Novell Netmail IMAP SUBSCRIBE缓冲区溢出漏洞

Novell Netmail是一款电子邮件和日历系统。 Novell Netmail包含的IMAP实现处理subscribe命令存在设计缺陷，远程攻击者可以利用漏洞进行缓冲区溢出攻击，可能以进程权限执行任意指令。 当超长字符串作为subscribe的参数提交给服务器，可导致应用程序由于缺少正确边界检查而造成缓冲区溢出，精心构建提交数据，可能以进程权限执行任意指令。 Novell NetMail 3.52 D Novell NetMail 3.52 C1 Novell NetMail 3.52 C Novell NetMail 3.52 B Novell NetMail 3.52 A...

PHP-Nuke Book Catalog Module Upload.PHP任意文件上传漏洞

PHP-Nuke Book Catalog Module是一款PHP的图书目录模块。 PHP-Nuke Book Catalog Module不正确过滤用户提交的数据，远程攻击者可以利用漏洞上传任意文件，并以WEB进程执行。 'BookCatalog/upload.php'对用户提交的图象文件缺少正确过滤，可直接提交PHP文件而导致以WEB权限执行。 SAP Basis Community Book Catalog Module 1.0 目前没有解决方案提供,请关注以下链接： http://www.basisconsultant.com/index.php...

Computer Associates BrightStor ARCserve Backup磁带引擎缓冲区溢出漏洞

Computer Associates BrightStor ARCserve Backup是一款企业级的备份服务器程序。 Computer Associates BrightStor ARCserve Backup的磁带引擎存在缓冲区溢出问题，远程攻击者可以利用漏洞以进程权限执行任意指令。 问题是由于磁带引擎服务程序tapeeng.exe不正确处理TCP 6502端口的RPC请求，目前没有详细漏洞细节提供。 Computer Associates BrightStor ARCServe Backup 11.5...

CVE-2005-4815

SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 are affected. The vulnerability arises from improper restriction of process execution by lnaxdm/sapsys, allowing remote attackers to ...

CVE-2004-2504

The CVE affects Alt-N Technologies MDaemon (7.2 and earlier, including 6.8). The GUI creates new files by launching child processes (e.g., NOTEPAD.EXE) with SYSTEM privileges, enabling local users with physical access to escalate privileges. Root cause is the GUI spawning and executing external e...

MS Windows (DCOM RPC2) Universal Shellcode

Exploit for win32 platform in category shellcode ========================================== MS Windows DCOM RPC2 Universal Shellcode ========================================== ; Segment type: Pure code ;seg000 segment byte public 'CODE' use32 ; assume cs:seg000 ; assume es:nothing, ss:nothing,...