AST-2011-006: Asterisk Manager User Shell Access

Asterisk Project Security Advisory - AST-2011-006 Product Asterisk Summary Asterisk Manager User Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known Yes Reported On February 10, 2011 Reported By Mark Murawski markm AT...

CMS Lokomedia 1.5 arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

CMS Lokomedia is a php-based content management system. CMS Lokomedia 1.5 arbitrary file upload vulnerability that could result in an attacker access to the web shell. +info: CMS Lokomedia 1.5 Arbitary file upload vulnerability Software: CMS Lokomedia Vendor: http://bukulokomedia.com/home Vuln...

TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)

Trustwave's SpiderLabs Security Advisory TWSL2011-002: Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways SMCD3G-CCR https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt Published: 2011-02-04 Version: 1.0 Vendor: Comcast http://comcast.com and SMC http://www.smc.com Product:...

NetLink Shell Upload

====================================== NetLink Remote Arbitrary File Upload Vulnerability Download: http://sourceforge.net/projects/kp-netlink/ by lumut-- Homepage: lumutcherenza.biz ====================================== upload.php "; echo ""; echo "Filename: ".$filename; echo "File Type:...

Facebook Political Action SQL Injection

==================================================== FaceBook's servers was hacked again by Inj3ct0r Team ==================================================== Part 1 Original: http://inj3ct0r.com/exploits/11638 Part 2 Original: http://inj3ct0r.com/exploits/13403 + English translation Inj3ct0r...

FreeBSD : bugzilla -- information disclosure (f1331504-8849-11df-89b8-00151735203a)

A Bugzilla Security Advisory reports : - Normally, information about time-tracking estimated hours, actual hours, hours worked, and deadlines is restricted to users in the 'time-tracking group'. However, any user was able, by crafting their own search URL, to search for bugs based using those...

CentOS 4 : mysql (CESA-2010:0110)

Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server...

Upload-Point 1.6 Beta - Arbitrary File Upload

Upload-Point 1.6 Beta - Arbitrary File Upload ======================================================================================== $ | Title : Upload-Point 1.6 Beta pload Shell Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El...

Nuggetz CMS 1.0 Code Execution

Remote Code Execution in Nuggetz CMS 1.0 Name Remote Code Execution in Nuggetz CMS Systems Affected Nuggetz CMS 1.0 site http://www.nuggetz.co.uk/ Author Amol Naik amolnaik4atgmail.com Date 10/12/2009 OVERVIEW Nuggetz CMS 1.0 is vulnerable to Remote Code Execution. Technical Details Vulnerable...

GuardianOS Privilege Escalation

Device: Snap Server 410 OS: GuardianOS 5.1.041 Description: When logged in to CLI via ssh as admin uid=1 you can escalate your privileges to uid 0 and get /bin/sh. In order to achieve this open 'less' which is available as default for viewing files ie. less /tmp/top.log and type in '!/bin/sh'. Th...

NetAccess IP3 (ping option) Command Injection Vulnerability (auth)

Exploit for hardware platform in category local exploits ================================================================== NetAccess IP3 ping option Command Injection Vulnerability auth ================================================================== NetAccess IP3 - Force into shell By: r00t...

Audio Lib Player Buffer Overflow

Audio Lib Player m3u SEH overwrite product: http://www.toocharger.com/telecharger/logiciels/audio-lib-player/19056.htm Usage: Create playlist, load exploit.m3u and connect to shell on port 4444 $ nc 192.168.1.131 4444 Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft Corp...

eZoneScripts Hotornot2 Bypass

Hotornot2 Script Remote apload Admin Bypass Vulnerability ===== ++ by sniper code++============================================ Author : sniper code S.C.T-443 website : www.sec-code.com...

Mandriva Update for postgresql MDKSA-2007:188 (postgresql)

Check for the Version of postgresql OpenVAS Vulnerability Test Mandriva Update for postgresql MDKSA-2007:188 postgresql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

win32 telnetbind by winexec 111 bytes

No description provided by source. ; payload:add admin acount & Telnet Listening ; Author: DATASNIPER ; size:111 bytes ; platform:WIN32/XP SP2 FR ; thanks:Arab4services team & AT4RE Team ; more info: visit my blog http://datasniper.arab4services.net ; The Sh3llcode: ;...

win32 telnetbind by winexec 111 bytes

win32 telnetbind by winexec 111 bytes. Shellcode exploit for win32 platform ; payload:add admin acount & Telnet Listening ; Author: DATASNIPER ; size:111 bytes ; platform:WIN32/XP SP2 FR ; thanks:Arab4services team & AT4RE Team ; more info: visit my blog http://datasniper.arab4services.net ; The...

Built2Go PHP Link Portal 1.95.1 Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ================================================================ Built2Go PHP Link Portal 1.95.1 Remote File Upload Vulnerability ================================================================ Built2Go PHP Link Portal v1.95.1 RFU...

apcupsd overflows

The remote apcupsd, according to its version number, is vulnerable to a buffer overflow which could allow an attacker to gain a root shell on this host. OpenVAS solely relied on the version number of the remote server, so this might be a false positive OpenVAS Vulnerability Test $Id:...

FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:22.openssh.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

atmail-disclose.txt

!/usr/bin/perl LEGAL: Permission is granted to freely reproduce this document in its entirety under the condition that the contents are not altered in any way. milw0rm IS permitted to add their standard footer: // milw0rm.com / date Permission to view or reproduce this file is NOT granted to any...