CVE-2005-4176

AWARD Bios Modular 4.50pg does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory...

CVE-2005-4176

CVE-2005-4176 affects AWARD BIOS Modular 4.50pg and is caused by failure to clear the keyboard buffer after BIOS password reads, enabling local users to read the password from physical memory. The vulnerability is local in scope with low base score (2.1); details on exploit code or practical in‑t...

Multiple Vendor BIOS - Keyboard Buffer Password Persistence (2)

Multiple Vendor BIOS - Keyboard Buffer Password Persistence 2 // source: https://www.securityfocus.com/bid/15751/info Multiple vendors fail to clear the BIOS Basic Input-Output System keyboard buffer after reading the preboot authentication password during the system startup process. Depending on...

Multiple Vendor BIOS - Keyboard Buffer Password Persistence (2)

// source: https://www.securityfocus.com/bid/15751/info Multiple vendors fail to clear the BIOS Basic Input-Output System keyboard buffer after reading the preboot authentication password during the system startup process. Depending on the operating system running on affected computers, the memor...

Panda Remote Heap Overflow

Date November 29, 2005 Vulnerability The Panda Antivirus Library provides file format support for virus analysis. During decompression of ZOO files Panda is vulnerable to a heap overflow allowing attackers complete control of the systems being protected. This vulnerability can be exploited remote...

linux/x86 _exit(1); 7 bytes

Exploit for linux/x86 platform in category shellcode =========================== linux/x86 exit1; 7 bytes =========================== / exit-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular remote exploits. I use it when I need a process to exit cleanly. / char...

linux/x86 ifreadfd,buf,512<=2 _exit1 else buf; 29 bytes

linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large payload of goodness. This actually is a bit larger than necessary because of the error checking but in some cases...

linux/x86 dup20,0; dup20,1; dup20,2; 15 bytes

linux/x86 dup20,0; dup20,1; dup20,2; 15 bytes. Shellcode exploit for linx86 platform / dup2loop-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular remote exploits. I usually combine this with an execve as the second stage of a read jmp %esp / char hellcode = /...

linux/x86 _exit1; 7 bytes

linux/x86 exit1; 7 bytes. Shellcode exploit for linx86 platform / exit-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular remote exploits. I use it when I need a process to exit cleanly. / char hellcode = / exit1; linux/x86 by core / // 7 bytes exit1 ... 'cause...

linux/x86 dup2(0,0); dup2(0,1); dup2(0,2); 15 bytes

Exploit for linux/x86 platform in category shellcode =================================================== linux/x86 dup20,0; dup20,1; dup20,2; 15 bytes =================================================== / dup2loop-core.c by Charles Stevenson I made this as a chunk you can paste in to make modular...

Microsoft Windows Graphics Rendering Engine WMF Format Code Execution Vulnerability

Description Microsoft Windows WMF graphics rendering engine is affected by a remote code execution vulnerability. The problem presents itself when a user views a malicious WMF formatted file, triggering the vulnerability when the engine attempts to parse the file. A malicious file can cause an...

M4DR007-07SA &#40;security advisory&#41;: Multiple vulnerabilities in ASP Nuke 0.80

M4DR007-07SA security advisory: Multiple vulnerabilities in ASP Nuke 0.80 Published: 26 16 2005 Released: 26 16 2005 Name: ASP Nuke Affected Systems: = 0.80 Issue: Cross-Site Scripting, HTTP Response Splitting, SQL Injection Author: Alberto Trivero Vendor: http://www.aspnuke.com/ Software...

Fedora Core 3 : kernel-2.6.11-1.27_FC3 (2005-392)

Tue May 17 2005 Dave Jones - Remove the unused and outdated Xen patches from the FC3 tree. - Mon May 16 2005 Dave Jones - Rebase to 2.6.11.10, fixing CVE-2005-1264 - Thu May 12 2005 Dave Jones - Rebase to 2.6.11.9, fixing CVE-2005-1263 - Tue May 10 2005 Dave Jones - Fix two bugs in x86-64 page...

phpkitSQLXSS.txt

Author: Steve Date: November 22, 2004 Affected Software:PHP KIT Software Version: 1.6.03 - 1.6.1 Software URL: http://www.phpkit.de Attack: SQL Injection, allowing people to manipulate the query into pulling data. XSS What is PHPKIT: PHPKIT is a modular developed Homepage Software which can simpl...

PW New Media Network Modular Site Management System 0.2.1 - &#039;Ver.asp&#039; Information Disclosure

source: https://www.securityfocus.com/bid/10208/info It has been reported that Modular Site Management System may be prone to an information disclosure issue that could allow an attacker to gain access to a server's configuration information. MSMS version 0.2.1 is reported to be affected by this...