7009 matches found
CVE-2005-4784
Multiple buffer overflows in the POSIX readdirr function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via 1 a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with...
WebWiz Products (1.0 <= 3.06) Login Bypass SQL Injection Exploits
No description provided by source. !-- Vulnerable products : webwiz site news access2000 : vesion 3.06 and prior versions webwiz journal access2000 : version 1.0 webwiz weekly poll access2000 : version 3.06 and prior versions database login access2000 : version 1.71 and prior versions webwiz site...
SA027.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityAlert SA027 Author: sp3x GPG: http://securityreason.com/key/sp3x.gpg Date: 15. November 2005 Affected software : =================== PHPNuke version : 7.8 with all security fixes/patches Not Affected software : ======================= PHPNuke...
wizzSQL.txt
Hello,, Multible Sql injections in Wizz Forum ,, Discovered by : HACKERS PAL Thanks For :: DeviL-00 - AbducterAbducterMinds - almaster -=-=-=-=-=-=-=-=-=-=-=-=-=-=- file : ForumAuthDetails.php...
linux/x86 if(read(fd,buf,512)<=2) _exit(1) else buf(); 29 bytes
Exploit for linux/x86 platform in category shellcode =============================================================== linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large...
linux/x86 _exit1; 7 bytes
linux/x86 exit1; 7 bytes. Shellcode exploit for linx86 platform / exit-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular remote exploits. I use it when I need a process to exit cleanly. / char hellcode = / exit1; linux/x86 by core / // 7 bytes exit1 ... 'cause...
linux/x86 write0,"Hello core!\n",12; with optional 7 byte exit 36 bytes
linux/x86 write0,"Hello core!",12; w/optional 7 byte exit 36 bytes. Shellcode exploit for linx86 platform / writehello-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular remote exploits. I use it to see if my dup2loop worked. If you don't get "Hello core!\n" back...
curl/wget
New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current, and new wget packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current. These address a buffer overflow in NTLM handling which may present a security problem, though no public exploits are...
Widget Property 1.1.19 - 'Property.php' SQL Injection
source: https://www.securityfocus.com/bid/15701/info Widget Press Widget Property is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'property.php' script before using it in an SQL query. This vulnerability...
Hosting Controller vulnerable ASP pages
The Hosting Controller application resides on this server. This version is vulnerable to multiple remote exploits. At attacker may make use of this vulnerability and use it to gain access to confidential data and/or escalate their privileges on the Web server. See...
IMP Content-Type XSS Vulnerability
The remote server is running at least one instance of IMP whose version number is between 2.0 and 3.2.3 inclusive. Such versions are vulnerable to a cross-scripting attack whereby an attacker may be able to cause a victim to unknowingly run arbitrary Javascript code simply by reading a MIME messa...
Hosting Controller vulnerable ASP pages
The Hosting Controller application resides on this server. This version is vulnerable to multiple remote exploits. SPDX-FileCopyrightText: 2003 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2005-3389
The parsestr function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the registerglobals directive via inputs that cause a request to be terminated due to the memorylimit setting, which causes PHP to set an internal flag that...
[Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo()
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP Cross Site Scripting XSS Vulnerability in phpinfo Release Date: 2005/10/31 Last Modified: 2005/10/31 Author: Stefan Esser [email protected] Application: PHP4 = 4.4.0...
Debian DSA-865-1 : hylafax - insecure temporary files
Javier Fernandez-Sanguino Pena discovered that several scripts of the hylafax suite, a flexible client/server fax software, create temporary files and directories in an insecure fashion, leaving them vulnerable to symlink exploits. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 865-1] New hylafax packages fix insecure temporary files
-------------------------------------------------------------------------- Debian Security Advisory DSA 865-1 [email protected] http://www.debian.org/security/ Martin Schulze October 13th, 2005 http://www.debian.org/security/faq -...
MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589) (uncredentialed check)
The remote host contains a version of the Client Service for NetWare that is vulnerable to a buffer overflow. An attacker may exploit this flaw by connecting to the NetWare RPC service possibly over IP and triggering the overflow by sending a malformed RPC request. C Tenable Network Security, Inc...
Simple PHP Blog 0.4.0 - Multiple Remote s
Simple PHP Blog 0.4.0 - Multiple Remote s !/usr/bin/perl -w =============================================================================== Title: sphpblogvulns.pl Written by: Kenneth F. Belva, CISSP Franklin Technologies Unlimited, Inc. http://www.ftusecurity.com Date: August 25, 2005 Version: 0...
Simple PHP Blog <= 0.4.0 Multiple Remote Exploits
No description provided by source. !/usr/bin/perl -w =============================================================================== Title: sphpblogvulns.pl Written by: Kenneth F. Belva, CISSP Franklin Technologies Unlimited, Inc. http://www.ftusecurity.com Date: August 25, 2005 Version: 0.1...
MS Windows IIS 5.0 (500-100.asp) Server Name Spoof Exploit
No description provided by source. / ==================================================================================== || || || || || || || || || || ==================================================================================== Name: IIS 5.x and IIS 6.0 Server Name Spoof PoC File:...