SOL4809 - tcpdump vulnerabilities - CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280

F5 Networks Product Development tracked this issue as CR48152 and CR48153 and it was fixed in BIG-IP and 3-DNS version 4.5.13. This issue still exists in the BIG-IP and 3-DNS 4.6 software branch...

RHEL 4 : krb5 (RHSA-2005:567)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:567 advisory. Kerberos is a networked authentication system that uses a trusted third party a KDC to authenticate clients and servers to each other. A...

IMail.pl

GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 = "/dl.php?a=0.1&OURFILE=ff24404eeac528b"...

CVE-2003-1156

Java Runtime Environment JRE and Software Development Kit SDK 1.4.2 through 1.4.202 allows local users to overwrite arbitrary files via a symlink attack on 1 unpack.log, as created by the unpack program, or 2 .mailcap1 and .mime.types1, as created by the RPM program...

I-Mall Commerce - i-mall.cgi Remote Command Execution

I-Mall Commerce - i-mall.cgi Remote Command Execution I-Mall explo Spawn bash style Shell with webserver uid Greetz z, spax, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my $shiz; my @results; my $probe; my @U; $U1...

msjet40.txt

See-security Technologies ltd. http://www.see-security.com Microsoft Jet msjet40.dll Reverse Shell Exploit coded by Tal zeltzer Based on the exploit written by S.Pearson import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77F51B93 Address of "jmp edx...

postnukeSQL0760.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Critical SQL Injection 0.760-RC2=x cXIb8O3.1 Author: cXIb8O3Maksymilian Arciemowicz Date: 15.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.760-RC2=x PostNuke is an open source, open developement...

postnukeSQL0760-2.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

[SECURITYREASON.COM] PostNuke SQL Injection 0.760-RC2=>x cXIb8O3.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke SQL Injection 0.760-RC2=x cXIb8O3.3 Author: cXIb8O3Maksymilian Arciemowicz Date: 20.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...

Microsoft MSN Messenger 6.2.0137 - .png Remote Buffer Overflow

Microsoft MSN Messenger 6.2.0137 - .png Remote Buffer Overflow // source: https://www.securityfocus.com/bid/12506/info A remotely exploitable buffer overflow exists in MSN Messenger and Windows Messenger. This vulnerability is related to parsing of Portable Network Graphics PNG image header data...

CVE-2005-0223

The Software Development Kit SDK and Run Time Environment RTE 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service Java Virtual Machine hang via object deserialization...

CVE-2004-2540

readObject in 1 Java Runtime Environment JRE and 2 Software Development Kit SDK 1.4.0 through 1.4.205 allows remote attackers to cause a denial of service JVM unresponsive via crafted serialized data...

GFHost.pl

GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 =...

PT-2004-1058 · Mit +1 · Krb5-Server +5

Name of the Vulnerable Software and Affected Versions: krb5-devel versions 1.2.2 krb5-server versions 1.2.2 krb5-libs versions 1.2.2 krb5-workstation versions 1.2.2 MIT Kerberos 5 krb5 versions prior to 1.3.4 Description: The issue concerns multiple vulnerabilities in the krb5 package of Red Hat...

Rlpr 2.04 - 'msg()' Remote Format String

by jaguar !/usr/bin/python import os, sys, socket, struct, time, telnetlib class rlprd: fd = None pad = 2 00000000 31DB xor ebx,ebx 00000002 F7E3 mul ebx 00000004 B003 mov al,0x3 00000006 80C304 add bl,0x4 00000009 89E1 mov ecx,esp 0000000B 4A dec edx 0000000C CC int3 0000000D CD80 int 0x80...

IBM acpRunner Activex Dangerous Methods Vulnerability

IBM acpRunner Activex Dangerous Methods Vulnerability Release Date: June 15, 2004 Date Reported: February 20, 2004 Patch Development Time In Days: 116 Severity: High Remote Code Execution Vendor: IBM Systems Affected: acpRunner Activex Version 1.2.5.0 Overview: eEye Digital Security has discovere...

[Squid 2004-OSC2Nuke-001] Inadequate Security Checking in OSC2Nuke

=========================================================================== =========================================================================== Advisory: 2004-OSC2Nuke-001 Affected Software: OSC2Nuke 7x version 1 OSCNukeLite V3.1 and earlier Main Developer: Dreamlite Development Team Modu...

CVE-2003-1033

The 1 instdbmsrv and 2 instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious...

CVE-2003-1033

The CVE affects SAP DB Development Tools 7.x (instances of instdbmsrv and instlserver). The root cause is that these programs trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver binary. This trust enables local users to escalate privile...

Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6b) Gecko/20040101

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200402-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org - - - - - - - - - - - - - - - ...