Lucene search
K

8517 matches found

seebug.org
seebug.org
added 2006/10/27 12:0 a.m.24 views

Trend Micro OfficeScan ATXCONSOLE.OCX ActiveX控件格式串处理漏洞

Trend Micro OfficeScan是一种针对整个网段的分布式杀毒软件。 Trend Micro OfficeScan企业版的管理控制台ActiveX控件ATXCONSOLE.OCX没有正确地处理格式串,返回给管理控制台的远程客户端安装名称搜索的特制格式串可能允许访问进程栈。如果成功利用的话,这可能允许用户在运行ActiveX管理控制台的系统上执行任意代码。 Trend Micro OfficeScan Corporate Edition 7.3 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.20 views

HP-UX 11i (swask) Format String Local Root Exploit

No description provided by source. / HP-UX swask format string local root exploit ============================================ HP-UX 'swask' contains an exploitable format string vulnerability. The 'swask' utility is installed setuid root by default. Specifically the vulnerability is in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.29 views

QK SMTP远程栈溢出漏洞

QK SMTP Server是一款SMTP(简单邮件传输协议)服务器软件。 QK SMTP Server在处理用户命令参数时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞在服务器上执行任意指令。 QK SMTP Server在处理传送给“RCPT TO:”命令的参数时存在栈溢出漏洞,远程攻击者可以通过向服务器发送超长参数导致执行任意指令。 QKSoft QK SMTP 3.1.0 Beta QKSoft QK SMTP 3.0.1 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.qksoft.com/ /...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/25 12:0 a.m.52 views

Debian DSA-1199-1 : webmin - multiple vulnerabilities

Several vulnerabilities have been identified in webmin, a web-based administration toolkit. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3912 A format string vulnerability in miniserv.pl could allow an attacker to cause a denial of service...

7.5CVSS8AI score0.77953EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2006/10/25 12:0 a.m.33 views

GLSA-200610-12 : Apache mod_tcl: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200610-12 Apache modtcl: Format string vulnerability Sparfell discovered format string errors in calls to the setvar function in tclcmds.c and tclcore.c. Impact : A remote attacker could exploit the vulnerability to execute...

6.8CVSS5.8AI score0.15858EPSS
Exploits0References2
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.31 views

Half Life (rcon) Remote Buffer Overflow Exploit

No description provided by source. / SDI HalfLife rcon remote exploit for linux x86 portuguese exploit remoto para o buffer overflow do rcon no halflife Tamandua Sekure Labs Sao Paulo - Porto Alegre, Brazil by Thiago Zaninotti c0nd0r [email protected] Gustavo Scotti csh [email protected] Proof of...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/24 12:0 a.m.38 views

HP-UX 11i - 'swask' Format String Privilege Escalation

/ HP-UX swask format string local root exploit ============================================ HP-UX 'swask' contains an exploitable format string vulnerability. The 'swask' utility is installed setuid root by default. Specifically the vulnerability is in the handling of the "-s" optional arguement...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.30 views

Winmail Mail Server 2.3 Remote Format String Exploit

No description provided by source. / Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by ThreaT. This one take advantage of a format bug in the SMTP protocol not pop3 for execute a malicious command on a vulnerable system usage : mwmxploit Target IP command to execute remote...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.36 views

LPRng (RedHat 7.0) lpd Remote Root Format String Exploit

No description provided by source. / Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer have not been partly removed, altered or modified in any way. The material is the property of security.is. You are allowed to adopt the...

7.1AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2006/10/24 12:0 a.m.39 views

Apache mod_tcl: Format string vulnerability

Background Apache modtcl is a TCL interpreting module for the Apache 2.x web server. Description Sparfell discovered format string errors in calls to the setvar function in tclcmds.c and tclcore.c. Impact A remote attacker could exploit the vulnerability to execute arbitrary code with the rights ...

6.8CVSS7.3AI score0.15858EPSS
Exploits0
0day.today
0day.today
added 2006/10/24 12:0 a.m.19 views

HP-UX 11i (swask) Format String Local Root Exploit

Exploit for hp-ux platform in category local exploits ================================================== HP-UX 11i swask Format String Local Root Exploit ================================================== / HP-UX swask format string local root exploit ============================================...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/10/24 12:0 a.m.14 views

HP-UX 11i - swask Format String Privilege Escalation

HP-UX 11i - swask Format String Privilege Escalation / HP-UX swask format string local root exploit ============================================ HP-UX 'swask' contains an exploitable format string vulnerability. The 'swask' utility is installed setuid root by default. Specifically the vulnerabili...

1.2AI score
Exploits0
exploitpack
exploitpack
added 2006/10/23 12:0 a.m.10 views

QK SMTP 3.01 - RCPT TO Remote Denial of Service

QK SMTP 3.01 - RCPT TO Remote Denial of Service / ============================================================= 0-day RCPT TO DoS Exploit for QK SMTP version 3.01 and lower. ============================================================= Exploit affects a format string error in the RCPT TO command ...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/10/23 12:0 a.m.15 views

QK SMTP <= 3.01 (RCPT TO) Remote Denial of Service Exploit

No description provided by source. / ============================================================= 0-day RCPT TO DoS Exploit for QK SMTP version 3.01 and lower. ============================================================= Exploit affects a format string error in the RCPT TO command in which the...

7.1AI score
Exploits0
NVD
NVD
added 2006/10/16 7:7 p.m.18 views

CVE-2006-4154

Format string vulnerability in the modtcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a setvar function call in 1 tclcmds.c and 2 tclcore.c...

6.8CVSS7.4AI score0.15858EPSS
Exploits0References10
CVE
CVE
added 2006/10/16 7:0 p.m.195 views

CVE-2006-4154

CVE-2006-4154 describes a format-string vulnerability in the Apache mod_tcl module (version 1.0 for Apache 2.x). The root cause is format string handling in calls to set_var (in tcl_cmds.c and tcl_core.c), allowing a remote attacker to execute arbitrary code with the httpd process privileges. Aff...

6.8CVSS7.3AI score0.15858EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2006/10/16 7:0 p.m.35 views

CVE-2006-4154

Format string vulnerability in the modtcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a setvar function call in 1 tclcmds.c and 2 tclcore.c...

7.3AI score0.15858EPSS
Exploits0References10
securityvulns
securityvulns
added 2006/10/14 12:0 a.m.30 views

Apache web server mod_tcl security vulnerability

Server format string vulnerabilities with HTTP request header names...

0.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/10/14 12:0 a.m.64 views

[VulnWatch] iDefense Security Advisory 10.13.06: Apache HTTP Server mod_tcl set_var Format String Vulnerability

Apache HTTP Server modtcl setvar Format String Vulnerability iDefense Security Advisory 10.13.06 http://www.idefense.com/intelligence/vulnerabilities/ Oct 13, 2006 I. BACKGROUND The modtcl module for the Apache httpd v2.x is a scripting module that allows a TCL developer to create server side...

6.8CVSS0.1AI score0.15858EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.28 views

Debian DSA-967-1 : elog - several vulnerabilities

Several security problems have been found in elog, an electronic logbook to manage notes. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2005-4439 'GroundZero Security' discovered that elog insufficiently checks the size of a buffer used for processing...

7.8CVSS6.1AI score0.06129EPSS
Exploits1References16
Rows per page
Query Builder