FrontPage fp30reg.dll remote debug buffer overflow

Added: 01/30/2006 CVE: CVE-2003-0822 BID: 9007 OSVDB: 2952 Background Microsoft FrontPage Server Extensions includes a remote debugging function. Problem A buffer overflow in fp30reg.dll leads to a vulnerability in the remote debug function in FrontPage Server Extensions. A remote attacker could...

linux/x86 anti-debug trick (INT 3h trap) + execve /bin/sh 39 bytes

No description provided by source. / linux/x86 anti-debug trick INT 3h trap + execve"/bin/sh", "/bin/sh", NULL, NULL - 39 bytes The idea behind a shellcode w/ an anti-debugging trick embedded in it, is if for any reason the IDS would try to x86-emulate the shellcode it would glitch and fail. This...

linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes

linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes. Shellcode exploit for linx86 platform / linux/x86 anti-debug trick INT 3h trap + execve"/bin/sh", "/bin/sh", NULL, NULL - 39 bytes The idea behind a shellcode w/ an anti-debugging trick embedded in it, is if for any reason the IDS...

CVE-2006-0305

Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware 1.1.12 051129 and CP-100E VoIP 802.11b Wireless Phone running firmware 1.1.60 allows remote attackers to gain unauthorized access via the debug service on TCP port 60023...

Code injection

Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware 1.1.12 051129 and CP-100E VoIP 802.11b Wireless Phone running firmware 1.1.60 allows remote attackers to gain unauthorized access via the debug service on TCP port 60023...

CVE-2006-0305

The CVE-2006-0305 issue affects Clipcomm CPW-100E VoIP 802.11b Wireless Handset (firmware 1.1.12, 051129) and CP-100E VoIP 802.11b Wireless Phone (firmware 1.1.60). A remote attacker can gain unauthorized access through the debug service on TCP port 60023. The vulnerability allows partial exposur...

[Full-disclosure] Clipcomm CPW-100E VoIP wireless handset phone open debug service TCP/60023

I disclosed the following issue at ShmooCon 2006 http://www.shmoocon.org/ during my "VoIP Wireless Phone Security Analysis" presentation. Thanks, --scm =============================================================== DATE: 16 January, 2006 VENDOR: Clipcomm VENDOR NOTIFIED: 14 December, 2005 PRODUC...

[Full-disclosure] Clipcomm CP-100E VoIP wireless desktop phone open debug service TCP/60023

I disclosed the following issue at ShmooCon 2006 http://www.shmoocon.org/ during my "VoIP Wireless Phone Security Analysis" presentation. Thanks, --scm =============================================================== VENDOR: Clipcomm VENDOR NOTIFIED: 7 December, 2005 PRODUCT: Clipcomm CP-100E VoIP...

Mandrake Linux Security Advisory : kernel (MDKSA-2005:235)

Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this update : A stack-based buffer overflow in the sendmsg function call in versions prior to 2.6.13.1 allow local users to execute arbitrary code by calling sendmsg and modifying the message contents in anothe...

CVE-2005-4368

roundcube webmail Alpha, with a default high verbose level $rcmailconfig'debuglevel' = 1, allows remote attackers to obtain the full path of the application via an invalidtask parameter, which leaks the path in an error message...

[Full-disclosure] Cisco PIX TCP Connection Prevention

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is Cisco PSIRT's response to the statements made by Arhont Ltd.- Information Security in its message: Full-disclosure Cisco PIX TCP Connection Prevention, posted on November 22, 2005. The original email is available...

CVE-2005-3727

SQL injection vulnerability in debug/queryresults.jsp in Idetix Software Systems Revize CMS allows remote attackers to execute arbitrary SQL commands via the query parameter...

CVE-2005-3727

The CVE-2005-3727 entry concerns an SQL injection in Idetix Software Systems Revize CMS, specifically in debug/query_results.jsp. The vulnerability arises from unsafely handling the query parameter, enabling remote attackers to execute arbitrary SQL commands. Affected component is the Revize CMS ...

CVE-2005-3504

Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code...

Default password 'synnet' for account 'debug' (SSH/Telnet)

The account SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.17289";...

Sendmail 8.x < 8.6.7 Long Debug Local Overflow Vulnerability

The remote Sendmail server, according to its version number, allows local users to gain root access via a large value in the debug -d command line option. SPDX-FileCopyrightText: 2003 Xue Yong Zhi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

ColdFusion Debug Mode

It is possible to see the ColdFusion Debug Information by appending ?Mode=debug at the end of the request like GET /index.cfm?Mode=debug. 4.5 and 5.0 are definitely concerned probably in addition older versions. The Debug Information usually contain sensitive data such as Template Path or Server...

Sendmail DEBUG Mode Leak Vulnerability

According to the version number of the remote mail server, a local user may be able to obtain the complete mail configuration and other interesting information about the mail queue. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and...

DB4Web TCP relay

DB4Web debug page allows anybody to scan other machines. You may be held for responsible. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2005-3396

CVE-2005-3396 : The issue is in IBM AIX 5.2 and 5.3, affecting the chcons (chcon) command. The root cause is a buffer overflow when DEBUG MALLOC is enabled, which could allow an attacker to execute arbitrary code via a long command line argument. The connected documents (NVD entry and related adv...