CVE-2006-4663

The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions 0666 and 0777 for certain files and directories, which might allow local users to insert Trojan horse source code that would be used during the next kernel compilation. NOTE:...

CVE-2006-4663

The CVE-2006-4663 entry concerns weak permissions (0666/0777) in the Linux kernel source tarballs for 2.6.16 through 2.6.17.11, potentially allowing a local user to insert Trojan horse source code that could be used when the kernel is next compiled. Primary details from connected documents indica...

Compilation“free kill”the basics detailed explanation-vulnerability warning-the black bar safety net

A. Machine code,also called machine code. ultraedit open,edit exe file you will see Many by 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F consisting of digital,these digital Is machine code. Modify the program must be by modifying the machine code to modify the exe file. II. Need to master the entire compilati...

phpLocal.txt

Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...

Gentoo Linux JPEG library DoS

Compilation option to limit amount of available memory is not turned on allowing memory exhaustion attacks...

Code injection

BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source code of JSP pages during certain circumstances related to a "timing window" when a compilation error occurs, aka the "JSP showcode vulnerability."...

CVE-2006-2466

BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source code of JSP pages during certain circumstances related to a "timing window" when a compilation error occurs, aka the "JSP showcode vulnerability."...

CVE-2006-2466

BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source code of JSP pages during certain circumstances related to a "timing window" when a compilation error occurs, aka the "JSP showcode vulnerability."...

Recursor version 3.0.1

Released 25th of April 2006, download. This release consists of nothing but tiny fixes to 3.0, including one with security implications. An upgrade is highly recommended. Compilation used both cc and gcc, leading to the possibility of compiling with different compiler versions commit 766...

Accessing XBL compilation scope via valueOf.call() — Mozilla

mozbugra4 discovered that the compilation scope of privileged built-in XBL bindings was not fully protected from web content and could be accessed by calling valueOf.call and valueOf.apply on a method of that binding. This could then be used to compile and run attacker-supplied JavaScript, giving...

Cube 2005_08_29 - Multiple Buffer Overflow / Crash

/ by Luigi Auriemma You NEED Enet for compiling this tool then remember -lenet http://enet.bespin.org / http://enet.cubik.org / include include include include define VER "0.1" define PORT 28765 define MAXTRANS 5000 define BOFSZ MAXTRANS + 2400 define MAPSUX...

Borland C BCB6 compiler / tiny c compiler Invalid sizeof() calculation

Invalid sizeof calculation for integer during 64-bit code compilation leads to different problems...

Internet Download Manager <= 4.05 Input URL Stack Overflow Exploit

No description provided by source. / Title : Internet Download Manager = 4.05 universal remote overflow Exploit bug analyse and exploit code by : c0d3r "Kaveh Razavi" [email protected] my advisory : http://www.ihsteam.com/advisory/downloadmanageradv.txt this bug is differnt from what was found in...

Einstein <= 1.01 Local Password Disclosure Exploit (asm)

No description provided by source. ; Nothing Special other than the program doesnt encode the user/pass in the registry. ; Einstein v1.01 - http://www.Bfriendly.com some crappy file school sharing program ; made because i think C is overkill for these types of local exploits, ; shit we can does...

DEBIAN-CVE-2004-2687

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks...

CVE-2004-0490

cPanel, when compiling Apache 1.3.29 and PHP with the modphpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPTFILENAME variable to find and execute a script instead of the PATHTRANSLATED variable, which allows local users to execute arbitrary PHP code...

cPanel 5 < 9 - Local Privilege Escalation

source: https://www.securityfocus.com/bid/10407/info cPanel is reported prone to a privilege escalation vulnerability. It is reported that the options used by cPanel to compile Apache 1.3.29 and PHP using the modphpsuexec option are insecure. These settings will reportedly permit a local attacker...

XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit

Exploit for linux platform in category remote exploits ======================================================= XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit ======================================================= / X-Chatv1.8.0 - v2.0.8: socks-5 remote buffer overflow exploit. by:...

MS Windows 2K/XP TCP Connection Reset Remote Attack Tool

Exploit for unknown platform in category dos / poc ======================================================== MS Windows 2K/XP TCP Connection Reset Remote Attack Tool ======================================================== AFX TCP Reset by Aphex http://www.iamaphex.cjb.net email protected Compile...

Symbolic links problem during automake compilation

No description provided...