113 matches found
DreamFTP Server username Remote Format String
The remote DreamFTP server is vulnerable to a format string attack when processing the USER command. An attacker may exploit this flaw to gain a shell on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12086; scriptcveid"CVE-2004-2074"; scriptbugtraqid9800;...
Effect Office 2.9 buffer overflow
Слышал когда нить о такоя проге как "Эффект офисEffectOffice"..... http://www.effectoffice.com/ Это система документа оборота от компании "Гарант Интернэшнел" и она используется многими организациями для "Эффективного" документаоборота организацииМы её хотели себе ставить.... Дык вот к чему енто...
virgil.txt
-----BEGIN PGP SIGNED MESSAGE----- - - -------------------------------------------------------------------------- KALIF research group [email protected] October 21st, 2002 Joschka Fischer - - -------------------------------------------------------------------------- - - Overview Software : Virgi...
apache-linux.txt
/ LINUX X86 APACHE REMOTE EXPLOIT!!!!!!!!! This is the unpublished source for apache OpenSSL handshake exploit. We obtained this exploit by modifying a circulating apache worm, created by contem@efnet BY nebunu compile: gcc -o apache-ex apache.ex.c -lcrypto run: ./apache-ex do not use hostname! u...
OpenSSH < 3.4 Multiple Remote Overflows
According to its banner, the remote host appears to be running OpenSSH version 3.4 or older. Such versions are reportedly affected by multiple flaws. An attacker may exploit these vulnerabilities to gain a shell on the remote system. Note that several distributions patched this hole without...
PKCrew TIAtunnel 0.9 alpha2 - Authentication Mechanism Buffer Overflow
// source: https://www.securityfocus.com/bid/2831/info TIAtunnel is a freely available IRC session bouncing software package. It is distributed by the pkcrew. A problem in the software package makes it possible for a remote user to gain a local shell. Due to a buffer overflow in the authenticatio...
Solaris rpc.yppasswdd username Remote Overflow
The remote RPC service 100009 yppasswdd is vulnerable to a buffer overflow which allows any user to obtain a root shell on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10684; scriptversion"1.37"; scriptcvsdate"Date: 2018/11/15 20:50:22";...
Qpopper 2.53 remote problem, user can gain gid=mail
b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y 5 Advisory Name: Remote shell via Qpopper2.53 Date: 5/23/00 Application: Qpopper 2.53 for NIX Vendor: Qualcomm Incorporated WWW: www.qualcomm.com Severity: can give users remote shell with gid=mail. Author: prizm [email protected]...
Sun Solaris 7.0 - rpc.ttdbserver Denial of Service
Sun Solaris 7.0 - rpc.ttdbserver Denial of Service // source: https://www.securityfocus.com/bid/811/info It is possible to crash rpc.ttdbserver by using the old tddbserver buffer overflow exploit. This problem is caused by a NULL pointer being dereferenced when rpc function 15 is called with...
SDI.exploit4.proftpd.txt
From: Bugtraq List [email protected] on behalf of Thiago/c0nd0r [email protected] Sent: Wednesday, September 15, 1999 12:31 PM To: [email protected] Subject: SDI anonymous remote exploit for proftpd Hello, I've seen some discussion about the possibility of exploit the newest proft...
ipop2d.txt
Vulnerable Program: POP2 shipped with imap-4.4 package Platforms: Linux Impact: Remote users can spawn a shell with uid of user "nobody" Reported Initally: Chris Evans Exploit Code: bind Details: -------- POP-2 supports anonymous proxy service where remote users can connect to remote imap servers...
IMAP pop-2d POP Daemon FOLD Command Remote Overflow
There is a buffer overflow in the imap suite provided with Debian GNU/Linux 2.1, which has a vulnerability in its POP-2 daemon, found in the ipopd package. This vulnerability allows an attacker to gain a shell as user 'nobody', but requires the attacker to have a valid pop2 account. C Tenable...
[SECURITY] New version if ipopd prevents exploit
We have received reports that the version of the imap suite in Debian GNU/Linux 2.1 has a vulnerability in its POP-2 daemon, which can be found in the ipopd package. Using this vulnerability it is possible for remote users to get a shell as user "nobody" on the server. We recommend you upgrade yo...