119 matches found
Wireless IP Camera (P2P) WIFICAM Identity Bypass Vulnerability
Wireless IP Camera P2P WIFICAM is a remote IP camera. A security vulnerability exists in the Wireless IP Camera P2P WIFICAM device that stems from the program failing to properly check the access permissions of the .ini file. An attacker can exploit this vulnerability to bypass authentication...
DLL Hijacking Vulnerability and Information Disclosure Vulnerability in CIMCO Software
CIMCO is the world's leader in DNC solutions and is the world's largest installed base of DNC systems, which are mainly used for networking communication of CNC machine tools, machine tool monitoring, etc. CIMCO DNC-Max Server is the DNC server software. Vulnerability one: CIMCO program default...
SentryHD 02.01.12e - Privilege Escalation Exploit
Exploit for windows platform in category local exploits Exploit Title: SentryHD 02.01.12e Privilege Escalation Date: 18-01-2017 Software Link: http://www.minutemanups.com/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: local 1...
Windows Process Filtering System: ProcFilter
Windows Process Filtering System ProcFilter is a process filtering system for Windows with built-in YARA integration. YARA rules can be instrumented with custom meta tags that tailor its response to rule matches. It runs as a Windows service and is integrated with Microsoft’s ETW API , making...
USN-2705-1 python-keystoneclient, python-keystonemiddleware vulnerabilities
Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct machine-in-the-middle attacks via a crafted certificate. CVE-2014-7144 Brant Knudson...
check_dhcp - Nagios Plugins <= 2.0.1 - Arbitrary Option File Read
No description provided by source. ============================================= - Release date: 15.05.2014 - Discovered by: Dawid Golunski - Severity: Moderate ============================================= I. VULNERABILITY ------------------------- checkdhcp - Nagios Plugins = 2.0.1 Arbitrary...
Total Video Player 1.3.1 - Settings.ini Local Buffer Overflow (SEH)
Total Video Player 1.3.1 - Settings.ini Local Buffer Overflow SEH !/usr/bin/perl Exploit Title: Total Video Player 1.3.1 Settings.ini - SEH Buffer Overflow Date: 11-24-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: Total Video Player 1.3.1...
Windows Gather WS_FTP Saved Password Extraction
This module extracts weakly encrypted saved FTP Passwords from WSFTP. It finds saved FTP connections in the wsftp.ini file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather WSFTP...
Adobe Download Manager AOM File Section Name Buffer Overflow (CVE-2006-5856)
Adobe produces and distributes a custom Download Manager utility which is usually utilized for Adobe product updates and downloads. The Download Manager normally sets up file association entries in the Windows registry upon installation that associate it with the AOM file type. A buffer overflow...
PHP dba_replace() DoS
It's possible to destroy ini-file content...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
CVE-2004-2125
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value...
CVE-2004-2125
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value...
Lotus Notes URI command line modification
notes: URI allows to execute notes.exe with any arguments, for example to cpecify .ini file location...
MySQL Windows buffer overflow
Buffer overflow on .ini-file parsing...
CVE-2001-0983
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges...
Cart32 admin password vulnerability
Joint advisory issued by Cart32 and Colin Hart --------------------------------------- Date Published: 6th November 2000 --------------------------------------- Title: Cart32 admin password vulnerability --------------------------------------- Vulnerable Packages/Systems: Cart32 v3.5 build 619, i...
norton.antivirus.passwd.txt
Date: Fri, 9 Apr 1999 16:12:26 -0700 From: "Saling, Kevin" To: [email protected] Subject: NAV for MS Exchange & Internet Email Gateways After installing the following Symantec products: Norton AntiVirus for Internet Email Gateways 1.0.1.7 NAVIEG Norton AntiVirus for MS Exchange 1.5...