XMPlay 3.3.0.4 - '.M3U' Filename Local Buffer Overflow

/ =================================================================== 0-day XMPlay 3.3.0.4 .M3U Filename Buffer Overflow Exploit =================================================================== XMPlay 3.3.0.4 and lower experiance a stack-based buffer overflow when loading malformed M3U files...

TFTPD32 TFTP server buffer overflow

Buffer overflow on oversized filename...

CVE-2003-1308

The CVE-2003-1308 issue is a CRLF injection vulnerability in fvwm-menu-directory, affecting fvwm versions 2.5.x prior to 2.5.10 and 2.4.x prior to 2.4.18. Local users can execute arbitrary commands by crafting a filename containing carriage returns. Variants and follow-on entries reference the sa...

CVE-2003-1308

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename...

CVE-2006-5791

Multiple cross-site scripting XSS vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to inject arbitrary HTML or web script via 1 the filename for downloading, which is not quoted in an error message by the sendfiledirect function, and 2 the Type or Category values in a N...

Utility for generating HTTP/1.x requests for shellcodes

No description provided by source. / genhttpreq.c, utility for generating HTTP/1.x requests for shellcodes SIZES: HTTP/1.0 header request size - 18 bytes+ HTTP/1.1 header request size - 26 bytes+ NOTE: The length of the selected HTTP header is stored at EDX register. Thus the generated MOV...

Utility for generating HTTP/1.x requests for shellcodes

Utility for generating HTTP/1.x requests for shellcodes. Shellcode exploit for generator platform / genhttpreq.c, utility for generating HTTP/1.x requests for shellcodes SIZES: HTTP/1.0 header request size - 18 bytes+ HTTP/1.1 header request size - 26 bytes+ NOTE: The length of the selected HTTP...

Debian DSA-1046-1 : mozilla - several vulnerabilities

Several security related problems have been discovered in Mozilla. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-2353 The 'run-mozilla.sh' script allows local users to create or overwrite arbitrary files when debugging is enabled via a...

Debian DSA-960-3 : libmail-audit-perl - insecure temporary file creation

The former update caused temporary files to be created in the current working directory due to a wrong function argument. This update will create temporary files in the users home directory if HOME is set or in the common temporary directory otherwise, usually /tmp. For completeness below is a co...

Debian DSA-918-1 : osh - programming error

Several security related problems have been discovered in osh, the operator's shell for executing defined programs in a privileged environment. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3346 Charles Stevenson discovered a bug in the...

Sun Solaris NSPR library privilege escalation

Environment variable is used for log filename...

local to local copy uses shell expansion twice

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

Advaced-Clan-Script <= 3.4 (mcf.php) Remote File Include Vulnerability

No description provided by source. .. | /| | \ / // | | | \ / // | | Y \ //\ \ | || / / / / discovered by xdh Critical Level: Dangerous Class: Remote File Inclusion Venedor site: http://avc.x.philipwette.de/ Version: AdVancedClanscript 3.4 VUln: Filename: mcf.php Line: 70:include"$content";...

Advaced-Clan-Script 3.4 - 'mcf.php' Remote File Inclusion

.. | /| | \ / // | | | \ / // | | Y \ //\ \ | || / / / / discovered by xdh Critical Level: Dangerous Class: Remote File Inclusion Venedor site: http://avc.x.philipwette.de/ Version: AdVancedClanscript 3.4 VUln: Filename: mcf.php Line: 70:include"$content"; usage:...

CVE-2006-4951

Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java JSP code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename...

TFTPDWIN TFTP server buffer overflow

Buffer overflow on oversized requested resource filename...

Limbo CMS 1.0.4.2L - com_contact Remote Code Execution

Limbo CMS 1.0.4.2L - comcontact Remote Code Execution !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L "comcontact" remote commands execution exploit by rgod [email protected] site:...

CVE-2006-4627

System Information ActiveX control msinfo.dll, when accessed via Microsoft Internet Explorer, allows remote attackers to cause a denial of service crash via a SaveFile function with a long 1 computer and possibly 2 filename and 3 category argument...

PowerZip <= 7.06.3895 Long Filename Handling Buffer Overflow Exploit

No description provided by source. / PowerZip 7.06 Exploit by bratax http://www.bratax.be/ Just a quick one as I was able to reuse most of my zipcentral eploit code.. Greetz to everyone I like...special greetz to mobbie and DT as they were sad I didn't mention them the previous time :p Some...

PowerZip 7.06.38950 - Filename Handling Local Buffer Overflow

PowerZip 7.06.38950 - Filename Handling Local Buffer Overflow / PowerZip 7.06 Exploit by bratax http://www.bratax.be/ Just a quick one as I was able to reuse most of my zipcentral eploit code.. Greetz to everyone I like...special greetz to mobbie and DT as they were sad I didn't mention them the...