Total Commander FTP Client Traversal Arbitrary File Overwrite

The version of Total Commander installed on the remote host fails to sanitize filenames of directory traversal sequences when downloading files via FTP. If an attacker can trick a user on the affected system into visiting a malicious FTP server, he can leverage this issue to write to arbitrary...

CVE-2008-7168

CVE-2008-7168 concerns the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12). The vulnerability is described as an insecure method vulnerability in which an attacker can force the download and overwrite of arbitrary files by supplying crafted arguments to the Update method. The entry notes...

VulnCheck KEV: CVE-2008-7168

Insecure method vulnerability in the UUSee UUUpgrade ActiveX control UUUpgrade.ocx 3.0.2.12 allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009...

Soritong MP3 Plaer 1.0 Buffer Overflow

!/usr/bin/perl by hack4love [email protected] Soritong MP3 Player 1.0 .m3u//UI.txt Universal Local BOF SEH Original exploit:::http://www.milw0rm.com/exploits/8624 by Stack m3u file my $bof="\x41" x 260; my $nsh="\xEB\x06\x90\x90"; my $seh="\x47\x30\x01\x10";Player.dll my $nop="\x90" x 2000; m...

SmartVmd Active-X 1.3 File Overwrite

===================================================================== SmartVmd ActiveX 1.3 ActiveXLoadMaskFromFile file overwrite Exploit ===================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /...

Code injection

The Scanner File Utility aka listener in Kyocera Mita KM 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109...

CVE-2008-7111

The Scanner File Utility (aka listener) in Kyocera Mita KM 3.3.0.1 is vulnerable to directory traversal via a .. sequence in requests, allowing remote attackers to upload files to arbitrary locations. CVE-2008-7110 (and related CVEs) describe this behavior enabling arbitrary file write by crafted...

Design/Logic Flaw

Insecure method vulnerability in the Chilkat Socket ActiveX control ChilkatSocket.ChilkatSocket.1 in ChilkatSocket.dll 2.3.1.1 allows remote attackers to overwrite arbitrary files via the SaveLastError method. NOTE: this might be related to CVE-2008-1647...

CVE-2008-6959

Insecure method vulnerability in the Chilkat Socket ActiveX control ChilkatSocket.ChilkatSocket.1 in ChilkatSocket.dll 2.3.1.1 allows remote attackers to overwrite arbitrary files via the SaveLastError method. NOTE: this might be related to CVE-2008-1647...

CVE-2008-6935

Argument injection vulnerability in Exodus 0.10 allows remote attackers to inject arbitrary command line arguments, overwrite arbitrary files, and cause a denial of service via encoded spaces in an im:// URI...

IBM AIX libc MALLOCDEBUG File Overwrite

!/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix + Tested on : IBM AIX + Greetz : Mad-Hatter, Atomiku, RTN,...

Directory traversal

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

CVE-2009-2658

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

CVE-2009-2658

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request...

IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability

No description provided by source. !/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix [email protected] + Tested on...

IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability

Exploit for aix platform in category local exploits ========================================================= IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability ========================================================= !/bin/bash + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability +...

IBM AIX 5.3 - libc MALLOCDEBUG File Overwrite

IBM AIX 5.3 - libc MALLOCDEBUG File Overwrite !/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix + Tested on : IBM...

IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite

!/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix + Tested on : IBM AIX + Greetz : Mad-Hatter, Atomiku, RTN,...

Critical: Red Hat Security Advisory: dhcp security update

Updated dhcp packages that fix two security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an...

CVE-2009-2314

Race condition in the Sun Lightweight Availability Collection Tool 3.0 on Solaris 7 through 10 allows local users to overwrite arbitrary files via unspecified vectors...