7208 matches found
DEBIAN-CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . dot characters adjacent to 1 users and 2 users/members strings, which are removed by blacklisting functions that filter the...
PHP 5.2 - FOpen Safe_mode Restriction Bypass
PHP 5.2 - FOpen Safemode Restriction Bypass source: https://www.securityfocus.com/bid/22261/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations; other attacks may also be possible. This...
USN-412-1: GeoIP vulnerability
Dean Gaudet discovered that the GeoIP update tool did not validate the filename responses from the update server. A malicious server, or machine-in-the-middle system posing as a server, could write to arbitrary files with user privileges...
The Apache with the latest security vulnerabilities and use-vulnerability and early warning-the black bar safety net
Sources of information: the Red wolf security group www.wolfexp.net,www.crst.com.cn) The Apache with the latest security vulnerabilities with the use of Bug Find By Cooldiyer @ 2006/12/13 1 5:0 5 Description: Any to. php at the beginning of the file name, Apache as the php file parsing Such as"...
Oracle <= 9i / 10g (read/write/execute) Exploitation Suite
No description provided by source. -- -- $Id: raptororaexec.sql,v 1.2 2006/11/23 23:40:16 raptor Exp $ -- -- raptororaexec.sql - java exploitation suite for oracle -- Copyright c 2006 Marco Ivaldi [email protected] -- -- This is an exploitation suite for Oracle written in Java. Use it to --...
Oracle 9i/10g - 'read/write/execute' ation Suite
-- -- $Id: raptororaexec.sql,v 1.2 2006/11/23 23:40:16 raptor Exp $ -- -- raptororaexec.sql - java exploitation suite for oracle -- Copyright c 2006 Marco Ivaldi -- -- This is an exploitation suite for Oracle written in Java. Use it to -- read/write files and execute OS commands with the privileg...
CVE-2006-2958
FilZip 3.05 is affected by a directory traversal vulnerability that lets remote attackers write arbitrary files by exploiting a .. sequence in archive members with extensions .rar, .tar, .jar, or .gz. The impact is described as potential partial integrity impact and no confidentiality or availabi...
CVE-2006-2006
Multiple directory traversal vulnerabilities in IZArc Archiver 3.5 beta 3 allow remote attackers to write arbitrary files via a ..\ dot dot backslash in a 1 .rar, 2 .tar, 3 .zip, 4 .jar, or 5 .gz archive. NOTE: the provenance of this information is unknown; the details are obtained solely from...
PHP 4.x - copy() Safe_Mode Bypass
PHP 4.x - copy SafeMode Bypass source: https://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations...
SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)
No description provided by source. / gcc -o sugar sugar.c Usage ./sugar host /path/ site cmd Sugar Suite Open Source = 4.0 beta remote code execution c code coded by: pointslash v. credits: rgod, unitedasia host - hostname ex: www.sitename.com path - path ex: /sugar/ or just / site - remote...
CVE-2005-3124
CVE-2005-3124 affects the syslogtocern script in Acme thttpd prior to 2.23, enabling local attackers to overwrite arbitrary files via a symlink attack on a temporary file. Public advisories (Debian DSA-883-1, SUSE, Ubuntu, OpenVAS/Nessus entries) describe insecure temporary-file handling in thttp...
Kcms Profile Server
The Kodak Color Management System service is running. The KCMS service on Solaris 2.5 could allow a local user to write to arbitrary files and gain root access. Patches: 107337-02 SunOS 5.7 has been released and the following should be out soon: 111400-01 SunOS 5.8, 111401-01 SunOS 5.8x86...
ODBC Tools Multiple Vulnerabilities
Many Web servers ship with default CGI scripts which allow for ODBC access and configuration. Some of these test ODBC tools are present on the remote web server SPDX-FileCopyrightText: 2002 David Kyger Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
MDaemon Content Filter Traversal Arbitrary File Write
According to its banner, the version of MDaemon on the remote host is prone to a directory traversal flaw that can be exploited to overwrite files outside the application's quarantine directory provided MDaemon's attachment quarantine feature is enabled. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2002-1869
Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file can be written to, which allows attackers to prevent events from being recorded by opening the log file using an application such as Microsoft's Event Viewer...
CVE-2002-1956
ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...
Low: Red Hat Security Advisory: openssh security update
Updated openssh packages that fix a potential security vulnerability and various other bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol...
CVE-2005-0471
CVE-2005-0471 affects Sun Java JRE 1.1.x through 1.4.x. The vulnerability arises when the Java runtime writes temporary files with long filenames that become predictable on file systems using 8.3 short names, enabling remote attackers to write arbitrary files to known locations and potentially ex...
GlobalScape - CuteFTP macros .mcr Local File Write
GlobalScape - CuteFTP macros .mcr Local File Write Application: GlobalSCAPE CuteFTP V6.0 http://www.globalscape.com/ Risk: Medium / e-mail: [email protected] web: http://www.prohack.net / --The bug: Atacker can create a crafted CuteFTP macro .mcr, and when its loaded in the target computer, it c...
GlobalScape - CuteFTP macros '.mcr' Local File Write
Application: GlobalSCAPE CuteFTP V6.0 http://www.globalscape.com/ Risk: Medium / e-mail: [email protected] web: http://www.prohack.net / --The bug: Atacker can create a crafted CuteFTP macro .mcr, and when its loaded in the target computer, it can download the Arbitrary file into the target user...