OSCA-550, OSCA-550A Security Vulnerabilities
0.7AI Score
0.898EPSS
0.4AI Score
0.965EPSS
1AI Score
0.753EPSS
HTTPDX tolog() Function Format String Vulnerability
This module exploits a format string vulnerability in HTTPDX HTTP server. By sending a specially crafted HTTP request containing format specifiers, an attacker can corrupt memory and execute arbitrary code. By default logging is off for HTTP, but enabled for the 'moderator' user via...
7.6AI Score
HTTPDX tolog() Function Format String Vulnerability
This module exploits a format string vulnerability in HTTPDX FTP server. By sending a specially crafted FTP command containing format specifiers, an attacker can corrupt memory and execute arbitrary code. By default logging is off for HTTP, but enabled for the 'moderator' user via...
8AI Score
Xlink FTP Client Buffer Overflow
This module exploits a stack buffer overflow in Xlink FTP Client 32 Version 3.01 that comes bundled with Omni-NFS Enterprise 5.2. When an overly long FTP server response is received by a client, arbitrary code may be...
7.8AI Score
FreeBSD ftpd 'setusercontext()'远程特权提升漏洞
Bugraq ID: 36119 FreeBSD是一款开放源代码基于BSD的操作系统。 FreeBSD 'ftpd'存在远程特权提升问题,远程攻击者可以利用漏洞突破chroot封锁获得系统敏感信息或进行拒绝服务攻击。 BSD传承的操作系统一般都包含用于设置用户上下文的函数,如 FreeBSD 5.0和7.0包含的setusercontext()函数: setusercontext(lc, pw, (uid_t)0, LOGIN_SETLOGIN|LOGIN_SETGROUP|LOGIN_SETPRIORITY| ...
6.9AI Score
FreeBSD ftpd setusercontext()远程权限提升漏洞
BUGTRAQ ID: 36119 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD及其他一些BSD系统有一个用于设置用户上下文的功能,如FreeBSD中的setusercontext()函数: setusercontext(lc, pw, (uid_t)0, LOGIN_SETLOGIN|LOGIN_SETGROUP|LOGIN_SETPRIORITY| LOGIN_SETRESOURCES|LOGIN_SETUMASK); 其中的LOGIN_SETRESOURCES设置允许用户设置资源。根据用户手册所述: ...
6.9AI Score
7.1AI Score
Multiple BSD Operating Systems setusercontext() Vulnerabilities
Exploit for multiple platform in category local...
6.9AI Score
7.4AI Score
*BSD setusercontext vulnerabilites discovered by Kingcope, July 2009 lewls XD Let's go.. BSD derived operating systems have a special function to set a "user context". The function setusercontext() is available on for example FreeBSD 5.0 and 7.0. An example from ftpd.c : setusercontext(lc, pw,....
0.4AI Score
BSD (Multiple Distributions) - setusercontext() Multiple Vulnerabilities
BSD (Multiple Distributions) - setusercontext() Multiple...
0.3AI Score
0.1AI Score
-0.1AI Score
7.1AI Score
NcFTPd <= 2.8.5 remote jail breakout
NcFTPd <= 2.8.5 remote jail breakout Discovered by: Kingcope Contact: kcope2<at>googlemail.com / http://isowarez.de Date: 27th July 2009 Greetings: Alex,Andi,Adize,wY!,Netspy,Revoguard Prerequisites: Valid user account. Demonstration on FreeBSD 7.0-RELEASE...
AI Score
NcFTPd <= 2.8.5 Remote Jail Breakout Vulnerability
Exploit for freebsd platform in category remote...
7.1AI Score
7.4AI Score
0.1AI Score
7AI Score
Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow
This module exploits a stack buffer overflow in Novell's NetIdentity Agent. When sending a specially crafted string to the 'XTIERRPCPIPE' named pipe, an attacker may be able to execute arbitrary code. The success of this module is much greater once the service has been...
0.6AI Score
Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow
This module exploits a stack buffer overflow in Oracle. When sending a specially crafted packet containing a long SERVICE_NAME to the TNS service, an attacker may be able to execute arbitrary...
8.3AI Score
Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow
This module exploits a stack buffer overflow in Oracle 8i. When sending a specially crafted packet containing an overly long ARGUMENTS string to the TNS service, an attacker may be able to execute arbitrary...
7.8AI Score
7.1AI Score
7.4AI Score
Web Directory PRO - Admins.php Change Admin Password
Web Directory PRO - Admins.php Change Admin...
0.4AI Score
Web Directory PRO (admins.php) Change Admin Password Exploit
Exploit for unknown platform in category web...
7.1AI Score
Autodesk IDrop ActiveX Control Heap Memory Corruption
This module exploits a heap-based memory corruption vulnerability in Autodesk IDrop ActiveX control (IDrop.ocx) version 17.1.51.160. An attacker can execute arbitrary code by triggering a heap use after free condition using the Src, Background, PackageXml...
1.3AI Score
Addonics NAS Adapter FTP Server多个命令远程缓冲区溢出漏洞
Bugraq ID: 34796 CNCAN ID:CNCAN-2009050301 Addonics NAS Adapter是一款用于向LAN增加任意USB存储设备的小型适配器。 Addonics NAS Adapter包含的FTP服务器存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 其中对RMDIR, Delete, Rename命令提交的参数缺少充分边界检查,构建恶意字符串作为命令参数,可触发缓冲区溢出,以应用程序权限执行任意指令。 Addonics NAS Adapter NASU2FW41 目前没有解决方案提供:...
6.9AI Score
-0.1AI Score
7.1AI Score
Addonics NAS Adapter FTP - Remote Denial of Service
Addonics NAS Adapter FTP - Remote Denial of...
0.3AI Score
Addonics NAS Adapter FTP Remote Denial of Service Exploit
Exploit for hardware platform in category dos /...
7AI Score
7.4AI Score
EPSS
1AI Score
1.3AI Score
7.4AI Score
Autodesk IDrop ActiveX Remote Code Execution Exploit
Exploit for windows platform in category remote...
7.1AI Score
7.1AI Score
DiViS-Web ActiveX控件AddSiteEx()方式堆溢出漏洞
BUGTRAQ ID: 34468 DiViS-Web是Chance-i视频监控系统所使用的基于WEB的控制软件。 DiViS-Web ActiveX控件(ActiveView.cab)没有正确地验证对AddSiteEx()函数所传送的输入参数,如果用户受骗访问了恶意网页并向该参数传送了超长参数的话,就可以触发堆溢出,导致执行任意代码。 Chance-i DiViS-Web 3.0.0.7 临时解决方法: 为clsid 66F7F252-3FE1-4650-B1E5-94B2A38271C5设置kill-bit。 厂商补丁: Chance-i...
6.9AI Score
7.1AI Score
Chance-i DiViS-Web DVR System ActiveX Control Heap Overflow PoC
Exploit for unknown platform in category dos /...
7AI Score
Chance-i DiViS-Web DVR System - ActiveX Control Heap Overflow (PoC)
Chance-i DiViS-Web DVR System - ActiveX Control Heap Overflow...
AI Score
0.1AI Score
7.4AI Score
Ubuntu Update for libcairo regression USN-550-3
Ubuntu Update for Linux kernel vulnerabilities...
0.8AI Score
Ubuntu Update for libcairo regression USN-550-2
Ubuntu Update for Linux kernel vulnerabilities...
0.6AI Score
0.082EPSS
Check if Mailserver answer to VRFY and EXPN requests
The Mailserver on this host answers to VRFY and/or EXPN...
7.3AI Score
7.5AI Score