434 matches found
Format string bug in Sparklet 0.9.4try3
Luigi Auriemma Application: Sparklet http://sparklet.sourceforge.net Versions: = 0.9.4try3 Platforms: Windows, nix, BSD and more Bug: format string in client's display Exploitation: remote, versus clients Date: 06 Jul 2006 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...
[Full-disclosure] Buffer-overflow and NULL pointer crash in Genecys 0.2
Luigi Auriemma Application: Genecys http://www.genecys.org Versions: = 0.2 and current CVS Platforms: nix and BSD Bugs: A tellplayersurrchanges buffer-overflow B parsecommand NULL pointer crash Exploitation: remote, versus server Date: 12 May 2006 Author: Luigi Auriemma e-mail: [email protected]...
Multiple vulnerabilities in Cube engine 2005_08_29
Luigi Auriemma Application: Cube engine http://www.cubeengine.com Versions: = 20050829 Platforms: Windows, nix, BSD and MacOS Bugs: A sgetstr buffer-overflow B invalid memory access C clients crash through invalid map Exploitation: remote, versus both server and clients Date: 06 Mar 2006 Author:...
ePSXe 1.6.0 - nogui() Local Privilege Escalation
ePSXe 1.6.0 - nogui Local Privilege Escalation / epsxe-e.c ePSXe v1. local exploit By: Qnix e-mail: q-nixathotmaildotcom ePSXe-website: www.epsxe.com EXP-Sample: root@Qnix:/epsxe gcc -o epsxe-e epsxe-e.c root@Qnix:/epsxe ./epsxe-e ePSXe v1. local exploit by Qnix | Q-nixathotmaildotcom Stack point...
WebAPP 0.9.9.2.1 - Remote Command Execution (1)
WebAPP 0.9.9.2.1 - Remote Command Execution 1 !/usr/bin/perl T r a p - S e t U n d e r G r o u n D H a c k i n g T e a m Remote C0mmand Executing Expl0it - For WebAPP CGI Exploit By : A l p h a P r o g r a m m e r Sirus-v ; E-Mail : [email protected] [email protected] This xpl Open a...
Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net
Здравствуйте, 3APA3A. нашел новую узвимость. Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net Software / Application - Search Engine & Directory Powered by Turbo Seek Problem-Type - удаленная Vulnerability - возможность чтения файлов. Vendor - FocalMedia.Net...
[Full-Disclosure] CSA-200402-1: Previous Open Webmail vulnerability is exploitable
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cycom AB Security Advisory CSA-200402-1 www.cycom.se Advisory: Previous Open Webmail vulnerability is exploitable Date: Sat Feb 21 15:18:21 CET 2004, updated: Thu May 6 10:37:29 CEST 2004 Application: Open Webmail 2.20, 2.21 and 2.30 and -current...
surfboard-1.1.8.txt
Luigi Auriemma Application: Surfboard webserver http://surfd.sourceforge.net Versions: From the website: "Surfboard is a trivial web server, written by Meredydd Luff." ======= 2 Bugs ======= Directory traversal ------------------- The webserver checks the dot-dot pattern only if there is a '?' in...
SRT2003-06-13-1009.txt
Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...
phpBB2 remote execution command
phpBB2 is vulnerable to remote execution command All nix running phpBB2 versoion 2.0. Bug could be found at "phpBB2 root path" which is allowed remote attacker to execute any command remotely. The vulnerability of this attack start with '/phpBB2/includes/db.php?phpbbrootpath=' but some backdoor...
PerlCal (CGI) show files vulnerability
whizkunde security advisory: PerlCal CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 27th 2001 Subject: PerlCal CGI security problem Systems affected: NIX not windows systems running PerlCal CGI script Vendor:...
Alert: DNewsWeb buffer overflow
Cerberus Information Security Advisory CISADV000505 http://www.cerberus-infosec.co.uk/advisories.shtml Released : 5th May 2000 Name : DNewsweb Buffer Overflow Affected Systems : nix/Win32 Web Servers running Dnewsweb Issue : Attackers can remotely execute arbitrary code Author : Mark Litchfield...
windows_kod.txt
Subject: ip stack bug in windows kod.ckiss of death To: [email protected] / ::: kod.c kiss of death version 1.2 ::: author kod.c bug found by klepto / [email protected] / rewritten by ignitor / ignitor@EFnet ::: stuph works on bsd/linux/nix ::: notes bluescreens windows users98/98se and kill...
NCSA HTTPd 1.x - Remote Buffer Overflow (1)
// source: https://www.securityfocus.com/bid/3158/info NCSA HTTPd is a free, open-source web server for nix systems. NCSA HTTPd versions 1.3 and earlier are prone to an exploitable buffer overflowin the username field which will allow malicious remote users to execute arbitrary code with the...