106 matches found
CVE-2010-2265
Cross-site scripting XSS vulnerability in the GetServerName function in sysinfo/commonFunc.js in Microsoft Windows Help and Support Center for Windows XP and Windows Server 2003 allows remote attackers to inject arbitrary web script or HTML via the svr parameter to sysinfo/sysinfomain.htm. NOTE:...
Cross site scripting
Cross-site scripting XSS vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via 1 the fn parameter during a dload action, 2 the mask parameter during a search action, and 3 the tab parameter during a sysinfo...
Magnicomp SysInfo Version Detection
Binary data 4240.prm...
MagniComp SysInfo Agent Accessible
The MagniComp SysInfo agent on the remote host allows the Nessus server to retrieve information about the system's assets and configuration, which could help an attacker plan more focused attacks against the affected host. C Tenable Network Security, Inc. include"compat.inc"; if description...
Solaris 10 x86/sparc sysinfo Kernel Memory Disclosure Exploit
Exploit for solaris platform in category local exploits ============================================================= Solaris 10 x86/sparc sysinfo Kernel Memory Disclosure Exploit ============================================================= / 07/2006: public release SPARC Solaris 10 without...
Solaris 10 (SPARC/x86) - sysinfo Kernel Memory Disclosure
/ 07/2006: public release SPARC Solaris 10 without 118833-09 x86 Solaris 10 without 118855-06 Solaris sysinfo Kernel Memory Disclosure By qaaz / include include include include include include define PAGECOUNT 1000 int mainint argc, char argv char buf, end; int pg = PAGECOUNT, pagesz, bufsz;...
Solaris 10 (SPARCx86) - sysinfo Kernel Memory Disclosure
Solaris 10 SPARCx86 - sysinfo Kernel Memory Disclosure / 07/2006: public release SPARC Solaris 10 without 118833-09 x86 Solaris 10 without 118855-06 Solaris sysinfo Kernel Memory Disclosure By qaaz / include include include include include include define PAGECOUNT 1000 int mainint argc, char argv...
sysinforaptor.txt
/ $Id: raptorsysinfo.c,v 1.2 2006/08/22 13:47:54 raptor Exp $ raptorsysinfo.c - Solaris sysinfo2 kernel memory leak Copyright c 2006 Marco Ivaldi systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1...
Solaris 10 sysinfo(2) Local Kernel Memory Disclosure Exploit
Exploit for solaris platform in category local exploits ============================================================ Solaris 10 sysinfo2 Local Kernel Memory Disclosure Exploit ============================================================ / $Id: raptorsysinfo.c,v 1.2 2006/08/22 13:47:54 raptor Exp ...
Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)
Solaris 10 sysinfo2 - Local Kernel Memory Disclosure 2 / $Id: raptorsysinfo.c,v 1.2 2006/08/22 13:47:54 raptor Exp $ raptorsysinfo.c - Solaris sysinfo2 kernel memory leak Copyright c 2006 Marco Ivaldi systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count...
Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)
/ $Id: raptorsysinfo.c,v 1.2 2006/08/22 13:47:54 raptor Exp $ raptorsysinfo.c - Solaris sysinfo2 kernel memory leak Copyright c 2006 Marco Ivaldi systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1...
CVE-2006-3824
systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness...
CVE-2006-3824
systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness...
Solaris <= 10 sysinfo() Local Kernel Memory Disclosure Exploit
Exploit for solaris platform in category local exploits ============================================================== Solaris include include include define bufsize 1294967293 int mainint argc,char argv int fd; ssizet out; char outputbuffer; ifargc \n"; exit1; printf" Solaris = 10 sysinfo kernel...
Solaris 10 - sysinfo() Local Kernel Memory Disclosure (1)
Solaris 10 - sysinfo Local Kernel Memory Disclosure 1 / Sun Microsystems Solaris sysinfo Kernel Memory Disclosure exploit =================================================================== Local exploitation of an integer overflow vulnerability in Sun Microsystems Inc. Solaris allows attackers t...
CVE-2006-1832
sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action...
CVE-2006-1832
sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action...
CVE-2006-1831
CVE-2006-1831 : Direct static code injection in Sysinfo’s web interface. Sysinfo.cgi in sysinfo 1.21 and potentially versions before 2.25 allows remote command execution via a leading semicolon in the name parameter of a systemdoc action, which is injected into phpinfo.php. Affected: Sysinfo web-...
CVE-2006-1832
CVE-2006-1832 affects sysinfo.cgi in sysinfo 1.21, allowing remote attackers to obtain the installation path via the debugger action. The available sources describe the affected component and the exposure but do not provide a public fix or remediation details. There is no explicit exploit code or...
Sysinfo name Parameter Arbitrary Code Execution
The remote host is running Sysinfo, a web-based system monitor. The version of Sysinfo installed on the remote host fails to sanitize user-supplied input to the 'name' parameter before passing it to a shell for execution. An unauthenticated attacker may be able to exploit this issue to execute...