Code injection

Simple Linux Utility for Resource Management SLURM 1.2 and 1.3 before 1.3.14 does not properly set supplementary groups before invoking 1 sbcast from the slurmd daemon or 2 strigger from the slurmctld daemon, which might allow local SLURM users to modify files and gain privileges...

httpdx <= 0.8 FTP Server Delete/Get/Create Directories/Files Exploit

Exploit for windows platform in category remote exploits ==================================================================== httpdx DELE ../../boot.ini You can get file boot.ini = RETR ../../boot.ini You can creat Directory = MKD ../../poc You can delet Directory = RMD ../../WINDOWS Author:...

Directory traversal vulnerability in multiple Cisco Systems products

Overview Multiple products provided by Cisco Systems contain a directory traversal vulnerablility. Multiple Cisco Systems products are vulnerable to directory traversal due to an issue in CiscoWorks Common Services. Jun Okada of NTT DATA SECURITY CORPORATION reported this vulnerability to IPA...

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

Design/Logic Flaw

The NFS server in Sun Solaris 10, and OpenSolaris before snv111, does not properly implement the AUTHNONE aka sec=none security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a...

Design/Logic Flaw

The NFS daemon aka nfsd in Sun Solaris 10 and OpenSolaris before snv106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys a...

CVE-2009-0873

The NFS daemon aka nfsd in Sun Solaris 10 and OpenSolaris before snv106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys a...

CVE-2009-0872

CVE-2009-0872 affects Sun Solaris 10 and OpenSolaris builds prior to snv_111, where the NFS server fails to properly enforce AUTH_NONE (sec=none) when used with other security modes. This allows remote attackers to bypass access controls and read/modify files by abusing a combination of AUTH_NONE...

CVE-2009-0759

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

Crlf injection

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors...

马克斯CMS2.0beta (maxcms)管理员认证绕过漏洞

maxcms后台有自动升级功能，ajax的那个注射被修补了，但是这个漏洞还是没有修补。在上一贴有同学问是否能绕过认证，答案是肯定的，但是前提是要知道后台目录地址 Sub checkPower dim loginValidate,rsObj : loginValidate = "maxcms2.0" err.clear on error resume next set rsObj=conn.db"select mrandom,mlevel from premanager where musername='"&rCookie"musername"&"'","execute"...

Antivirus software can Chennai I what network God steal feature code to modify the combat-vulnerability warning-the black bar safety net

Article author: icyfoxlovelace/ice Fox prodigal sonEST Information source: evil octal Note: this article was originally published in hackers Defense of Network thief deserves is a professional-grade remote file access tool, its operation is simple, the function“designed and refined”, but as the...

linux/x86 append rsa key to /root/.ssh/authorized_keys2 295 bytes

Exploit for linux/x86 platform in category shellcode ================================================================= linux/x86 append rsa key to /root/.ssh/authorizedkeys2 295 bytes ================================================================= / linux/x86 shellcode to append rsa key to...

Adobe AIR < 1.5 JavaScript Code Execution Vulnerability

Adobe AIR is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-5076

CVE-2008-5076 affects htop where non-printable characters in process names were not sanitized, enabling local users to influence terminal output (hide processes, modify files via crafted process name). Connected advisories show distribution patches introducing non-printable character filtering (e...

CVE-2008-4580

fencemanual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fencemanual.fifo temporary file...

CVE-2008-4343

The Chilkat XML ChilkatUtil.CkData.1 ActiveX control ChilkatUtil.dll 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the 1 SaveToFile, 2 SaveToTempFile, or 3 AppendBinary method. NOTE: this issue might only be exploitable in...

CVE-2008-3789

CVE-2008-3789 (Samba 3.2.0): The vulnerability arises from weak permissions (0666) on the group_mapping.tdb and group_mapping.ldb files, enabling local users to modify Unix group memberships. Concrete details in connected docs confirm the affected component/files and the local-privilege consequen...

Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit

No description provided by source. / $Id: raptorchown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorchown.c - syschown missing DAC controls on Linux Copyright c 2004 Marco Ivaldi [email protected] Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of file...