TCPDB 3.8 - Remote Content Change Bypass Vulnerabilities

No description provided by source. Securitylab.ir Application Info: Name: TCPDB Version: 3.8 Website: http://www.tcpdb.com/ Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Remote Contents Change...

Golden FTP Server 4.70 - PASS Command Buffer Overflow Exploit

No description provided by source. GoldenFTP 4.70 PASS Exploit Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on XP SP3 Vendor Contacted: 1/17/2011 no response For this exploit to work correctly, you need to know the subnet that the server is running on. You also need ...

SHOUTcast Server <= 1.9.8/win32 - CSRF Vulnerability

No description provided by source. Exploit Title: HOUTcast Server Version = 1.9.8/win32 Cross Site Request Forgery. Date: 22/12/2009 Author: cp77fk4r | Empty0pagEShift+2gmail.comhttp://gmail.com Software Link: http://www.shoutcast.com/download Version: X = 1.9.8/win32 CSRF: Ban Single IP: Ex: IP:...

Really Simple IM 1.3beta DoS Proof of Concept

No description provided by source. !/usr/bin/python import socket import sys Bug found: 18th July 2010 DoS proof of concept Found by: loneferret Tested on Windows XP Professional SP2-SP3 & Windows XP Home SP3 Really Simple IM verion 1.3 beta Software: http://code.google.com/p/reallysimpleim/ Nods...

ISC-DHCPD Denial of Service

No description provided by source. ! /usr/bin/env python Exploit title: isc-dhcpd DoS Date: 03/07/2010 Author: sid Software Link: https://www.isc.org/software/dhcp Version: 4.0.x, 4.1.x, 4.2.x CVE: cve-2010-2156 ps: is possible make a bruteforce on subnet ip address to find a correct value. impor...

Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8397/info A problem has been identified in the RSVP Server for Microsoft Windows 2000 that may allow an attacker to hijack management of the network. This could allow an attacker control of network Quality of Service...

ISC DHCP dhclient < 3.1.2p1 Remote Buffer Overflow PoC

No description provided by source. / cve-2009-0692.c ISC DHCP dhclient 3.1.2p1 Remote Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 Stack-based buffer overflow in the scriptwriteparams method in...

CVE-2014-4167

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service IPv4 address attachment outage by attaching an IPv6 private subnet to a L3 router...

Mass Bleed 20140423

!/bin/bash massbleed.sh 20140423 by 1N3 http://treadstonesecurity.blogspot.ca Usage: sh massbleed.sh port proxy This script has four main functions with the ability to proxy all connections: 1. To mass scan any CIDR range for HeartBleed via port 443/tcp https example: sh massbleed.sh 192.168.0.0/...

SubSTATION Server Telegyr 8979 Master Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on July 15, 2014, and is being released to the NCCIC/ICS-CERT web site. Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a Buffer Overflow Vulnerability in the SUBNET Solutions Inc SUBNET,...

Loadbalancer.org Enterprise VA 7.5.2 - Static SSH Key Vulnerability

The Loadbalancer.org Virtual Appliance is a revolution in software load balancing. The software is simple to install on Windows, Mac & Linux and does not have any adverse effects on the host operating system. Details: ---------- 0x01 - SSH Private Key Loadbalancer.org Enterprise VA 7.5.2 contains...

DEBIAN-CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

Command injection

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

UBUNTU-CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to 1 an invalid subnet in a RPYSUBNETSACCESSED command to the handlesubnetsaccessed function or 2 a RPYCLIENTACCESSES command to the handleclientaccesses functi...

Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability

A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect FI devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the cluster initial...

CVE-2013-2788

The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote attackers to cause a denial of service unhandled exception and process crash via unspecified vectors...

CVE-2013-2788

The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote attackers to cause a denial of service unhandled exception and process crash via unspecified vectors...

CVE-2013-2788

CVE-2013-2788 affects SUBNET Solutions SubSTATION Server, specifically the DNP3 Slave service in versions 2.7.0033 and 2.8.0106. The root cause is improper input validation (CWE-20), allowing remote attackers to trigger an unhandled exception and cause a denial of service (process crash). Public ...