CVE-2011-1356

IBM WebSphere Application Server WAS 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local users to obtain sensitive stack-trace information via a crafted Administration Console request...

HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53. By sending a request containing a cookie longer than 5120 bytes, an attacker can overflow a stack buffer and execute arbitrary code. The vulnerable code is within the OvWwwDebug function. The static-sized stack...

Motorola SB5101 Hax0rware Rajko HTTPd Remote Proof Of Concept

!/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB5101 Hax0rware Rajko HttpD Remote...

Motorola SB5101 Hax0rware Rajko HTTPd - Remote Denial of Service (PoC)

Motorola SB5101 Hax0rware Rajko HTTPd - Remote Denial of Service PoC !/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32...

500page.jsp Improvements

Some further improvements to the 500page.jsp: The following should not appear if there is no stack trace: quote Cause Stack Trace:hide quote \ \ Stack trace should not appear if the user triggering the page is anonymous user Changes to this sentence below: quote"Your Confluence administrator can...

500page.jsp Improvements

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-19601. panel Some further improvements to the 500page.jsp: The following should not appear if there is no stack trace: quote...

500page.jsp Improvements

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-19601. panel Some further improvements to the 500page.jsp: The following should not appear if there is no stack trace: quote Cau...

CVE-2010-0572

Cisco Digital Media Manager DMM before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a 1 error log or 2 stack trace, aka Bug ID CSCtc46050...

Design/Logic Flaw

Cisco Digital Media Manager DMM before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a 1 error log or 2 stack trace, aka Bug ID CSCtc46050...

CVE-2010-0572

Cisco Digital Media Manager DMM before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a 1 error log or 2 stack trace, aka Bug ID CSCtc46050...

Eclipse BIRT <= 2.2.1 xss

Exploit for unknown platform in category web applications ========================= Eclipse BIRT &r=-703171660 HTTP/1.1 Host: localhost:8780 User-Agent: Mozilla/5.0 Windows; U; Windows NT 5.1; en-US; rv:1.8.1.18 Gecko/20081029 Firefox/2.0.0.18 Accept:...

Eclipse BIRT 2.2.1 Cross Site Scripting

Eclipse BIRT &r=-703171660 HTTP/1.1 Host: localhost:8780 User-Agent: Mozilla/5.0 Windows; U; Windows NT 5.1; en-US; rv:1.8.1.18 Gecko/20081029 Firefox/2.0.0.18 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,/;q=0.5 Accept-Language: en-us,en;q=0.5...

[AntiSnatchOr] Eclipse BIRT &lt;= 2.2.1 Reflected XSS

Eclipse BIRT = 2.2.1 Reflected XSS Vendor: Eclipse Advisory: http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss/ Author: Michele "euronymous" Orr euronymous AT antisnatchor DOT com Quite a common problem in a lot of Java based applications: reflected XSS in Java stack trace. A Reflecte...

Mozilla Firefox (unclamped loop) Denial of Service Exploit

Exploit for multiple platform in category dos / poc ========================================================== Mozilla Firefox unclamped loop Denial of Service Exploit ========================================================== From the low-hanging-fruit-department Firefox et al. Denial of Service...

ClassCastException reported when stopping JIRA

When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...

ClassCastException reported when stopping JIRA

When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...

Deleting user does not remove the user from a permission scheme

If a single user is added to a permission in a permission scheme, deleting this user will not remove him/her from the permission scheme. This results in stack traces in the logs such as: noformat 2007-02-14 14:10:57,882 WARN atlassian.jira.scheme.AbstractSchemeManager 'fred' is not a valid user...

Sun Solaris畸形ICMP报文远程拒绝服务漏洞

Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris 10 ICMP报文处理过程实现上存在安全漏洞，远程非特权用户可能利用此漏洞导致拒绝服务（DoS）。 如果触发了上述漏洞，系统可能变得忙碌，栈追踪类似于： ip:illrefrele+0x80x0, 0x0, 0x0, 0x1010 ip:ipoutput+0x149c0x0?, 0x6000864f2c0?, 0x60001bcede0?, , 0x2 ip:ipwput0x60001bcede0, 0x600053ac140 - frame recycled...

CVE-2006-2471

Multiple vulnerabilities in BEA WebLogic Server 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 leak sensitive information to remote attackers, including 1 DNS and IP addresses to address to T3 clients, 2 internal sensitive information using GetIORServlet, 3 certain "server details" in...