Mandrake Linux Security Advisory : imap (MDKSA-2001:054)

Several buffer overflow vulnerabilities have been found in the UW-IMAP package by the authors and independent groups. These vulnerabilities can be exploited only once a user has authenticated which limits the extent of the vulnerability to a remote shell with that user's permissions. On systems...

[Full-Disclosure] [VSA0402] OpenFTPD format string vulnerability

VSA0402 - openftpd - void.at security notice Overview ======== We have discovered a format string vulnerability in openftpd http://www.openftpd.org:9673/openftpd. OpenFTPD is a free, open source FTP server implementation for the UNIX platform. FTP4ALL is not vulnerable it doesnt use that message...

MS Windows 2000 Universal Language Utility Manager Exploit (MS04-019)

Exploit for unknown platform in category local exploits ===================================================================== MS Windows 2000 Universal Language Utility Manager Exploit MS04-019 ===================================================================== / COROMPUTER2004 Crpt Utility...

Microsoft Windows Server 2000 - Utility Manager Privilege Escalation (MS04-019)

Microsoft Windows Server 2000 - Utility Manager Privilege Escalation MS04-019 //by Cesar Cerrudo sqlsec at yahoo.com //Local elevation of priviliges exploit for Windows 2K Utility Manager second one!!!! //Gives you a shell with system privileges //If you have problems try changing Sleep values...

MS Windows 2000 Utility Manager Privilege Elevation Exploit (MS04-019)

Exploit for unknown platform in category local exploits ====================================================================== MS Windows 2000 Utility Manager Privilege Elevation Exploit MS04-019 ====================================================================== //by Cesar Cerrudo sqlsec at...

Microsoft Internet Explorer - Remote Application.Shell

function InjectedDuringRedirection showModalDialog'md.htm',window,"dialogTop:-10000;dialogLeft:-10000;dialogHeight:1; dialogWidth:1;".location="vbscript:"""; setTimeout"myiframe.execScriptInjectedDuringRedirection.toString",100; setTimeout"myiframe.execScript'InjectedDuringRedirection' ",101;...

UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit

Exploit for unix platform in category local exploits ========================================================= UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit ========================================================= / Exploit for /bin/mkdir Unix V7 PDP-11. mkdir has a buffer overflow...

W32.Dabber Worm Detection

The W32.Dabber worm is listening on this port. W32.Dabber propagates by exploiting a vulnerability in the FTP server component of W32.Sasser.Worm and its variants. It installs a backdoor on infected hosts and tries to listen on port 9898. If the attempt fails, it tries to listen on ports 9899...

Microsoft Windows Utility Manager - Local Privilege Escalation (MS04-011)

Microsoft Windows Utility Manager - Local Privilege Escalation MS04-011 // By Cesar Cerrudo cesar appsecinc com // Local elevation of priviliges exploit for Windows Utility Manager // Gives you a shell with system privileges // If you have problems try changing Sleep values. include include inclu...

Microsoft Windows Utility Manager - Local Privilege Escalation (MS04-011)

// By Cesar Cerrudo cesar appsecinc com // Local elevation of priviliges exploit for Windows Utility Manager // Gives you a shell with system privileges // If you have problems try changing Sleep values. include include include include int mainint argc, char argv HWND lHandle, lHandle2; POINT...

DreamFTP Server username Remote Format String

The remote DreamFTP server is vulnerable to a format string attack when processing the USER command. An attacker may exploit this flaw to gain a shell on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12086; scriptcveid"CVE-2004-2074"; scriptbugtraqid9800;...

Oracle Database 9i Multiple Functions Local Overflow

The remote Oracle Database, according to its version number, is vulnerable to a buffer overflow in the query SET TIMEZONE. An attacker with a database account may use this flaw to gain the control on the whole database, or even to obtain a shell on this host. %NASLMINLEVEL 70300 C Tenable Network...

Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit

No description provided by source. / \ exploit code for modgzip with debugmode = 1.2.26.1a / \ Created by xCrZx crazyeinstein yahoo com /05.06.03/ / \ Tested on RedHat 8.0 Psyche here is target for it, / also tested on FreeBSD 4.7 1.3.19.2a here is no target for it : / \ / / \ / Single mode: \ /...

Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Overflow

Apache modgzip with debugmode 1.2.26.1a - Remote Overflow / \ exploit code for modgzip with debugmode include includ...

Effect Office 2.9 buffer overflow

Слышал когда нить о такоя проге как "Эффект офисEffectOffice"..... http://www.effectoffice.com/ Это система документа оборота от компании "Гарант Интернэшнел" и она используется многими организациями для "Эффективного" документаоборота организацииМы её хотели себе ставить.... Дык вот к чему енто...

Console Root On OSX up to 10.2.8

On all versions of OSX up to and including 10.2.7 and possibly 10.2.8, init can be crashed using a USB keyboard by holding down CTRL-C immediately after boot, and keeping it held down. Init crashes two or three minutes into the boot process and drops you into a root shell. At this point, you can ...

WU-FTPD fb_realpath() Function Off-by-one Overflow

The remote WU-FTPD server seems to be vulnerable to an off-by-one overflow when dealing with huge directory structures. An attacker may exploit this flaw to obtain a shell on this host. Note that Nessus has solely relied on the banner of the remote server to issue this warning so it may be a...

CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)

No description provided by source. / ===================================== CCBILL CGI Remote Exploit for /ccbill/whereami.cgi By: Knight420 7/07/03 spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid C COPYRIGHT Blue Ballz , 2003 all...

Yahoo Messenger 5.5 - DSR-ducky.c Remote Overflow

Yahoo Messenger 5.5 - DSR-ducky.c Remote Overflow / --- Remote yahoo Messenger V5.5 exploiter on Windows XP --- Dtors Security Research DSR Code by: Rave The buffer looks like this |- ^^ / include include include include include / These are the usual header files / include include include define...

Dune Web Server GET Request Remote Overflow

The remote host is running a version of the Dune Web server that is older than 0.6.8. There is a flaw in this software that could be exploited by an attacker to gain a shell on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...