuriTeam, 2005/09/07
[NT] USB Lock Auto-Protect Locally Stored Password Recovery, SecuriTeam, 2005/09/07
[UNIX] Kcheckpass Local Root Vulnerability, SecuriTeam, 2005/09/07
[NT] Microsoft Windows keybd_event Validation Vulnerability, SecuriTeam, 2005/09/07
[UNIX] SqWebMail Conditional Comments Script Insertion, SecuriTeam, 2005/09/07
[EXPL] Man2web CGI Command Execution, SecuriTeam, 2005/09/07
[EXPL] CUPS Dot-Slash DoS, SecuriTeam, 2005/09/07
[NT] ZipTorrent Local Information Disclosure, SecuriTeam, 2005/09/07
[NEWS] Barracuda Spam Firewall Appliance (Directory Traveral, Remote Execution, Password Retrieving), SecuriTeam, 2005/09/05
[NT] P2P Pro Command DoS, SecuriTeam, 2005/09/05
[NT] DC++ bzip2 Decompression Routine DoS, SecuriTeam, 2005/09/05
[EXPL] Adobe Version Cue VCNative Privileges Escalation (Exploit), SecuriTeam, 2005/09/05
[NT] 3Com Network Supervisor Directory Traversal, SecuriTeam, 2005/09/05
[NEWS] Novell NetMail Multiple Vulnerabilities (Buffer Overflow and XSS), SecuriTeam, 2005/09/05
[NEWS] Multiple Vendor Web Vulnerability Scanner Arbitrary DHTML Injection, SecuriTeam, 2005/09/05
[NT] FREE SMTP Open Relay Vulnerability, SecuriTeam, 2005/09/05
[EXPL] Adobe Version Cue VCNative Symlink Attack (Exploit), SecuriTeam, 2005/09/05
[TOOL] NotSPIKEfile - Linux Based File Format Fuzzing Tool, SecuriTeam, 2005/09/05
[TOOL] SPIKEfile - Linux Based File Format Fuzzing Tool, SecuriTeam, 2005/09/05
[TOOL] FileFuzz - Windows Based File Format Fuzzing Tool, SecuriTeam, 2005/09/05
[UNIX] PHP Images Galleries EXIF Metadata XSS Multiple Vulnerabilities, SecuriTeam, 2005/09/05
[NEWS] HOCR Local Buffer Overflows, SecuriTeam, 2005/09/04
[NT] Slim FTPd DoS (Exploit), SecuriTeam, 2005/09/04
[EXPL] phpLDAPadmin Command Execution (Exploit), SecuriTeam, 2005/09/04
[TOOL] RWKG Random WEP/WPA Keys Generator, SecuriTeam, 2005/09/01
[NT] Indiatimes Messenger Buffer Overflow (Exploit), SecuriTeam, 2005/09/01
[EXPL] SimpleProxy Local Format String (Exploit), SecuriTeam, 2005/09/01