Securiteam Exploits/Hacking Tools Newsletter (thread)

[NT] Stack Overflow in 3rd Party ActiveX Controls affects Multiple Vendor Products, SecuriTeam, 2007/04/30
[NT] Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability, SecuriTeam, 2007/04/30
[NEWS] Novell eDirectory NCP Fragment DoS Vulnerability, SecuriTeam, 2007/04/30
[EXPL] Fenice OMS server Buffer Overflow (exec-shield, Exploit), SecuriTeam, 2007/04/30
[EXPL] Linksys SPA941 Denial of Service Exploit (Reboot), SecuriTeam, 2007/04/26
[UNIX] Clam AntiVirus ClamAV CAB File Unstore Buffer Overflow Vulnerability, SecuriTeam, 2007/04/26
[TOOL] Aircrack-ptw - WEP Cracking Tool (ARP), SecuriTeam, 2007/04/26
[NT] CompreXX Archive Extraction Directory Traversal, SecuriTeam, 2007/04/26
[REVS] Advanced Exploitation in Exec-Shield (Fedora Core Case Study), SecuriTeam, 2007/04/26
[NEWS] Default Passwords in Cisco NetFlow Collection Engine, SecuriTeam, 2007/04/26
[TOOL] FireMaster - Firefox Master Password Recovery, SecuriTeam, 2007/04/26
[NT] GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability, SecuriTeam, 2007/04/25
[NT] Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability, SecuriTeam, 2007/04/25
[NT] WS_FTP 2007 NetscapeFTPHandler Denial of Service, SecuriTeam, 2007/04/25
[UNIX] Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability, SecuriTeam, 2007/04/25
[NT] CA CleverPath SQL Injection, SecuriTeam, 2007/04/25
[NT] Check Point Zonelabs - ZoneAlarm SRESCAN Driver Local Privilege Escalation, SecuriTeam, 2007/04/25
[NT] CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities, SecuriTeam, 2007/04/25
[NEWS] Adobe Macromedia ColdFusion MX7 Insecure File Permissions, SecuriTeam, 2007/04/18
[NT] AOL AIM and ICQ File Transfer Path-Traversal, SecuriTeam, 2007/04/18
[UNIX] Apache HTTPD suEXEC Multiple Vulnerabilities, SecuriTeam, 2007/04/18
[NT] CSRSS Remote Code Execution (MS07-021), SecuriTeam, 2007/04/18
[NT] Microsoft Agent Remote Code Execution (MS07-020), SecuriTeam, 2007/04/18
[NT] Windows Kernel Elevation of Privilege (MS07-022), SecuriTeam, 2007/04/18
[NT] AOL AIM and ICQ File Transfer Path Traversal, SecuriTeam, 2007/04/11
[NT] Microsoft Content Management Server Remote Code Execution (MS07-018), SecuriTeam, 2007/04/11
[NT] Universal Plug and Play Remote Code Execution (MS07-019), SecuriTeam, 2007/04/11
[NT] Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability, SecuriTeam, 2007/04/09
[EXPL] Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32), SecuriTeam, 2007/04/08
[NEWS] Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities, SecuriTeam, 2007/04/08
[NT] AOL Nullsoft Winamp IT Module Heap Memory Corruption (IN_MOD.DLL), SecuriTeam, 2007/04/08
[NEWS] IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities, SecuriTeam, 2007/04/04
[NT] Windows Animated Cursor Stack Overflow Vulnerability (0-Day), SecuriTeam, 2007/04/04
[UNIX] IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability, SecuriTeam, 2007/04/04
[NEWS] IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability, SecuriTeam, 2007/04/04
[NT] Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow, SecuriTeam, 2007/04/04
[UNIX] Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability, SecuriTeam, 2007/04/04
[UNIX] Double-Free Vulnerability in Kadmind (Via GSS-API Library), SecuriTeam, 2007/04/04
