Mandrake Linux Security Advisory : imlib2 (MDKSA-2006:198-1)

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...

HP LoadRunner Agent Service Detection

An HP LoadRunner Agent is listening on the remote host. This agent enables a LoadRunner Controller to communicate with the LoadRunner Load Generator on the remote host for performance testing. Note that Hewlett-Packard acquired LoadRunner in November 2006 as part of its acquisition of Mercury...

solaris/sparc executes command after setreuid (92 bytes + cmd)

No description provided by source. / bunkersparcexec.c V1.0 - Sat Oct 21 17:45:27 CEST 2006 Solaris/sparc bytecode that executes command after setreuid 92 bytes + cmd setreuid0, 0 + execve"/bin/sh", "/bin/sh","-c","cmd", NULL; bunker - http://rawlab.mindcreations.com...

Design/Logic Flaw

BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection...

CVE-2007-0434

BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection...

CVE-2007-0434

BEA AquaLogic Enterprise Security 2.0–2.2 (AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2) has a vulnerability where audit-event severity is not properly set under high system load. This can hinder detection by bypassing or delaying alerting, potentially reducing ...

Microsoft Vista (NtRaiseHardError) Privilege Escalation Exploit

No description provided by source. //raise.c //26-12-2006 erasmus/ORC //exploit NtRaiseHardError privesc and load dll into csrss //this version only is vista, other version can be worked //with proper offsets, i will complete them soon //imperfect but sometime work, ok for proto type; //dll limit...

The reproduction of social engineering-vulnerability warning-the black bar safety net

Article author: withered Ling roseN. C. P. H Information source: evil octal information security teamwww.eviloctal.com to This is my osmosis in the process of a real experience,I would have thought after two days of time to get to the master server,the Master Station program on the Master Station...

Ixprim CMS 1.2 - Blind SQL Injection

!/usr/bin/perl INFORMATIONS ============ Affected.scr..: Ixprim 1.2 Poc.ID........: 16061221 Type..........: Blind SQL Injection Risk.level....: Medium Conditions....: loadfile privilege ixp code only Src.download..: www.ixprim-cms.org Poc.link......: acid-root.new.fr/poc/16061221.txt...

MS Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC

No description provided by source. / Copyright C 2006-2007 Aviv Raff http://aviv.raffon.net Greetz: hdm, L.M.H, str0ke, SkyLined Compile and upload to the victim's desktop as one of the following hidden DLL files: - sqmapi.dll - imageres.dll - schannel.dll Run IE7 and watch the nice calculators p...

Microsoft Internet Explorer 7 - DLL-load Hijacking Code Execution (PoC)

Microsoft Internet Explorer 7 - DLL-load Hijacking Code Execution PoC / Copyright C 2006-2007 Aviv Raff http://aviv.raffon.net Greetz: hdm, L.M.H, str0ke, SkyLined Compile and upload to the victim's desktop as one of the following hidden DLL files: - sqmapi.dll - imageres.dll - schannel.dll Run I...

Microsoft Internet Explorer 7 - DLL-load Hijacking Code Execution (PoC)

/ Copyright C 2006-2007 Aviv Raff http://aviv.raffon.net Greetz: hdm, L.M.H, str0ke, SkyLined Compile and upload to the victim's desktop as one of the following hidden DLL files: - sqmapi.dll - imageres.dll - schannel.dll Run IE7 and watch the nice calculators pop up. Filter fdwReason to execute...

MS Internet Explorer 7 (DLL-load hijacking) Code Execution Exploit PoC

Exploit for unknown platform in category dos / poc ====================================================================== MS Internet Explorer 7 DLL-load hijacking Code Execution Exploit PoC ====================================================================== / Copyright C 2006-2007 Aviv Raff...

Solaris 5.9 (x86) : 117874-02

Application Server 7.1x86: Load Balancing Plugin. Date this patch was last updated by Sun : Feb/27/06 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ...

Solaris 5.8 (sparc) : 117873-02

Application Server 7.1: Load Balancing Plugin. Date this patch was last updated by Sun : Feb/27/06 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Solaris 5.9 (sparc) : 117873-02

Application Server 7.1: Load Balancing Plugin. Date this patch was last updated by Sun : Feb/27/06 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

MS Windows WebDav III remote root Exploit (xwdav)

No description provided by source. / IIS 5.0 WebDAV Exploit Xnuxer Lab By Schizoprenic, Copyright c 2003 WebDAV exploit without netcat or telnet and with pretty magic number as RET / include stdio.h include errno.h include string.h include stdlib.h include fcntl.h include sys/types.h include...

Debian DSA-934-1 : pound - several vulnerabilities

Two vulnerabilities have been discovered in Pound, a reverse proxy and load balancer for HTTP. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-1391 : Overly long HTTP Host: headers may trigger a buffer overflow in the addport function, which may lea...

DEBIAN-CVE-2006-4570

Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message...

security flaw

Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message...