102 matches found
The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the tiff package up to version 3.8.2-r4 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
RabidHamster R4 Detection
The remote web server is running R4, a standalone OpenGL accelerated program used to produce animated 3D graphics that twist and turn to music. R4 contains a built-in web server that allows you to control the visuals that are produced from a remote device. C Tenable Network Security, Inc...
RabidHamster R4 Log Entry sprintf() Buffer Overflow
This module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user. This module requires...
RabidHamster R4 Log Entry sprintf() Buffer Overflow
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
RabidHamster R4 Log Entry sprintf() Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "RabidHamster R4 L...
RabidHamster R4 - Log Entry 'sprintf()' Remote Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "RabidHamster R4 L...
R4 1.25 Overflows / Directory Traversal
Luigi Auriemma Application: R4 http://r4.rabidhamster.org/R4/ Versions: = 1.25 Platforms: Windows Bugs: A stack overflow B heap overflow C directory traversal D screenshot stack overflow Exploitation: remote Date: 09 Feb 2012 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...
CVE-2011-4539
CVE-2011-4539 affects ISC DHCP: dhcpd in 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 fails to properly handle regular expressions in dhcpd.conf, enabling remote attackers to cause a denial of service (daemon crash) via a crafted request packet. Public advisories and Nessus/OpenSSL patch ref...
CVE-2011-4539
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service daemon crash via a crafted request packet...
Mandriva Linux Security Advisory : bind (MDVSA-2011:104)
A vulnerability has been identified and fixed in ISC BIND : Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via...
Nintendo 3DS also got Hacked Within 24 Hours after Release !
The new Nintendo 3DS didn't last 24 hours in Japan before hackers jailbroke the device to support Revolution For DS R4 flash cards that play old Nintendo games. Although R4 cards were built for Nintendo DS, the hackers show how they can use the storage cards to run homebrew and older Nintendo gam...
KDE start_kdeinit: Multiple vulnerabilities
Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like operating systems. startkdeinit is a wrapper for kdeinit. Description Vulnerabilities have been reported in the processing of user-controlled data by startkdeinit, which is setuid root by default. Impact A loca...
CVE-2006-3141
Cross-site scripting XSS vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter...
CVE-2006-3141
Cross-site scripting XSS vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter...
CVE-2006-3141
CVE-2006-3141 is a documented XSS vulnerability in Tradingeye Shop R4 and earlier, exploitable via the image parameter in details.cfm. The underlying issue is that user-supplied data can inject arbitrary web script or HTML, enabling remote attackers to execute script within victims’ browsers. The...
CVE-2005-0934
Multiple cross-site scripting XSS vulnerabilities in WackoWiki R4 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2005-0934
CVE-2005-0934 involves multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 . The connected records confirm the affected product and the vulnerability class, indicating that remote attackers can inject arbitrary web script or HTML through unknown vectors in the application. The und...
PT-2003-1574 · Port80 · Iisprotect
Name of the Vulnerable Software and Affected Versions: iisPROTECT versions 2.2-r4 and earlier Description: The issue allows remote attackers to insert arbitrary SQL and execute code via certain variables, such as the GroupName variable in the SiteAdmin.ASP page. This can be exploited by attackers...
CVE-2002-1010
CVE-2002-1010 affects Lotus Domino R4. The vulnerability allows remote attackers to bypass access restrictions for files in the web root by issuing an HTTP request with a trailing “?”, which is treated as a wildcard and bypasses the web handlers. The available sources describe the issue and its i...
CVE-2002-1010
Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers...