Microsoft Windows SMB Registry : OS Version and Processor Architecture

Nessus was able to determine the processor architecture, build lab strings, and the Windows OS version installed on the remote system by connecting to the remote registry with the supplied credentials. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid48942;...

Payment Processor Script (faq.htm farea) SQL Injection Exploit (.py)

Exploit for php platform in category web applications ==================================================================== Payment Processor Script faq.htm farea SQL Injection Exploit .py ==================================================================== !/usr/bin/env python -- coding:utf-8 --...

OpenOffice.org Microsoft Word File Processing Integer Underflow (CVE-2009-3301; CVE-2009-3302)

OpenOffice.org is an open source office suite that includes a word processor, a spreadsheet application, a presentation creator, an illustration drawer, a desktop database, and an equation editor. The product is made available for multiple platforms and languages. An integer underflow vulnerabili...

Solaris/x86 - Halt shellcode - 36 bytes

Solaris/x86 - Halt shellcode - 36 bytes. Shellcode exploit for solarisx86 platform / Title: Solaris/x86 - Halt shellcode - 36 bytes Auhtor: Jonathan Salwan Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan Date: 2010-05-20 Tested: SunOS opensolaris 5.11 snv111b i86pc i386...

solaris/x86 - Halt shellcode - 36 bytes

Exploit for solaris/x86 platform in category shellcode ======================================= Solaris/x86 - Halt shellcode - 36 bytes ======================================= / Title: Solaris/x86 - Halt shellcode - 36 bytes Auhtor: Jonathan Salwan Web: http://www.shell-storm.org Twitter:...

Novell Netware FTP Remote Stack Overflow

No description provided by source. Application: Novell Netware FTP Remote Stack Overflow Platforms: Novell Netware 6.5 SP8 Exploitation: Remote Code Execution CVE Number: CVE-2010-0625 Novell TID: 3238588 Discover Date: 2009-07-23 Author: Francis Provencher Protek Research Lab's Blog:...

SQLite Browser v2.0b1 Local DoS Vulnerability

No description provided by source. Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is th...

SQLite Browser 2.0b1 - Local Denial of Service

Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is the SQL query processor engine, it...

SQLite Browser 2.0b1 - Local Denial of Service

SQLite Browser 2.0b1 - Local Denial of Service Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. T...

JDK: XML parsing Denial-Of-Service (6845701)

Previously, a denial-of-service flaw was found in Java which allowed the creation of an inifinte loop in XML headers that would consume all CPU resources. This issue was patched and Java is no longer vulnerable to a denial-of-service flaw due to the initiation of an infinte loop by means of XML...

Intel Patches vPro Processor Flaws

Intel has released a patch for its series of silicon-based security protections after researchers from Poland identified flaws that allowed them to completely bypass the extensions. Read the full article. The Register...

ntp-info NSE Script

Gets the time and configuration variables from an NTP server. We send two requests: a time request and a "read variables" opcode 2 control message. Without verbosity, the script shows the time and the value of the version, processor, system, refid, and stratum variables. With verbosity, all...

JDK: XML parsing Denial-Of-Service (6845701)

Previously, a denial-of-service flaw was found in Java which allowed the creation of an inifinte loop in XML headers that would consume all CPU resources. This issue was patched and Java is no longer vulnerable to a denial-of-service flaw due to the initiation of an infinte loop by means of XML...

PT-2009-5910 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31.4 Description: The issue is related to an integer overflow in the kvm dev ioctl get supported cpuid function, which can be triggered by a local user via a KVM GET SUPPORTED CPUID request to the kvm arch d...

Snort Back Orifice Stack Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Snort Back...

Visa Announces New Data Encryption Practices

Visa has announced new global best practices for data field encryption, also known as end-to-end encryption – a much-discussed solution in the wake of the Heartland Payment Systems breach. Announced by the global credit card company on Monday, these best practices are designed to further the...

Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)

The remote host is missing an update to apache-modsecurity announced via advisory MDVSA-2009:183. OpenVAS Vulnerability Test $Id: mdksa2009183.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:183 apache-modsecurity Authors: Thomas Reinke Copyright:...

Fedora Core 11 FEDORA-2009-8157 (xml-security-c)

The remote host is missing an update to xml-security-c announced via advisory FEDORA-2009-8157. OpenVAS Vulnerability Test $Id: fcore20098157.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8157 xml-security-c Authors: Thomas Reinke Copyright:...

ASUS notebooks and motherboards privilege escalations

There are multiple possibilities for user with phisical memory access to execute code in high-pribileged SMM processor mode...

Payment Processor Script Blind SQL Injection

PaymentProcessorScript.net R-Sql/B-Sql Multiple Vulns. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 04.01.09 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : EN ONEMLi N0T: demolarI...