CVE-2005-4620

Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to specify a command-line argument f...

CVE-2006-0072

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector...

CVE-2006-0072

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector...

CVE-2006-0072

CVE-2006-0072 corresponds to a buffer overflow in SCO OpenServer 5.0.7's termsh component that can be exploited by a remote attacker via a long -o command line argument to execute arbitrary code. The vulnerability is distinct from CVE-2005-0351 and the connected sources reiterate the same affecte...

SCO OpenServer 5.0.7 - termsh Local Privilege Escalation

SCO OpenServer 5.0.7 - termsh Local Privilege Escalation / SCO Openserver 5.0.7 termsh exploit =================================== 'termsh' is a program to view or modify an existing terminal entry on SCO Openserver. A stack based overflow exists in the handling of command line arguements, namely...

SCO OpenServer 5.0.7 - 'termsh' Local Privilege Escalation

/ SCO Openserver 5.0.7 termsh exploit =================================== 'termsh' is a program to view or modify an existing terminal entry on SCO Openserver. A stack based overflow exists in the handling of command line arguements, namely the -o oadir arguement. It is installed setgid auth in a...

CVE-2005-4620

Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to specify a command-line argument f...

CVE-2005-4667

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long...

PhpDocumentor <= 1.3.0 rc4 Arbitrary remote/local inclusion

---- PhpDocumentor = 1.3.0 rc4 Arbitrary remote/local inclusion --- software: site: http://www.phpdoc.org/ description: "phpDocumentor, sometimes referred to as phpdoc or phpdocu, is the current standard auto-documentation tool for the php language. Similar to Javadoc, and written in php,...

CVE-2005-4582

CVE-2005-4582 affects Electric Sheep 2.6.3, where the client does not require authentication or integrity checks from the server. This can allow remote attackers to download and display arbitrary MPEG movie files via DNS spoofing, a URL on the command line, or a URL in the configuration file. The...

GLSA-200512-10 : Opera: Command-line URL shell command injection

The remote host is affected by the vulnerability described in GLSA-200512-10 Opera: Command-line URL shell command injection Peter Zelezny discovered that the shell script used to launch Opera parses shell commands that are enclosed within backticks in the URL provided via the command line. Impac...

SCO uidadmin buffer overflow

Buffer overflow on parsing -S command line parameter...

AngelShell: let all the forward program to achieve the reverse connection application papers-the vulnerability warning-the black bar safety net

Nowserviceis almost entirely put in a hardware firewall, hard to penetrate, only to find that with a hardware Firewall, the party pooper! What TerminalService, what Radmin and the like in a controlled manner do not even think. Tried, found that almost all support reverse connection, the forward...

Firefox / Opera code execution

Command lines arguments can be pasted through URL if Firefox or Opera are invoked from external application in Unix-like systems...

CVE-2005-3750

Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via shell metacharacters backticks in a URL that another product provides in a command line argument when launching Opera...

CVE-2004-2552

Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privileg...

Lazy overflow kits: Metasploit-vulnerability warning-the black bar safety net

A few days ago in the QQ on Q the friends said, found a really cool overflow kit, but how do I ask him he wouldn't tell me, and finally sent him a set of clothes only to tell me a kit name. Download back after use but this overflow kit is really cool, dare not exclusive, treat yourself to use the...

CVE-2004-2515

Technical details for CVE-2004-2515 are not publicly available in the provided documents. The description notes a format-string vulnerability in VMware Workstation 4.5.2 but no specifics on affected components, root cause, or fixes are included here. Monitor for updates.

XMail 1.21 - '-t' Command Line Option Local Buffer Overflow / Local Privilege Escalation

/ XMail 1.21 'sendmail' local exploit ret-into-libc Yields uid root || gid mail By qaaz at centrum dot cz, 2005 / include include include include include include include include define TARGET "/var/MailRoot/bin/sendmail" define NM "nm" define GREP "grep" define MKDIR "mkdir" define TMP "/tmp"...

CVE-2005-2943

Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option...