Lucene search
K

1904 matches found

Exploit DB
Exploit DB
added 2003/01/15 12:0 a.m.43 views

GLIBC locale - Format Strings

/ su.c by xp, modified by logikal@efnet - tested on redhat 5 - 7 / include include include include include include include include char shellcode = "\x31\xc0\x83\xc0\x17\x31\xdb\xcd\x80\xeb" "\x30\x5f\x31\xc9\x88\x4f\x17\x88\x4f\x1a" "\x8d\x5f\x10\x89\x1f\x8d\x47\x18\x89\x47"...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/01/08 12:0 a.m.96 views

Directory traversal bug in Communigate Pro 4's Webmail service

Directory traversal bug in Communigate Pro 4.0b to 4.0.2 -------------------------------------------------------- Overview -------- When experimenting a bit with Communigate Pro's webmail service I found a directory traversal bug by which attackers can read any file readable by the user Communiga...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/05 12:0 a.m.34 views

MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (2)

/ source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration problem has been reported in the Windows binary release of MySQL. Reportedly,...

7.4AI score
Exploits0
CERT
CERT
added 2002/09/26 12:0 a.m.32 views

zml.cgi does not adequately validate user input thereby allowing directory traversal

Overview zml.cgi does not adequately validate user input, allowing for directory traversal out of the web root directory. Description The perl script zml.cgi reads and parses a file on the server, executing certain Server Side Include SSI directives found in the file. The script accepts a CGI...

5CVSS6AI score0.08037EPSS
Exploits1References2
exploitpack
exploitpack
added 2002/09/13 12:0 a.m.13 views

BRU 17.0 - XBRU Insecure Temporary File

BRU 17.0 - XBRU Insecure Temporary File source: https://www.securityfocus.com/bid/5708/info BRU is a backup and restore utility distributed by The Tolis Group. This problem affects the utility on the Linux platform. xbru does not properly check for the existence of temporary files prior to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.29 views

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration (1)

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration 1 / source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/19 12:0 a.m.46 views

MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (1)

/ source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration problem has been reported in the Windows binary release of MySQL. Reportedly,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/04/11 12:0 a.m.14 views

OpenBSD 2.93.0 - Default Crontab Root Command Injection

OpenBSD 2.93.0 - Default Crontab Root Command Injection / source: https://www.securityfocus.com/bid/4495/info OpenBSD ships with a number of cron jobs configured by default. The tasks are for the purpose of summarizing system information. The mail1 utility is used to send the summaries to the roo...

Exploits0
securityvulns
securityvulns
added 2002/03/11 12:0 a.m.35 views

GNU fileutils - recursive directory removal race condition

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: fileutils Version: 4.1 stable and 4.1.6 development version Homepage: http://www.gnu.org/software/fileutils/fileutils.html Author: Wojciech Purczynski [email protected] Date: March 10, 2002 Issue: ====== Race condition in various utilities from...

7AI score
Exploits0
CVE
CVE
added 2002/02/02 5:0 a.m.43 views

CVE-2001-0968

Knox Arkeia server 4.2 (and possibly other versions) installs its root user with a null password by default, enabling privilege escalation for local and remote users. The available documents describe the vulnerable condition but do not specify patches or fixes. No explicit exploit details or reme...

10CVSS7.4AI score0.0216EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2002/01/25 12:0 a.m.32 views

rsync 2.3/2.4/2.5 - Signed Array Index Remote Code Execution

// source: https://www.securityfocus.com/bid/3958/info A vulnerability exists within some versions of rsync. Under some circumstances, a remotely supplied signed value is used as an array index, allowing NULL bytes to be written to arbitrary memory locations. Exploitation of this vulnerability...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2002/01/18 12:0 a.m.128 views

Solaris in.telnetd TTYPROMPT Buffer Overflow

漏洞描述:Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris 10的TELNET服务在处理畸形的认证数据时存在漏洞,远程攻击者可能利用此漏洞绕过认证获得访问。 Solaris...

10CVSS6.3AI score0.97848EPSS
Exploits39
CVE
CVE
added 2001/09/12 4:0 a.m.55 views

CVE-1999-1394

CVE-1999-1394 : BSD 4.4–based operating systems running at security level 1 allow the root user to clear immutable/append-only flags on files by unmounting the filesystem and using a filesystem editor (e.g., fsdb) to modify a device directly. The description does not specify affected products, ve...

2.1CVSS7.1AI score0.00609EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.21 views

CVE-1999-1394

BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device...

6.7AI score0.00609EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/09/12 12:0 a.m.26 views

security alert: speechd from speechio.org

this is my first post in this kin of thing so bare with me. there is a vulnerability in speechd that alllows you to run arbetrary code as the root user or whoever is running speechd hopefully not root!. it will only work if you are using rsynth, that is all i have tested, it may work on festival...

2AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2001/07/23 12:0 a.m.8 views

FreeBSD-SA-01:49.telnetd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:49 Security Advisory FreeBSD, Inc. Topic: telnetd contains remote buffer overflow Category: core Module: telnetd Announced: 2001-07-23 Revised: 2001-07-27 Credits:...

6.3AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2001/03/12 12:0 a.m.8 views

FreeBSD-SA-01:23.icecast

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:23 Security Advisory FreeBSD, Inc. Topic: icecast port contains remote vulnerability Category: ports Module: icecast Announced: 2001-03-12 Credits: |CyRaX| Affects: Ports...

6.3AI score
Exploits0
Debian
Debian
added 2001/03/07 1:34 a.m.24 views

[SECURITY] [DSA-032-1] proftp runs as root, /var symlink removal

Package: proftpd Vulnerability: proftpd running as root, /var symlink removal Debian-specific: yes The following problems have been reported for the version of proftpd in Debian 2.2 potato: 1. There is a configuration error in the postinst script, when the user enters yes, when asked if anonymous...

5.9AI score
Exploits0
securityvulns
securityvulns
added 2001/01/16 12:0 a.m.25 views

mysqld log file

Tested on Red Hat 7.0: narrow@tornado /$ cat /var/log/mysqld.log | grep "Password=PASSWORD" 001225 21:08:18 7 Query UPDATE user SET Password=PASSWORD'rewt' WHERE user='root' narrow@tornado /$ Here we have the password for user 'root'. -- Narrow - [email protected] - http://www.zone.ee/unix/ - Esto...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2000/11/21 12:0 a.m.28 views

vixie-cron - Local Privilege Escalation

vixie-cron - Local Privilege Escalation !/bin/sh echo '.-------------------------------------------------------------------------.' echo '| Marchew Hyperreal Industries ................... |' echo "| ...well, it is just me, but it is more elite to speak as a group... |" echo...

0.5AI score
Exploits0
Rows per page
Query Builder