AFFLIB多个格式串处理漏洞

AFFLIB是用于操作高级取证格式（AFF）文件的开源函数库。 AFFLIB的一些命令行工具实现上存在格式串处理漏洞，本地攻击者可能利用此漏洞提升自己的权限。 这些工具以格式串参数向warn和err调用传输一些命令行参数。如果攻击者能够影响这些命令行参数的话，就可能导致执行任意指令。 s3格式串注入 文件：lib/s3.cpp 行数：207 err调用中的一个命令行参数用作了格式串，如果攻击者能够影响名称的话就可以导致格式串注入漏洞。192-207行说明了这个问题： void s3cpconst char fname,string key struct s3headers meta2 =...

AFFLIB(TM): Multiple Shell Metacharacter Injections

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Multiple Shell Metacharacter Injections in AFFLIB Release Date: 2007-04-27...

The establishment of the hidden super-user-vulnerability warning-the black bar safety net

A few days ago on a websitecan't remember, sorry ^on saw an article introduce how to build a hidden super-user graphic tutorial, give me a lot of inspiration, the author only describes how the local graphical interface is established under the hidden super-user, and the author said he could not a...

[SECURITY] Fedora Core 5 Update: ImageMagick-6.2.5.4-4.2.1.fc5.8

ImageMagickTM is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed...

Cross site scripting

Cross-site scripting XSS vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via 1 http or 2 ftp requests logged in /var/log/directadmin/security.log; 3 allows context-dependent...

CVE-2007-1926

Cross-site scripting XSS vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via 1 http or 2 ftp requests logged in /var/log/directadmin/security.log; 3 allows context-dependent...

Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability

Exploit for linux platform in category remote exploits ================================================================ Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability ================================================================ Kerberos Version 1.5.1 Kadmind Remote Root Buff...

[SECURITY] Fedora Core 6 Update: ImageMagick-6.2.8.0-4.fc6

ImageMagickTM is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed...

CA BrightStor ARCserve Backup Mediasvr.exe vulnerability

CA is aware that functional exploit code was publicized on March 30, 2007 for a CA BrightStor ARCserve Backup Mediasvr.exe vulnerability. We have verified that a high risk vulnerability does exist and we are now working on a patch to address the issue. CA recommends that BrightStor ARCserve Backu...

CVE-2007-1719

Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name...

Buffer overflow

Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name...

php521_phpdoc_bof.txt

original url: http://retrogod.altervista.org/php521phpdocbof.html...

QFTP (LIBFtp 3.1-1) (command line) sprintf() local buffer overflow

http://nbpfaus.net/pfau/ftplib/ qftp is a utility that performs file transfers using ftplib based on instructions presented on the command line. Description buffer overflow in sprintf, setumask don't check sizelen of passed argument. Source error in main: 337: case 'm' : setumaskoptarg; break;...

Important: spamassassin security update

3.1.8-2 - Fix sa-learn regression 228968 3.1.8-1 - 3.1.8 CVE-2007-0451 3.1.7-9 - silence sa-update cron script 3.1.7-8 - only restart spamd if necessary after sa-update 227756 3.1.7-7 - requires gnupg 227738 3.1.7-6 - explicit requires on perlHTTP::Date and perlLWP::UserAgent Bug 193100 3.1.7-5 -...

Aruba Mobility Controller vulnerable to privilege escalation

Overview The Aruba Mobility Controller Management Interface contains a privilege escalation vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Aruba Mobility Controllers are used to process and control network traffic in...

With ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net

In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad daylight easy to be found,open your own ftp and not assured. Your own online in a circle is found by combining the non-component upload asp Trojan can be easily achieve...

rar -- password prompt buffer overflow vulnerability

iDefense reports: Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...

MD5Crack 4.0-vulnerability warning-the black bar safety net

I always prefer MD5Crack, today to see the author publish a new version, with a relatively large update. MD5Crack 4.0 in the retention MD5Crack features on the basis of the re-modified the entire framework. All the code are rewritten. The rewrite is mainly a logic portion and a UI portion for the...

[SECURITY] Fedora Core 5 Update: postgresql-8.1.7-1.fc5

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

[SECURITY] Fedora Core 6 Update: postgresql-8.1.7-1.fc6

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...