378 matches found
CVE-2010-0434
The apreadrequest function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain...
Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)
Exploit for macOS platform in category remote exploits ====================================================================== Apple iTunes 8.1.1 ITMS Multiple Protocol Handler BOF Exploit meta ====================================================================== $Id: $ This file is part of the...
Apple iTunes 8.1.1 - 'ITMS' Multiple Protocol Handler Buffer Overflow (Metasploit)
$Id: $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' class Metasploit3...
[SECURITY] Fedora 10 Update: prelude-manager-0.9.14.2-2.fc10
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is a multithreaded server which handles connections from the Prelude sensors. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any...
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote Buffer Overflow
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote Buffer Overflow !/usr/bin/perl ProSysInfo TFTP server TFTPDWIN Greets fly to InTeL. WARNING: Author has no responsibility over the damage you do using this! use IO::Socket; use warnings; use strict; if!$ARGV0 print "x ProSysInfo TFTP server...
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Universal Remote Buffer Overflow
!/usr/bin/perl ProSysInfo TFTP server TFTPDWIN Greets fly to InTeL. WARNING: Author has no responsibility over the damage you do using this! use IO::Socket; use warnings; use strict; if!$ARGV0 print "x ProSysInfo TFTP server TFTPDWIN = 0.4.2\n"; print " Universal Remote Buffer Overflow...
Qt BMP Parsing Bug Heap Overflow Exploit
No description provided by source. / heap overflow exploit for qt bmp parsing bug infamous42md AT hotpop DOT com shouts to mitakeet, MB, and peeps @hackaholic ok, pretty standard heap overflow here. we spill across our chunk and overwrite the boundary tag for next chunk. the only problems i had w...
CVE-2007-6705
The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESSDUPHANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly...
Moderate: Red Hat Security Advisory: openssl security and bug fix update
Updated OpenSSL packages that correct a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 an...
Multithreaded TFTP (buffer overflow)
Buffer overflow on oversized TFTP command...
Multithreaded TFTP <= 1.1 (Long Get Request) Denial of Service Exploit
Exploit for unknown platform in category dos / poc ====================================================================== Multithreaded TFTP And any-one else i forgot ^ ^. \DEBUG INF0// First chance exceptions are reported before any exception handling. This exception may be expected and handled...
Multithreaded TFTP <= 1.1 (Long Get Request) Denial of Service Exploit
No description provided by source. !/usr/bin/python Multithreaded TFTP 1.1 Server d0s exploit by n00b the following is affected causing a denial of service Due to an overly long GET request to the ftp server Tested on winx xp sp1,sp2 eng. Vendor dont know but s00n will :p n00b is credited for...
Stream Raped (Windows) - Denial of Service
Stream Raped Windows - Denial of Service / Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded program! MSVC++ compile with /MT. Remember: This program requires raw socket support! You can't use it on Windows XP SP2 and if you've done MS05-019 update you'll have to...
security flaw
initdev in ttyio.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service crash and possibly gain tty access via unknown attack vectors that trigger an access of ...
[SECURITY] [DSA-358-4] New kernel packages fix potential "oops"
-------------------------------------------------------------------------- Debian Security Advisory DSA 358-4 [email protected] http://www.debian.org/security/ Matt Zimmerman August 13th, 2003 http://www.debian.org/security/faq -...
NullLogic Null HTTPd 0.5 - Error Page Cross-Site Scripting
source: https://www.securityfocus.com/bid/5603/info NullLogic Null HTTPd is a small multithreaded webserver for Linux and Windows. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. As a result, when an innocent user follows such a link,...
Linux Kernel 2.0 - TCP Port Denial of Service
Linux Kernel 2.0 - TCP Port Denial of Service / source: https://www.securityfocus.com/bid/343/info It is possible to leak kernel memory and render TCP ports above 1024 unusable, locked forever in the CLOSEWAIT state in linux kernels prior to the late 2.1.x and 2.2.0pre releases. In addition to...
Linux Kernel 2.0 - TCP Port Denial of Service
/ source: https://www.securityfocus.com/bid/343/info It is possible to leak kernel memory and render TCP ports above 1024 unusable, locked forever in the CLOSEWAIT state in linux kernels prior to the late 2.1.x and 2.2.0pre releases. In addition to being intentionally exploited, unix applications...