Opera 7.22 - File Creation and Execution Exploit (Webserver)

No description provided by source. !/usr/bin/perl Sample code of Opera 7 Arbitrary File Auto-Saved Vulnerability. This Exploit will run a webserver that will create and execute a batch file on the victim's computer when visiting this malicious server This perl script is a small HTTP server for a...

Apache Win32 1.3.x/2.0.x Batch File Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4335/info Special characters such as | may not be filtered by the batch file handler when a web request is made for a batch file. As a result, a remote attacker may be able to execute arbitrary commands on the host runnin...

Metainfo Sendmail 2.0/2.5,MetaIP 3.1

No description provided by source. source: http://www.securityfocus.com/bid/110/info MetaInfo www.metainfo.com puts out many NT service products, including MetaIP DHCP/DNS manager and Sendmail Unix port. Both products allow remote administration via Web UIs, and MetaIP uses Java to communicate ba...

Chilkat Software FTP2 ActiveX Component Remote Code Execution

No description provided by source. !-- Chilkat Software FTP2 ActiveX Component ChilkatFtp2.DLL 2.6.1.1 Remote Code Execution poc by rgod tested against Internet Explorer 7 on Vista should also work with 8/9 ActiveX Settings: CLSID: 302124C4-30A0-484A-9C7A-B51D5BA5306B Progid:...

CVE-2011-4525

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors...

Code injection

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors...

CVE-2011-4525

Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors...

CVE-2011-4525

CVE-2011-4525 affects Advantech/BroadWin WebAccess prior to 7.0. A remote attacker can cause the client to create and execute a batch file by injecting arbitrary web content, enabling potential remote code execution. ICS-CERT notes Advantech released WebAccess 7.0 to address most vulnerabilities;...

python security, bug fix, and enhancement update

python: 2.6.6-20 Resolves: CVE-2010-3493 2.6.6-19 Resolves: CVE-2011-1015 2.6.6-18 Resolves: CVE-2011-1521 2.6.6-17 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-16 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-15 - fix race condition that sometimes breaks the build wi...

RealNetworks RealPlayer Code Execution

Written by Sean de Regge seanderegge hotmail.com Exploit for the parameter injection bug in Realplayers RecordClip activeX function and firefox plugin http://www.zerodayinitiative.com/advisories/ZDI-10-211/ C:\Program Files\Real\RealPlayer\RecordingManager.exe has 2 interesting switches: /t will...

Chilkat Software FTP2 ActiveX Component Remote Code Execution

Exploit for windows platform in category remote exploits ============================================================= Chilkat Software FTP2 ActiveX Component Remote Code Execution ============================================================= obj.UnlockComponent"suntzu"; //needed for file transfe...

Chilkat Software FTP2 ActiveX Code Execution

obj.UnlockComponent"suntzu"; //needed for file transfer operations, type whatever here obj.Port=21; //configure ftp connection obj.Hostname="192.168.0.1"; //change here obj.ConnectTimeout=5; obj.Passive=1; var x; x=obj.Connect; if x==1 x = obj.GetFile"suntzu.txt","c:/Users/All...

Clever built back door method a-vulnerability warning-the black bar safety net

Clever opened the back door a, the beginning: Prepared items: The disposable back-door one! The batch file one! A precondition,the other side has to open the terminal The batch file content ====================== echo Code By N/P copy 木马 .exe %windir%\system32\dllcache\magnify.exe /y the move 木马...

CVE-2008-0581

Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch...

CVE-2008-0581

Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch...

CVE-2008-0581

CVE-2008-0581 involves Geert Moernaut LSrunasE and describes a local privilege escalation where a user can obtain the encrypted password from a batch file and then create a modified batch file that uses the /password switch to supply that password and the /command switch to run an arbitrary progr...

Quickly remove illegal file name code-vulnerability warning-the black bar safety net

allyesno: we will encounter many so-called illegal file name For example .. con, nul, etc. FlowerCode gives the following method can quickly delete these file names http://hi.baidu.com/flowercode/blog/item/3f68be02a7cfd10d4bfb519f.html References Two lines of code get deleted quickly using illega...

Ultra Crypto Component (CryptoX.dll <= 2.0) SaveToFile() Inscure Method

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"------------------------------------------------------------------------------------- bUltra Crypto Component CryptoX.dll = 2.0 "SaveToFile" Inscure Method/b...

ultra-cryptox20.txt

------------------------------------------------------------------------------------- Ultra Crypto Component CryptoX.dll url: http://www.ultrashareware.com/ author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. Use it at your...

Mysteriously replaced Windows XP user password-vulnerability warning-the black bar safety net

Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9X and DOS automatically executed batch file, the autoexec. bat. Using this feature, you can write a batch file to re-set the user password, an...