Unreal Commander 0.92 - ZIP / RAR Archive Handling Traversal Arbitrary File Overwrite

No description provided by source. source: http://www.securityfocus.com/bid/25419/info Unreal Commander is prone to multiple remote vulnerabilities when handling malformed ZIP and RAR archives. These vulnerabilities include a directory-traversal vulnerability, an information-disclosure...

wu-ftpd 2.4.2/2.5 .0/2.6 .0/2.6.1/2.6.2 - FTP Conversion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2240/info Some FTP servers provide a conversion service that pipes a requested file through a program, for example a decompression utility such as tar, before it is passed to the remote user. Under some configurations whe...

MS IIS 3.0/4.0/5.0 PWS Escaped Characters Decoding Command Execution (1)

No description provided by source. source: http://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before...

MS IIS 3.0/4.0/5.0 PWS Escaped Characters Decoding Command Execution (3)

No description provided by source. source: http://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before...

MyServer 0.8.9 Filename Parse Error Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24571/info MyServer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. This issue affects MyServer 0.8.9; other versio...

MS IIS 3.0/4.0/5.0 PWS Escaped Characters Decoding Command Execution (4)

No description provided by source. source: http://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before...

TFTPDWIN 0.4.2 - Long Filename Buffer Overflow

No description provided by source. $Id: tftpdwinlongfilename.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...

Winace 2.2 Malformed Filename Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33049/info Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue, attackers may also be able ...

Allied Telesyn TFTP Server 1.9 - Long Filename Overflow

No description provided by source. $Id: attftplongfilename.rb 11882 2011-03-05 21:00:57Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Exim Buffer 1.6.2/1.6.51 Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1859/info A potential local root yielding buffer overflow vulnerability exists in Exim mail client version 1.62. A buffer used in processing filenames of message attachments can be overflowed by a maliciously-formed...

Gedit 2.x Filename Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13699/info gEdit is prone to a format-string vulnerability. Exploitation may occur when the program is invoked with a filename that includes malicious format specifiers. Attackers could exploit this issue to corrupt...

Coppermine Photo Gallery 1.0 PHP Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7300/info Coppermine Photo Gallery has been reported prone to PHP code injection attacks. Due to a lack of sufficient sanitization performed on user-supplied filenames that are uploaded into the Photo Gallery, an attacker...

25 bytes execve("/bin/sh") shellcode

No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 25 bytes execve/bin/sh shellcode Platform: Linux x86 execve/bin/sh, 0, 0; gcc -Wl,-z,execstack filename.c shellcode:...

robin twombly a1 http server 1.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2436/info It is possible for a remote user to gain read access to directories and files outside the web root. Requesting a specially crafted URL composed of '../' sequences will disclose an arbitrary directory, appending...

Mail Machine <= 3.989 Local File Inclusion Exploit

No description provided by source. !/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected]...

BlazeVideo HDTV Player Pro 6.6 - Filename Handling Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

PeaZIP <= 2.6.1 Compressed Filename Command Injection Exploit

No description provided by source. ?php / PeaZIP = 2.6.1 commpressed filename command injection poc exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ software site: http://peazip.sourceforge.net/ tested against: peazip 2.5.1, 2.6.1 for Windows a pipe vulnerabilit...

Tellurian TftpdNT 1.8/2.0 Long Filename Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8505/info A vulnerability has been discovered in Tellurian TftpdNT that could allow a remote attacker to execute arbitrary code. The problem likely occurs due to insufficient bounds checking when handling user-supplied...

Files Desk Pro v1.4 iOS - Local File Inclusion

No description provided by source. Document Title: =============== Files Desk Pro v1.4 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1266 Release Date: ============= 2014-05-16 Vulnerability Laboratory ID VL-ID:...

Netgear DGN2200B pppoe.cgi Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...