Paper describing the fundamentals to writing shellcode on Linux x86 systems. Filled with loads of examples.
c7f898409a0cfbef6ca72115bde9760dfaa77bbaa75169f1aee06693faa67236
AppScan 4 Audit Edition has a flaw where the Explore stage of the utility has an automatic scan option. When a reference to a URL in an href tag is made using a wrapper function instead of directly calling window.open or document.location javascript functions, AppScan will not detect the link and the URL will not be tested against any attack.
738c67afd76910eef51c248ffef68d21df6238a1d7277ac9314af039a2a5aabe
Moozatech Advisory - wzdftpd FTP server version 0.1rc5 is vulnerable to a remote denial of service when an internal check during the login process verifies the input. Sending a single CRLF sequence at login will cause an Unhandled exception.
9dc709a32ecc61f75ab26f3b3ad333db8c02afd077bd2ccd557d391336f40994
Packet Storm new exploits for March, 2003.
99a4af813d300038af78ac3abb7d9b6bd8d2dceb9b661b5b112f238494160780
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
c77c45cda120a2df844639ed9545243e9c9a436bd723e556c9ea06c15a682d06
Both OpenSSH portable versions 3.7p1 and 3.7.1p1 contain multiple vulnerabilities in the new PAM code with at least one of the bugs being remotely exploitable.
6039997a0d3920e9ec4076fc04dcbce3949da71808527bf29c18e4ad183aa448
mpg123 v0.59r and 0.59s remote client-side heap corruption exploit that makes use of the overflow found in the readstring() function of httpget.c which does not limit the amount of data written to a buffer.
b966ec4b297ac556e11aa1acbd8b25b092385a2aa517c52977bb4f02b7484849
Remote exploit for lsh 1.4.x that makes use of a boundary error in read_line.c when checking for errors. Spawns a bindshell on port 45295.
e168f8955d32dfb71b3687b375f1e860d3b0793aad3026a1c30016d53a3c21eb
Debian Security Advisory DSA 389-1 - ipmasq below version 3.5.12 creates improper filtering rules that will allow traffic on an external interface to route to an internal host via forwarding.
13d99608cbf405e4adad6318a424cce5a41df502f8911c3dcd0e11ced43af864