527 matches found
LinPopUp 1.2 - Remote Buffer Overflow
LinPopUp 1.2 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/11997/info LinPopUp is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive...
zyxelreset.txt
Hi, I found a bug in ZyXEL Prestige 650 HW Routers with Http Remote Administration active. Exploting this bug, the attacker can reset the router configurantion. The "/rpFWUpload.html" is not password protected. To exploit this bug you only need write that: http://Router ip/rpFWUpload.html and cli...
Prozilla 1.3.6 - Remote Stack Overflow
/ 20/10/2004 This is a private work of Serkan Akpolat [email protected] for the unpublished prozilla-1.3.6 format string/buffer overflow vulnerability , though this version only exploits the stack overflow. Tested against current gentoo/slack/debian/suse with success. :P Client side: proz...
OpenFTPd 0.30.2 - Remote Overflow
/ hoagieopenftpd.c LINUX/X86 OPENFTPD REMOTE EXLPOIT : jmp 0x804db90 ^^^^^^^^^ the first one gdb break main Breakpoint 1 at 0x804bd05 gdb r Starting program: /home/andi/openftpd/bin/msg Thread debugging using libthreaddb enabled New Thread 16384 LWP 29479 Switching to Thread 16384 LWP 29479...
Mandrake Linux Security Advisory : usermode (MDKSA-2003:031-1)
The /usr/bin/shutdown command that comes with the usermode package can be executed by local users to shutdown all running processes and drop into a root shell. This command is not really needed to shutdown a system, so it has been removed and all users are encouraged to upgrade. Please note that...
[Full-Disclosure] Buffer overflow in Whisper FTP Surfer 1.0.7
PRODUCT Whisper FTP Surfer is a freeware FTP client for Windows DETAILS A buffer overflow in version 1.0.7 latest version occours when trying to open a file with a long name from an FTP Server. For common extension as .txt FTP surfer create a temporary file and tries to open it. When closing the...
RHEL 2.1 : wu-ftpd (RHSA-2003:246)
Updated wu-ftpd packages are available that fix an off-by-one buffer overflow. The wu-ftpd package contains the Washington University FTP File Transfer Protocol server daemon. FTP is a method of transferring files between machines. An off-by-one bug has been discovered in versions of wu-ftpd up t...
rlpr <= 2.04 msg() Remote Format String Exploit
Exploit for linux platform in category remote exploits =============================================== rlpr 0,1,2 lnxstagetwo = "\x31\xc0\x89\xc3\x89\xc1\x89\xc2\xb2\x3f\x88\xd0\xb3\x04" lnxstagetwo += "\xcd\x80\x89\xd0\x41\xcd\x80\x89\xd0\x41\xcd\x80" execute /bin/sh lnxstagetwo += "\x90" 100...
Web Wiz Forums 7.x - Registration_Rules.asp Cross-Site Scripting
Web Wiz Forums 7.x - RegistrationRules.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/10555/info A vulnerability exists in the Web Wiz Forums software that may allow a remote user to launch cross-site scripting attacks. The problem is reported to exist due to improper sanitizi...
Cactusoft CactuShop 5.05.1 - SQL Injection
Cactusoft CactuShop 5.05.1 - SQL Injection source: https://www.securityfocus.com/bid/10019/info Reportedly CactuShop is prone to a remote SQL injection vulnerability. This issue is due to a failure to properly sanitize user-supplied URI input before using it to craft an SQL query. As a result of...
opera723.txt
Opera Array Allocation Managment Exploit ===================================== Dicovered by- d3thStaR !AM Greets: !AM Crew, Atomix, d3thstar, mgrd, 0x29A Crew, rootthief.com. Sources: Safari Overflow Exploit- kang Confirmed products effected- Opera 7.23 Linux, Opera 7.23 Windows =======Descriptio...
Apple Safari 1.x - Large JavaScript Array Handling Denial of Service
source: https://www.securityfocus.com/bid/9815/info Apple Safari Web Browser is reported to be prone to a security vulnerability related to handling of large JavaScript arrays with 99999999999999999999999 or 0x23000000 elements. By declaring such an array and then attempting to access it, it may ...
Squid Proxy 2.4/2.5 - NULL URL Character Unauthorized Access
source: https://www.securityfocus.com/bid/9778/info It has been reported that Squid Proxy may be prone to an unauthorized access vulnerability that may allow remote users to bypass access controls resulting in unauthorized access to attacker-specified resources. The vulnerability presents itself...
GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits =========================================================== GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit =========================================================== /================CRPT - FrenchTeam =================...
PSOProxy 0.91 Remote Buffer Overflow Exploit (Win2k/XP)
Exploit for unknown platform in category remote exploits ======================================================= PSOProxy 0.91 Remote Buffer Overflow Exploit Win2k/XP ======================================================= / Copyright ? Rosiello Security http www rosiello org ================ -==...
[ GLSA 200402-04 ] Gallery <= 1.4.1 and below remote exploit vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200402-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org - - - - - - - - - - - - - - - ...
FreznoShop 1.2.31.3 - Search Script Cross-Site Scripting
FreznoShop 1.2.31.3 - Search Script Cross-Site Scripting source: https://www.securityfocus.com/bid/9359/info FreznoShop is prone to a cross-site scripting vulnerability. Remote attackers may create malicious links to the software that include hostile HTML and script code. If such a link was...
MVDSV 0.165 b0.171 Quake Server - Download Buffer Overrun
MVDSV 0.165 b0.171 Quake Server - Download Buffer Overrun source: https://www.securityfocus.com/bid/9218/info The mvdsv Quake Server implementation is prone to a remotely exploitable buffer overrun vulnerability. This could permit execution of arbitrary code in the context of the server...
Epic 1.0.1/1.0.x - CTCP Nickname Server Message Buffer Overrun
// source: https://www.securityfocus.com/bid/8999/info A remotely exploitable buffer overrun has been reported in Epic. This issue may reportedly be exploited by a malicious server that supplies an overly long nickname in a CTCP messages, potentially allowing for execution of arbitrary code in th...
Apache cocoon 2.14/2.2 - Directory Traversal
source: https://www.securityfocus.com/bid/8883/info It has been reported that Apache Cocoon may be prone to a directory traversal vulnerability that may allow an attacker to traverse outside the server root directory by using '/./../' character sequences. The issue is caused by insufficient...