Steamcast Buffer Overflow

!/usr/bin/python Usage : steamcast.py victimeip Bug : SteamcastHTTP Request Remote Buffer Overflow Exploit SEH 2 Founder : Luigi Auriemma, thx to overflow3r for informing me about the vuln. Tested on : Xp sp2 fr Exploited by : His0k4 Greetings : All friends & muslims HaCkErs...

PHP cURL safe_mode和open_basedir绕过安全限制漏洞

BUGTRAQ ID: 34475 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP支持libcurl库，用户可以使用各种类型的协议连接到不同类型的服务器。curl函数在检查safemode和openbasedir限制时存在漏洞，可能允许用户绕过安全限制执行非授权操作。例如对于以下代码： curlsetopt$ch, CURLOPTURL, "file:file:////etc/passwd"; curl首先对以下内容检查safemode和openbasedir： "file:////etc/passwd" 接下来读取：...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Integer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)

Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to cause a denial of service probably resource consumption for a JAX-WS service endpoint via a connection without...

ECShop shop system<=V2. 6. 2 the background to get webshell-vulnerability warning-the black bar safety net

ECSHOP is an open source free online store system. By the professional development team upgrade and maintenance, to provide you with timely and efficient technical support, you can also according to their own business characteristics of ECSHOP be customized to increase their own store features...

Q&A: Dino Dai Zovi

Dino Dai Zovi has gained a reputation as one of the top Apple security researchers in the industry and is the author of a new book on Apple security, “The Mac Hacker’s Handbook.” In this interview, he talks about the state of Apple security, why the company hasn’t implemented better memory...

RedHat Security Advisory RHSA-2009:0394

The remote host is missing updates announced in advisory RHSA-2009:0394. The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and the Sun Java 5 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 5 Runtime Environment and the Sun Java 5 Software...

RedHat Security Advisory RHSA-2009:0369

The remote host is missing updates announced in advisory RHSA-2009:0369. The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software...

RedHat Security Advisory RHSA-2009:0394

The remote host is missing updates announced in advisory RHSA-2009:0394. The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and the Sun Java 5 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 5 Runtime Environment and the Sun Java 5 Software...

Mandrake Security Advisory MDVSA-2009:077 (pam)

The remote host is missing an update to pam announced via advisory MDVSA-2009:077. OpenVAS Vulnerability Test $Id: mdksa2009077.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:077 pam Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Buffer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Integer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Buffer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK: Type1 font processing buffer overflow vulnerability

Integer signedness error in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and...

OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

OpenJDK Pack200 Buffer overflow vulnerability (6792554)

Integer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...

OpenJDK GIF processing buffer overflow vulnerability (6804998)

Buffer overflow in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998...

Buffer overflow

Buffer overflow in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998...

CVE-2009-1100

Multiple unspecified vulnerabilities in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service disk consumption via vectors related to temporary font files and 1 "limits on Font...

CVE-2009-1099

Integer signedness error in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and...