Novell NetMail NMAP STOR Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Novell NetMail. Successful exploitation requires the attacker to successfully authenticate to the affected service. The specific flaw exists in NetMail's implementation of the Network Messaging...

OpenLDAP kbind authentication buffer overflow

There is a remotely exploitable buffer overflow in the Kerberos KBIND authentication code in the OpenLDAP slapd server. The vulnerability is in the krbv4ldapauth function in servers/slapd/kerberos.c. This function processes LDAP bind requests that specify the LDAPAUTHKRBV41 authentication method...

[Full-disclosure] [Madwifi] Madwifi SIOCGIWSCAN buffer overflow // France Telecom

Name: Madwifi SIOCGIWSCAN buffer overflow Vendor: http://www.madwifi.org Release date: December, 7th 2006 CVE ID: CVE-2006-6332 Authors: Laurent BUTTI, Jerome RAZNIEWSKI, Julien TINNES 1. Description There is a buffer overflow in the madwifi Atheros driver in some functions called by SIOCSIWSCAN...

sphpblog08-rfi.txt

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM Sphpblog...

Bloo => 1.00 Remote File Include Vulnerability

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM Bloo =...

Drake CMS 0.2 Index.PHP Cross-Site Scripting Vulnerability

Drake CMS 0.2 Index.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/20998/info Drake CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issu...

LandShop 0.6.3 - 'ls.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, access or modif...

Solaris 7 (sparc) : 110532-01

The remote host is missing Sun Security Patch number 110532-01 AnswerBook 1.4.3: HTTP GET overflow allows code execution. Date this patch was last updated by Sun : Wed Nov 23 04:35:09 MST 2005 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ This...

MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit

No description provided by source. / iishack 2000 - eEye Digital Security - 2001 This affects all unpatched windows 2000 machines with the .printer isapi filter loaded. This is purely proof of concept. Quick rundown of the exploit: Eip overruns at position 260 i have 19 bytes of code to jump back...

Asterisk 1.0.12/1.2.12.1 - 'chan_skinny' Remote Heap Overflow (PoC)

!/usr/bin/perl Beyond Security Copyright Noam Rathaus The following proof of concept causes the chanskippy to crash in different locations and due to memory corruption as well as double free calls, this is based on the finding of Security-Assessment.com, and proves that the vulnerability is indee...

Asterisk <= 1.0.12 / 1.2.12.1 (chan_skinny) Remote Heap Overflow (PoC)

Exploit for multiple platform in category dos / poc ====================================================================== Asterisk The following proof of concept causes the chanskippy to crash in different locations and due to memory corruption as well as double free calls, this is based on the...

Asterisk 1.0.121.2.12.1 - chan_skinny Remote Heap Overflow (PoC)

Asterisk 1.0.121.2.12.1 - chanskinny Remote Heap Overflow PoC !/usr/bin/perl Beyond Security Copyright Noam Rathaus The following proof of concept causes the chanskippy to crash in different locations and due to memory corruption as well as double free calls, this is based on the finding of...

Solaris 10 (libnspr) Arbitrary File Creation Local Root Exploit

Exploit for solaris platform in category local exploits =============================================================== Solaris 10 libnspr Arbitrary File Creation Local Root Exploit =============================================================== !/bin/sh $Id: raptorlibnspr,v 1.1 2006/10/13 19:12:...

My-BIC 0.6.5 - &#039;Mybic_Server.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/20208/info My-BIC is prone to a remote file-include vulnerability because these applications fail to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other...

My-BIC 0.6.5 - Mybic_Server.php Remote File Inclusion

My-BIC 0.6.5 - MybicServer.php Remote File Inclusion source: https://www.securityfocus.com/bid/20208/info My-BIC is prone to a remote file-include vulnerability because these applications fail to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise...

EEYE:ALERT: MS06-042 Related Internet Explorer &#39;Crash&#39; is Exploitable

MS06-042 Related Internet Explorer 'Crash' is Exploitable Date: August 22, 2006 Severity: High Systems Affected: Windows 2000 with IE6 SP1 and MS06-042 hotfix installed Windows XP SP1 with IE6 SP1 and MS06-042 hotfix installed Overview: On August 8th Microsoft released MS06-042 which was a...

XSS phpBB 2.0.21 in administration

phpBB 2.0.21 XSS in administration //-- By Blwood [email protected] //-- http://www.blwood.net //-- Style Admin ----------- Management & Create a theme Lots of input are not properly "filtrate" like stylename, headstylesheet, bodybackground, trcolor1name all the input in simple name... We cand...

Microsoft Works - Buffer Overflows / Denial of Service &#40;DoS&#41;-Vulnerabilities

Microsoft Works - Buffer Overflows / Denial of Service DoS-Vulnerabilities ... discovered by Benjamin Tobias Franz Affected Vendor: Microsoft Affected Product: Microsoft Works Description: Microsoft Works Spreadsheet wksss.exe fails to handle specially crafted files. All supported file formats...

msie-heap.txt

// MoBB Demonstration function Demo var a = new ActiveXObject"Internet.HHCtrl.1"; var b = unescape"XXXX"; while b.length Clicking the button below may crash your browser!...

[Full-disclosure] Re: rPSA-2006-0122-1 kernel

Justin M. Forbes wrote: Description: Previous versions of the kernel package are vulnerable to two denial of service attacks. The first allows any local user to fill up file systems by causing core dumps to write to directories to which they do not have write access permissions. The second applie...