WMAPM 3.1 - Local Privilege Escalation

source: https://www.securityfocus.com/bid/8995/info wmapm has been reported prone to a local privilege escalation vulnerability. The vulnerability has been conjectured to result from a lack of relative path usage while the vulnerable dock app is invoking a third party binary. As a result of this,...

IBM DB2 - db2start Command Line Argument Local Overflow

IBM DB2 - db2start Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to...

wu-ftpd 2.6.2 Remote Denial Of Service Exploit (wuftpd-freezer.c)

Exploit for linux platform in category dos / poc ================================================================= wu-ftpd 2.6.2 Remote Denial Of Service Exploit wuftpd-freezer.c ================================================================= / c Rosiello Security Copyright Rosiello Security 20...

SBox 1.0.4 - Full Path Disclosure

source: https://www.securityfocus.com/bid/8705/info sbox has been reported prone to a path disclosure vulnerability. The issue has been reported to present itself when a HTTP request is made for a CGI resource that does not exist. sbox will reportedly return an error message that contains path...

MySQL 3.23.x/4.0.x - Remote Buffer Overflow

/ Mysql 3.23.x/4.0.x remote exploit proof of concept using jmp eax bkbll bkbll cnhonker.net,bkbll tom.com 2003/09/12 compile:gcc -o mysql mysql.c -L/usr/lib/mysql -lmysqlclient DO NOT DISTRUBITED IT / include include include include include include include include include define PAD 1942 define...

myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/8612/info myServer has been reported prone to a remote buffer overflow vulnerability. It is possible to trigger this issue by sending overly long values for URI parameters. Although unconfirmed, this vulnerability may be potentially exploited to execute...

ZoneAlarm remote Denial Of Service exploit

Overview : ZoneAlarm is a firewall software package designed for Microsoft Windows operating systems that blocks intrusion attempts, trusted by millions, and has advanced privacy features like worms, Trojan horses, and spyware protection. ZoneAlarm is distributed and maintained by Zone...

MOD Guthabenhack 1.3 For Woltlab Burning Board - SQL Injection

MOD Guthabenhack 1.3 For Woltlab Burning Board - SQL Injection source: https://www.securityfocus.com/bid/8321/info MOD Guthabenhack For Woltlab Burning Board reported prone to an SQL injection vulnerability. It has been reported that MOD Guthabenhack fails to sufficiently sanitize user input. It...

Xavi X7028r DSL Router - UPNP Long Request Denial of Service

Xavi X7028r DSL Router - UPNP Long Request Denial of Service source: https://www.securityfocus.com/bid/8252/info A problem has been reported in the handling of requests of excessive length placed to the service on port 280 by the Xavi X7028r DSL router. This may allow an attacker to crash a...

atomicboard 0.6.2 - Directory Traversal

source: https://www.securityfocus.com/bid/8236/info It has been reported that attackers may be able to modify the 'location' variable passed to the index.php file to cause the Web server to return arbitrary files. This script is prone to a directory traversal vulnerability, allowing attackers to...

Cisco IOS - IPv4 Packets Denial of Service

Cisco IOS - IPv4 Packets Denial of Service / ShadowChode - Cisco IOS IPv4 Packet Processing Denial of Service Exploit Ping target router/switch for TTL to host. Subtract that number from 255 and use that TTL on the command line. The TTL must equal 0 or 1 when it reaches the target. The target mus...

Cisco IOS - IPv4 Packets Denial of Service

/ ShadowChode - Cisco IOS IPv4 Packet Processing Denial of Service Exploit Ping target router/switch for TTL to host. Subtract that number from 255 and use that TTL on the command line. The TTL must equal 0 or 1 when it reaches the target. The target must accept packets to the given target...

Domain User Credentials access via OWA XSS

On my previous post about OWA XSS I talked about Cross Site Scripting in the attachment field of a mail. The XSS is not in the attachment, is in the body of the message. Sorry, I need to sleep... Please notice: not in the attachment, in the BODY. To make it clear to understand I have just publish...

ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection

source: https://www.securityfocus.com/bid/8105/info ProductCart has been reported prone to an SQL injection vulnerability that may be exploited to bypass the ProductCart authentication system and access the ProductCart administration panel; other attacks may also be possible...

OpenBSD 3.x - PF RDR Network Information Leakage

source: https://www.securityfocus.com/bid/8082/info OpenBSD PF is prone to an information leakage vulnerability when configured to redirect incoming traffic from standard ports to high ports. This occurs because PF responds different to packets destined for active private addresses than to those...

Microsoft Windows Media Services - Remote (MS03-022)

Microsoft Windows Media Services - Remote MS03-022 // Windows Media Services Remote Command Execution 2 // v. 1.0 beta // c firew0rker //tN The N0b0D1eS include include include ifdef WIN32 include pragma commentlib, "wsock32" else include include include include include include define SOCKET int...

OptiSwitch remote root compromise

Hello bugtraq : I've found bug in OptiSwitch 400 and 800 series, maybe another series : So abou t: then you connecting to the switch via telnet or console you may gain root acc ess pressing Crtl+C crcr so you will : Ok here is detailed information... Manufactor: MRV Communications, Inc...

Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection

Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection source: https://www.securityfocus.com/bid/7939/info An issue has been reported for Microsoft Internet Explorer that may result in HTML injection attacks. The vulnerability exists when IE is used to display custom HTTP error messages...

LedNews 0.7 Post Script - Code Injection

source: https://www.securityfocus.com/bid/7920/info It has been reported that LedNews does not properly filter input from news posts. Because of this, it may be possible for an attacker to steal authentication cookies or perform other nefarious activities...

MNOGoSearch 3.1.20 - search.cgi?UL Remote Buffer Overflow (2)

MNOGoSearch 3.1.20 - search.cgi?UL Remote Buffer Overflow 2 source: https://www.securityfocus.com/bid/7865/info mnoGoSearch 'search.cgi' has been reported prone to a buffer overflow vulnerability. The issue is a result of a lack of sufficient bounds checking performed on user-supplied URI...