CVE-2007-0180

Stack-based buffer overflow in EF Commander 5.75 allows user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories, which produces a large filename that triggers the overflow...

Directory traversal

Directory traversal vulnerability in the GeoIPupdatedatabasegeneral function in libGeoIP/GeoIPUpdate.c in GeoIP 1.4.0 allows remote malicious update servers possibly only update.maxmind.com to overwrite arbitrary files via a .. dot dot in the database filename, which is returned by a request to...

DEBIAN-CVE-2007-0159

Directory traversal vulnerability in the GeoIPupdatedatabasegeneral function in libGeoIP/GeoIPUpdate.c in GeoIP 1.4.0 allows remote malicious update servers possibly only update.maxmind.com to overwrite arbitrary files via a .. dot dot in the database filename, which is returned by a request to...

CVE-2006-6912

SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter...

Stack overflow

Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via a long filename in a LST file...

CVE-2006-6912

SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter...

CVE-2006-6725

Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers to read arbitrary files via a .. dot dot in the filename parameter to 1 lib/htm2php.php and 2 sitetools/htm2php.php. NOTE: The provenance of this information is unknown; the details are obtained...

CVE-2006-6678

The edittextarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename...

CVE-2006-6678

The edittextarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename...

CVE-2006-6678

The edittextarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename...

CVE-2006-6329

index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter...

AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl -w acaroatjervus.it http://www.securityfocus.com/bid/21320 [email protected] is credited with the discovery of this vulnerability use IO::Socket; if!$ARGV1 print "Uso: atftp-19.pl victim port\n\n"; exit; $victim = IO::Socket::INET-newProto='udp',...

CVE-2006-6255

Direct static code injection vulnerability in util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension in the filename parameter and code in the moreinfo...

AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ============================================================= AT-TFTP \n\n"; exit; $victim = IO::Socket::INET-newProto='udp', PeerAddr=$ARGV0, PeerPort=$ARGV1 or die "Cannot connect to $ARGV0 sulla porta $ARGV1"; $pad = "\x90"x63; win32exec...

WinRAR buffer overflow

Buffer overflow on oversized filename in 7ZIP archive...

CVE-2006-6184

Multiple stack-based buffer overflows in Allied Telesyn TFTP Server AT-TFTP 1.9, and possibly earlier, allow remote attackers to cause a denial of service crash or execute arbitrary code via a long filename in a 1 GET or 2 PUT command...

Moderate squirrelmail security update

1.4.8-2.1 - remove banners 1.4.8-2 - more Japanese filename fixes 195639 1.4.8-1 - 1.4.8 release with CVE-2006-4019 and upstream bug fixes 1.4.7-5 - More JP translation updates 194598 1.4.7-4 - Fix fatal typo in configlocal.php 198306 1.4.7-2 - Move sqspellconfig.php to /etc and mark it...

15061124.txt

!/usr/bin/perl INFORMATIONS ============ Affected.scr..: Cahier de texte V2.0 Poc.ID........: 15061124 Type..........: Predictable backup filename, Source disclosure Risk.level....: High Conditions....: registerglobals = on Src.download..: www.etab.ac-caen.fr/bsauveur/cahierdetexte/ Poc.link........

at-tftp19.txt

TFTP Server AT-TFTP Server v 1.9 Buffer Overflow Vulnerability Long filename ------------------------------------------------------------------ SUMMARY: AT-TFTP Server is a Freeware TFTP server for Windows 9x/NT/XP. http://www.alliedtelesyn.co.uk/en-gb/support/downloads/tools.asp It provides an...

AT-TFTP Buffer Overflow (Long filename) Vulnerability Exploit

No description provided by source. !/usr/bin/python Buffer Overflow Long filename Vulnerability Exploit This is just a DoS exploiting code Tested on Windows xp SP2 Requires python and impacket Coded by Liu Qixu Of NCNIPC import socket import sys host = '192.168.1.11' port = 69 try: s =...