Zoo 2.10 - Parse.c Local Buffer Overflow

Zoo 2.10 - Parse.c Local Buffer Overflow source: https://www.securityfocus.com/bid/17126/info Zoo is prone to a local buffer-overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before using it in a finite-sized buffer. An...

Ipswitch Collaboration Suite Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ipswitch Collaboration Suite. Authentication is required to exploit this vulnerability. This specific flaw exists within the IMAP daemon. A lack of bounds checking during the parsing of long...

PeerCast <= 0.1216 (nextCGIarg) Remote Buffer Overflow Exploit

No description provided by source. / GNU PeerCast = v0.1216 Remote Exploit ====================================== PeerCast is a simple, free way to listen to radio and watch video on the internet. A remotely exploitable buffer overflow has been identified by INFIGO-2006-03-01 which can be...

PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow (1)

PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow 1 / GNU PeerCast include include include include include include include include include struct target char name; int retaddr...

PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (1)

/ GNU PeerCast include include include include include include include include include struct target char name; int retaddr; ; struct she...

postgresql81-server -- SET ROLE privilege escalation

The PostgreSQL team reports: Due to inadequate validity checking, a user could exploit the special case that SET ROLE normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example...

DSA-959-1 unalz - buffer overflow

Bulletin has no description...

Exiv2 - Corrupted EXIF Data Denial of Service

Exiv2 - Corrupted EXIF Data Denial of Service source: https://www.securityfocus.com/bid/16400/info Exiv2 is susceptible to a denial-of-service vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input data before attempting to read it, resulting in...

MyBB 1.0.2 XSS attack in search.php redirection

http://127.0.0.1/mybb/search.php?action=dosearch&keywords=&postthread=1&author=imei&matchusername=1&forums=all&findthreadst=1&numreplies=&postdate=0&pddir=1&sortby="script language=javascriptalertdocument.cookie/script&sorder=1&showresults=threads&submit=Search...

Alt-N WebAdmin USER Buffer Overflow

Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. This module requires Metasploit: https://metasploit.com/download Current source:...

Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-125-1)

Marco Alvarez found a Denial of Service vulnerability in the Jabber protocol handler. A remote attacker could exploit this to crash Gaim by sending specially crafted file transfers to the user. CAN-2005-0967 Stu Tomlinson discovered an insufficient bounds checking flaw in the URL parser. By sendi...

Ubuntu 4.10 / 5.04 : apache2 vulnerability (USN-120-1)

Luca Ercoli discovered that the 'htdigest' program did not perform any bounds checking when it copied the 'user' and 'realm' arguments into local buffers. If this program is used in remotely callable CGI scripts, this could be exploited by a remote attacker to execute arbitrary code with the...

Apple QuickTime 6.46.57.0.x - PictureViewer .JPEG.PICT File Buffer Overflow

Apple QuickTime 6.46.57.0.x - PictureViewer .JPEG.PICT File Buffer Overflow source: https://www.securityfocus.com/bid/16212/info Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to...

Apple QuickTime 6.4/6.5/7.0.x - PictureViewer '.JPEG'/.PICT' File Buffer Overflow

source: https://www.securityfocus.com/bid/16212/info Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers. An attacker may be able to exploit this issue to...

Cray UNICOS usrbinscript - Command Line Argument Local Overflow

Cray UNICOS usrbinscript - Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities wi...

NetBSD Security Advisory 2006-001: Kernfs kernel memory disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-001 ================================= Topic: Kernfs kernel memory disclosure Version: NetBSD-current: source prior to November 23, 2005 NetBSD 3.0: not affected NetBSD 2.1: affected NetBSD 2.0.3: affected NetBSD 2.0:...

CMailServer mail system, the attachment download module download mail system installation disk arbitrary file vulnerability-vulnerability warning-the black bar safety net

CMailServer mail system, the attachment download module download mail system installation disk arbitrary file vulnerability Our Team: http://www.ph4nt0m.org Author: cloud [email protected] Date: 2005-11-06 Severity: medium Error type: parameter checking is not strict Affect the system: th...

linux/x86 ifreadfd,buf,512<=2 _exit1 else buf; 29 bytes

linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large payload of goodness. This actually is a bit larger than necessary because of the error checking but in some cases...

linux/x86 if(read(fd,buf,512)<=2) _exit(1) else buf(); 29 bytes

Exploit for linux/x86 platform in category shellcode =============================================================== linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large...

[Full-disclosure] ZDI-05-002: Clam Antivirus Remote Code Execution

ZDI-05-002: Clam Antivirus Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-05-002.html November 4th, 2005 -- CVE ID: CAN-2005-3303 -- Affected Vendor: Clam AntiVirus -- Affected Products: Clam AntiVirus 0.80 through 0.87 -- TippingPointTM IPS Customer Protectio...