321 matches found
M4 Project enigma-suite unauthorized access
"enigma-client" / "nominal" system account is created dusring installation...
On WEBSHELL to elevate privileges to the point of experience-vulnerability warning-the black bar safety net
| --- | Many newcomers in the use of servu elevation of Privilege will encounter many problems, such as the default local administrator Password changed, ws, etc. the cmd is disabled, or the site root directory there is no permission to run! Many Novices will be sent to the discard, Oh, actually...
CVE-2001-1514
ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to 1 child processes created with and 2 child processes that call the CreateProcess function and are executed with or end with the CFX extension...
CVE-2001-1514
CVE-2001-1514 affects ColdFusion 4.5 and 5 on Windows when the advanced security sandbox type is set to operating system. The issue is that security context is not properly passed to child processes created with or to those that call CreateProcess and are run via or end with the CFX extension, ...
Microsoft Windows - Improper Token Validation Privilege Escalation
Microsoft Windows - Improper Token Validation Privilege Escalation / Removed include "stdafx.h" / str0ke / include include define INFOBUFFERSIZE MAXCOMPUTERNAMELENGTH + 1 define PATHSIZE INFOBUFFERSIZE + MAXPATH + 4 typedef UINT WINAPI PFnMsiInstallProductLPCSTR szPackagePath, LPCSTR szCommandLin...
MS Windows Improper Token Validation Local Exploit (working)
Exploit for unknown platform in category local exploits ============================================================ MS Windows Improper Token Validation Local Exploit working ============================================================ / Removed include "stdafx.h" / str0ke / include include defi...
Microsoft Windows - Improper Token Validation Privilege Escalation
/ Removed include "stdafx.h" / str0ke / include include define INFOBUFFERSIZE MAXCOMPUTERNAMELENGTH + 1 define PATHSIZE INFOBUFFERSIZE + MAXPATH + 4 typedef UINT WINAPI PFnMsiInstallProductLPCSTR szPackagePath, LPCSTR szCommandLine; int mainint argc, char argv HANDLE hToken,hThread; HMODULE hMsi ...
Protector System 1.15 - blocker_query.php Multiple Cross-Site Scripting Vulnerabilities
Protector System 1.15 - blockerquery.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/10206/info Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection...
ISS multiple products SMB parsing buffer overflow
Remote buffer overflow during SMB parsing leads to system account compromise...
CVE-2003-0998
Unknown "potential system security vulnerability" in Computer Associates CA Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account...
Symantec pcAnywhere privelege escalation
It's possible to obtains system account privileges via help...
Buffer overflow in MySQL
Product : MySQL Date : 10/09/2003 Author : Frank Denis [email protected] ------------------------ Product description ------------------------ From the web site : MySQL is the world's most popular open source database, recognized for its speed and reliability. Today MySQL is the most popular open...
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 2 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 1 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)
// source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no attention to the name, long...
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)
// source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no attention to the name, long...
Default Password (manager) for 'system' Account
The account 'system' has the password 'manager'. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "system"; password = "manager"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11257;...
wp-02-0003: MySQL Locally Exploitable Buffer Overflow
Westpoint Security Advisory Title: MySQL Locally Exploitable Buffer Overflow Risk Rating: Medium Software: mySQL Database v3.23.49-nt Platforms: Win32 other platforms not tested Vendor URL: www.mysql.com Author: Matt Moore [email protected] Date: 1st October 2002 Advisory ID: wp-02-0003 CVE...
Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A)
NGSSoftware Insight Security Research Advisory Name: Arbitrary Command Execution on SQL Server 2000 Systems: Microsoft SQL Server 2000 SP 2 Severity: High Risk for Distributor servers Category: Arbitrary Command Execution Vendor URL: http://www.microsoft.com/ Author: David Litchfield...
zen25-hole.txt
Date: Wed, 29 Jul 1998 18:02:07 +1100 From: Dave Cottle Subject: ALERT: security hole in zen 2.5 client for NT 4.0 This was passed to Novell last week. here are the details: Situation: NT 4.0 Workstation Service Pack 3 ZEN Client 2.5 installed connecting to a NW 4.11 server Security Hole: using t...