Lucene search
K

2293 matches found

exploitpack
exploitpack
added 2010/06/15 12:0 a.m.20 views

SasCam 2.6.5 - Remote HTTP Server Crash

SasCam 2.6.5 - Remote HTTP Server Crash / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! Also the free software programs provided by fl0 fl0w may be freely distributed and that the disclaimer below is always attached to it...

0.2AI score
Exploits0
CVE
CVE
added 2010/06/11 7:0 p.m.66 views

CVE-2010-1764

CVE-2010-1764 affects WebKit in Apple Safari prior to 5.0 on Mac OS X 10.5–10.6 and Windows, and prior to 4.1 on Mac OS X 10.4. The vulnerability arises from following multiple redirections during form submission, enabling remote servers to record form data and access sensitive information. Conne...

4.3CVSS8.1AI score0.02262EPSS
Exploits0References20Affected Software2
Tenable Nessus
Tenable Nessus
added 2010/06/03 12:0 a.m.956 views

PHP expose_php Information Disclosure

The PHP install on the remote server is configured in a way that allows disclosure of potentially sensitive information to an attacker through a special URL. Such a URL triggers an Easter egg built into PHP itself. Other such Easter eggs likely exist, but Nessus has not checked for them...

5.6AI score
Exploits0References2
securityvulns
securityvulns
added 2010/05/28 12:0 a.m.78 views

Arbitrary UNC file read in IE 8

Internet Explorer is vulnerable to a drive-by arbitrary UNC file read, with the usual consequences local account password disclosure, etc. as in IE6 before SP1. It is in ICMFilter, which is accessible via the CSS filter property. Sample exploit code: div...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/03/24 12:0 a.m.26 views

Mandriva Linux Security Advisory : cpio (MDVSA-2010:065)

A vulnerability has been found and corrected in cpio and tar : Heap-based buffer overflow in the rmtread function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service memory corruption or possibly...

6.8CVSS7.4AI score0.04747EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2010/03/19 12:0 a.m.41 views

Novell eDirectory DHost Predictable Session ID

The eDirectory DHost web server running on the remote host generates predictable session IDs. A remote attacker could exploit this by predicting the session ID of a legitimately logged-in user, which could lead to the hijacking of administrative sessions. C Tenable Network Security, Inc...

7.5CVSS5.6AI score0.49864EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2010/03/12 8:0 p.m.28 views

CVE-2010-0624

Heap-based buffer overflow in the rmtread function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service memory corruption or possibly execute arbitrary code by sending more data than was requested,...

6.8CVSS8AI score0.04747EPSS
Exploits2
OSV
OSV
added 2010/02/26 6:30 p.m.6 views

DEBIAN-CVE-2009-4652

The 1 ConnGetCipherInfo and 2 ConnUsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service application crash by sending the MOTD command from another server in the same IRC...

2.6CVSS6.8AI score0.01602EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2010/01/26 12:0 a.m.33 views

Publique! Framework 2.3 SQL Injection

===== Tempest Security Intelligence - Advisory 01 / 2010 ============= SQL injection vulnerability in Publique! Framework -------------------------------------------------- Authors: Christophe de la Fuente Gustavo Pimentel Bittencourt ===== Table of Contents ================================= 1...

0.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/01/19 12:0 a.m.2 views

Security Best Practice: Protect Yourself from Multiple SMTP Vulnerabilities

Simple Mail Transfer Protocol SMTP is an Internet standard for electronic mail e-mail transmission across Internet Protocol IP networks. SMTP is specified for outgoing mail transport and uses TCP port 25. There are several serious security limitations with the SMTP protocol that allow malicious...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/01/19 12:0 a.m.1 views

Security Best Practice: Protect Yourself from Multiple IMAP Vulnerabilities

The Internet Message Access Protocol IMAP is one of the two most prevalent Internet standard protocols for e-mail retrieval, the other being the Post Office Protocol POP.Virtually all modern e-mail clients and mail servers support both protocols as a means of transferring e-mail messages from a...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/01/04 12:0 a.m.23 views

BigAnt 2.52 Buffer Overflow

!/usr/bin/python BigAnt Server 2.52 remote buffer overflow exploit 2 Author: DouBleZer0 Vulnerability discovered by Lincoln a another version of the original exploit by Lincoln application is little hazy.. import sys,socket host = sys.argv1 buffer= "\x90" 20 ./msfpayload...

0.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/11/17 12:0 a.m.4 views

HP WEB JETADMIN Denial of Service (CVE-2004-1856)

HP Web JetAdmin is an enterprise tool that allows administrator to install, configure, and administer Hewlett Packard as well as non-HP peripherals, such as a printer, through a web-based interface. There are three separate vulnerabilities within HP Web JetAdmin that will allow a malicious attack...

5CVSS7.6AI score0.29531EPSS
Exploits1
seebug.org
seebug.org
added 2009/11/16 12:0 a.m.48 views

WebKit资源装载回调信息泄漏漏洞

Bugraq ID: 36996 CVE ID:CVE-2009-2841 WebKit是一款开放源代码的web浏览器引擎。 当WebKit处理指向外部资源的HTML 5媒体元素时,它不提交资源装载回调以判断资源是否已装载,结果可导致发送某些请求到远程服务器上。如HTML格式的EMAIL消息发送者可以利用这个漏洞用于判断消息是否读取。 WebKit Open Source Project WebKit r38566 WebKit Open Source Project WebKit 0 Apple Safari 4.0.3 Apple Safari 4.0.2 Apple Safari...

5CVSS0.1AI score0.02913EPSS
Exploits2
Metasploit
Metasploit
added 2009/10/26 8:0 p.m.48 views

Joomla 1.5.12 TinyBrowser File Upload Code Execution

This module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 1.5.12 of joomla and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system. This modu...

9.8CVSS7.2AI score0.55769EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2009/10/12 12:0 a.m.14 views

Ubuntu 6.06 LTS : devscripts vulnerability (USN-847-2)

USN-847-1 fixed vulnerabilities in devscripts. This update provides the corresponding updates for Ubuntu 6.06 LTS. Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a...

9.3CVSS6AI score0.02882EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2009/10/09 2:13 p.m.44 views

USN-847-2: devscripts vulnerability

USN-847-1 fixed vulnerabilities in devscripts. This update provides the corresponding updates for Ubuntu 6.06 LTS. Original advisory details: Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted...

9.3CVSS5.7AI score0.02882EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/10/08 9:45 p.m.40 views

USN-847-1: Devscripts vulnerability

Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a remote server, an attacker could execute arbitrary code with the privileges of the user invoking the program...

9.3CVSS5.5AI score0.02882EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/10/07 12:0 a.m.528 views

CGI Generic SSI Injection

The remote web server hosts CGI scripts that fail to adequately sanitize request strings. They seem to be vulnerable to an 'SSI injection' attack. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, In...

6AI score
Exploits0References3
Prion
Prion
added 2009/09/24 4:30 p.m.15 views

Stack overflow

Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command...

9.3CVSS8.6AI score0.05448EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder