Command injection

Cisco Unified Computing System UCS Platform Emulator 2.52TS4, 3.02cA, and 3.02cTS9 allows local users to gain privileges via crafted arguments on a ucspe-copy command line, aka Bug ID CSCux68832...

UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)

No description provided by source. source: http://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible to execute code on the...

Analysis of the postgresql database attack techniques II-vulnerability warning-the black bar safety net

You can see we broke up in a field for the name, then we continue incrementing the offset value, to obtain the other field, as shown in Figure 9 and 1=2 union select 1,columnname,'3','4' from informationschema. the columns where tablename='admins' offset 2 limit 1-- ! Figure 9 Field passowrd is...

UDF truncating issue

The Universal Disk Format UDF filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service hang and crash via certain operations involving truncated files, as demonstrated via the dd command...

DEBIAN-CVE-2007-4998

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination...

DEBIAN-CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

Command injection

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

[SA14372] ArGoSoft FTP Server "SITE COPY" Shortcuts Security Issue

TITLE: ArGoSoft FTP Server "SITE COPY" Shortcuts Security Issue SECUNIA ADVISORY ID: SA14372 VERIFY ADVISORY: http://secunia.com/advisories/14372/ CRITICAL: Less critical IMPACT: Unknown WHERE: From remote SOFTWARE: ArGoSoft FTP Server 1.4.x http://secunia.com/product/2260/ DESCRIPTION: Cirpian...

Argosoft FTP server SITE COPY .lnk files directory traversal

With SITE COPY command it's possible to place .lnk file pointing outside FTP root directory...

CVE-2005-0520

ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut .LNK files in the SITE COPY command, a different vulnerability than CVE-2005-0519...

CVE-2004-1438

The CVE-2004-1438 issue affects the Subversion Apache module mod_authz_svn for Subversion 1.0.4-r1 and earlier. A flaw in mod_authz_svn allows remote authenticated users with write access to the repository to read unauthorized parts of the repository via the svn copy command. Impact: access to po...

DEBIAN-CVE-2004-1438

The modauthzsvn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command...

linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes

linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes. Shellcode exploit for linx86 platform / Linux/x86 /bin/cp /bin/sh /tmp/katy ; chmod 4555 /tmp/sh using fork / include char shellcode = "\xeb\x5e\x5f\x31\xc0\x88\x47\x07\x88\x47\x0f\x88\x47\x19\x89\x7f"...

ArGoSoft FTP Server 1.0/1.2/1.4 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/9770/info ArGoSoft has released version 1.4.1.6 of their FTP Server to address multiple unspecified security vulnerabilities. These issues include three buffer overruns when handling overly long FTP SITE ZIP and SITE COPY commands, a file enumeration issu...

UoW IMAPd Server 10.23412.264 - Remote Buffer Overflow

UoW IMAPd Server 10.23412.264 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible t...

another WU imapd buffer overflow

Hi, While doing code security audit, I discovered another buffer overflow in imapd. This time security flaw exist in standard rfc 1064 COPY command: OK mail IMAP4rev1 v12.264 server ready login siva9 secret OK LOGIN completed select inbox 2 EXISTS 0 RECENT OK UIDVALIDITY 956162550 UID validity...