[UNIX] Telnetd Allows Login as Arbitrary User, SecuriTeam, 2007/04/04
[UNIX] Really Simple PHP and AJAX File Inclusion, SecuriTeam, 2007/04/04
[UNIX] Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability, SecuriTeam, 2007/04/04
[UNIX] Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability, SecuriTeam, 2007/04/04
[UNIX] Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Multiple Cisco Unified CallManager and Presence Server DoS Vulnerabilities, SecuriTeam, 2007/04/04
[NT] Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability, SecuriTeam, 2007/04/04
[NT] HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities, SecuriTeam, 2007/04/04
[EXPL] InterVations NaviCopa HTTP Server Buffer Overflow (Exploit), SecuriTeam, 2007/04/04
[UNIX] Linux Kernel DCCP Memory Disclosure Vulnerability, SecuriTeam, 2007/04/04
[UNIX] Apache Local User to Root Escalation, SecuriTeam, 2007/04/04
[EXPL] Microsoft Internet Explorer Recordset Double Free Memory (MS07-009, Exploit), SecuriTeam, 2007/04/04
[NEWS] hpaftpd Multiple Buffer Overflows, SecuriTeam, 2007/04/04
[EXPL] WarFTP Stack Based Buffer Overflow (Username), SecuriTeam, 2007/04/04
[NEWS] DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability, SecuriTeam, 2007/04/04
[EXPL] Mercury Mail IMAP Stack Buffer Overflow (LOGIN, Exploit), SecuriTeam, 2007/04/04
[TOOL] Fuzzled - a Perl Based Fuzzer, SecuriTeam, 2007/04/04
[UNIX] cftp Local Buffer Overflow Vulnerability, SecuriTeam, 2007/04/04
[UNIX] XMMS Integer Overflow and Underflow Vulnerabilities, SecuriTeam, 2007/04/04
[UNIX] Evolution Shared Memo Categories Format String Vulnerability, SecuriTeam, 2007/04/04
[NT] Microsoft Windows Ndistapi.sys IRQL Escalation, SecuriTeam, 2007/04/04
[EXPL] PHP5 Space Trimming Buffer Underflow Exploit (header(), MacOSX), SecuriTeam, 2007/04/04
[UNIX] Asterisk SIP Denial Of Service Vulnerability (INVITE), SecuriTeam, 2007/04/04
[UNIX] Horde Project Cleanup Script Arbitrary File Deletion Vulnerability, SecuriTeam, 2007/04/04
[UNIX] Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities, SecuriTeam, 2007/04/04
[NEWS] Multiple Vulnerabilities In NAS, SecuriTeam, 2007/04/04
[NT] Abusing TCP/IP Name Resolution in Windows To Carry Out Phishing Attacks, SecuriTeam, 2007/04/04
[UNIX] OpenBSD's IPv6 mbufs Kernel Buffer Overflow, SecuriTeam, 2007/04/04
[NT] Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability, SecuriTeam, 2007/04/04
[NT] Phishing Using IE7 Local Resource Vulnerability, SecuriTeam, 2007/04/04
[NT] Windows Multimedia mmioRead DoS Vulnerability, SecuriTeam, 2007/04/04
[EXPL] MS Internet Explorer DoS (FTP Server Response, MS07-016, Exploit), SecuriTeam, 2007/04/04
[UNIX] Asterisk SIP DoS Vulnerability (Empty REGISTER), SecuriTeam, 2007/04/04
[UNIX] WordPress wp_title() XSS, SecuriTeam, 2007/04/04
[UNIX] Conquest Client Buffer Overflow, SecuriTeam, 2007/04/04
[NT] Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities, SecuriTeam, 2007/04/04
[EXPL] Winamp Buffer Overflow Exploit (Crafted PLS), SecuriTeam, 2007/04/04
[EXPL] Oracle 10g Local Privilege Elevation (PROCESS_DUP_HANDLE, WIN32), SecuriTeam, 2007/04/04
[UNIX] DoS and Code Execution Issue in LedgerSMB, SecuriTeam, 2007/04/04
[NEWS] Apple QuickTime udta ATOM Integer Overflow, SecuriTeam, 2007/04/04
[NEWS] Apple Quicktime Color ID Heap Corruption (Technical Details), SecuriTeam, 2007/04/04
