This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.

EMC's Centera Universal Access product version CUA4.0_4735.p4 suffers from a SQL injection vulnerability.

The Joomla Mamml component suffers from a remote file disclosure vulnerability.

Outpost Security Suite Pro version 2009 suffers from multiple bypass vulnerabilities when using special characters.

Moodle versions 1.7.4 and below suffer from a cross site request forgery vulnerability.

A cross site scripting vulnerability exists in Moodle versions 1.7.4 and below.

Pre Survey Poll suffers from a SQL injection vulnerability in default.asp.

EZWebAlbum suffers from an insecure cookie handling vulnerability that allows anyone to be an administrator.

Minix version 3.1.2a suffers from a tty panic local denial of service vulnerability.

IntelliTamper version 2.07 server header remote code execution exploit.