[NT] Apple QuickTime Color Table ID Heap Corruption Vulnerability, SecuriTeam, 2007/04/04
[EXPL] PHP4 Local Buffer Overflow (mssql_connect, mssql_pconnect), SecuriTeam, 2007/04/04
[NEWS] GnuPG and GnuPG Clients Unsigned Data Injection Vulnerability, SecuriTeam, 2007/04/04
[UNIX] Rrdbrowse Arbitrary File Disclosure Vulnerability, SecuriTeam, 2007/04/04
[NEWS] ePortfolio Java Multiple Input Validation Vulnerabilities, SecuriTeam, 2007/04/04
[REVS] Manipulating FTP Clients Using the PASV Command, SecuriTeam, 2007/04/04
[UNIX] Konqueror DoS via JavaScript Read of FTP iframe, SecuriTeam, 2007/04/04
[UNIX] PHP WDDX Session Deserialization Information Leak Vulnerability, SecuriTeam, 2007/04/04
[UNIX] PHP4 phpinfo() XSS Vulnerability (Reintroduced), SecuriTeam, 2007/04/04
[EXPL] webSPELL PHP Code Execution (Exploit), SecuriTeam, 2007/04/04
[EXPL] Oracle 9i/10g DBMS_EXPORT_EXTENSION SQL Injection Exploit (Exploit), SecuriTeam, 2007/04/04
[NEWS] Kaspersky AntiVirus UPX File Decompression DoS, SecuriTeam, 2007/04/04
[NEWS] Format String in Netrek, SecuriTeam, 2007/04/04
[NEWS] Apache Tomcat JK Web Server Connector Long URL Stack Overflow, SecuriTeam, 2007/04/04
[NEWS] Evading the Norman SandBox Analyzer, SecuriTeam, 2007/04/04
[NEWS] Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Xbox 360 Hypervisor Privilege Escalation Vulnerability, SecuriTeam, 2007/04/04
[NT] Computer Associates eTrust Intrusion Detection DoS Vulnerability, SecuriTeam, 2007/04/04
[UNIX] WordPress Multiple Script Injection Vulnerabilities, SecuriTeam, 2007/04/04
[EXPL] XM Easy Personal FTP Server Format String DoS (Exploit), SecuriTeam, 2007/04/04
[EXPL] Plan 9 Kernel Local Exploit (devenv.c OTRUNC/pwrite), SecuriTeam, 2007/04/04
[NT] Comodo Bypassing Settings Protection Using Magic Pipe Vulnerability, SecuriTeam, 2007/04/04
[UNIX] IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities, SecuriTeam, 2007/04/04
[UNIX] IBM DB2 Universal Database DB2INSTANCE File Creation Vulnerability, SecuriTeam, 2007/04/04
[NT] VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Multiple Browsers Cross Domain Charset Inheritance Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Mozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability, SecuriTeam, 2007/04/04
[NEWS] Trend Micro ServerProtect Web Interface Authorization Bypass, SecuriTeam, 2007/04/04
[UNIX] Call Center Software XSS via POST (Exploit), SecuriTeam, 2007/04/04
[NT] Multiple Vulnerabilities in Cisco 802.1X Supplicant, SecuriTeam, 2007/04/04
[NEWS] Cisco Unified IP Conference Station and IP Phone Vulnerabilities, SecuriTeam, 2007/04/04
[NT] Simbin Racing Games Players Disconnection, SecuriTeam, 2007/04/04
[UNIX] phpTrafficA Local File Inclusion, SecuriTeam, 2007/04/04
[NEWS] Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities, SecuriTeam, 2007/04/04
[NEWS] Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities, SecuriTeam, 2007/04/04
[NEWS] Palm OS Treo Find Feature System Password Bypass, SecuriTeam, 2007/04/04
[NT] MailEnable Web Mail Client Multiple Vulnerabilities, SecuriTeam, 2007/04/04
[NEWS] Apache Multiple Injection Vulnerabilities, SecuriTeam, 2007/04/04
[EXPL] FTP Explorer Remote DoS (Exploit, CPU consumption), SecuriTeam, 2007/04/04
[EXPL] FTP Voyager CWD Stack Overflow (Exploit), SecuriTeam, 2007/04/04
[EXPL] TurboFTP Multiple DoS (Exploit), SecuriTeam, 2007/04/04