Lucene search
+L

321 matches found

securityvulns
securityvulns
added 2006/03/01 12:0 a.m.34 views

M4 Project enigma-suite unauthorized access

"enigma-client" / "nominal" system account is created dusring installation...

3.7AI score
Exploits0References1Affected Software1
myhack58
myhack58
added 2005/11/15 12:0 a.m.89 views

On WEBSHELL to elevate privileges to the point of experience-vulnerability warning-the black bar safety net

| --- | Many newcomers in the use of servu elevation of Privilege will encounter many problems, such as the default local administrator Password changed, ws, etc. the cmd is disabled, or the site root directory there is no permission to run! Many Novices will be sent to the discard, Oh, actually...

6.7AI score
Exploits0
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.22 views

CVE-2001-1514

ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to 1 child processes created with and 2 child processes that call the CreateProcess function and are executed with or end with the CFX extension...

7AI score0.01422EPSS
Exploits0References1
CVE
CVE
added 2005/07/14 4:0 a.m.51 views

CVE-2001-1514

CVE-2001-1514 affects ColdFusion 4.5 and 5 on Windows when the advanced security sandbox type is set to operating system. The issue is that security context is not properly passed to child processes created with or to those that call CreateProcess and are run via or end with the CFX extension, ...

10CVSS7.4AI score0.01422EPSS
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2005/01/11 12:0 a.m.9 views

Microsoft Windows - Improper Token Validation Privilege Escalation

Microsoft Windows - Improper Token Validation Privilege Escalation / Removed include "stdafx.h" / str0ke / include include define INFOBUFFERSIZE MAXCOMPUTERNAMELENGTH + 1 define PATHSIZE INFOBUFFERSIZE + MAXPATH + 4 typedef UINT WINAPI PFnMsiInstallProductLPCSTR szPackagePath, LPCSTR szCommandLin...

0.7AI score
Exploits0
0day.today
0day.today
added 2005/01/11 12:0 a.m.21 views

MS Windows Improper Token Validation Local Exploit (working)

Exploit for unknown platform in category local exploits ============================================================ MS Windows Improper Token Validation Local Exploit working ============================================================ / Removed include "stdafx.h" / str0ke / include include defi...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2005/01/11 12:0 a.m.44 views

Microsoft Windows - Improper Token Validation Privilege Escalation

/ Removed include "stdafx.h" / str0ke / include include define INFOBUFFERSIZE MAXCOMPUTERNAMELENGTH + 1 define PATHSIZE INFOBUFFERSIZE + MAXPATH + 4 typedef UINT WINAPI PFnMsiInstallProductLPCSTR szPackagePath, LPCSTR szCommandLine; int mainint argc, char argv HANDLE hToken,hThread; HMODULE hMsi ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/04/23 12:0 a.m.17 views

Protector System 1.15 - blocker_query.php Multiple Cross-Site Scripting Vulnerabilities

Protector System 1.15 - blockerquery.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/10206/info Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection...

7AI score
Exploits0
securityvulns
securityvulns
added 2004/02/27 12:0 a.m.32 views

ISS multiple products SMB parsing buffer overflow

Remote buffer overflow during SMB parsing leads to system account compromise...

5.5AI score
Exploits0References2Affected Software2
NVD
NVD
added 2004/01/05 5:0 a.m.17 views

CVE-2003-0998

Unknown "potential system security vulnerability" in Computer Associates CA Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account...

4.6CVSS6.8AI score0.00374EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/11/14 12:0 a.m.28 views

Symantec pcAnywhere privelege escalation

It's possible to obtains system account privileges via help...

3.4AI score
Exploits0References2
securityvulns
securityvulns
added 2003/09/11 12:0 a.m.37 views

Buffer overflow in MySQL

Product : MySQL Date : 10/09/2003 Author : Frank Denis [email protected] ------------------------ Product description ------------------------ From the web site : MySQL is the world's most popular open source database, recognized for its speed and reliability. Today MySQL is the most popular open...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2003/07/08 12:0 a.m.52 views

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 2 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...

7.2CVSS0.6AI score0.04858EPSS
Exploits7
exploitpack
exploitpack
added 2003/07/08 12:0 a.m.43 views

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 1 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...

7.2CVSS0.6AI score0.04858EPSS
Exploits7
Exploit DB
Exploit DB
added 2003/07/08 12:0 a.m.48 views

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)

// source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no attention to the name, long...

7.2CVSS6.5AI score0.04858EPSS
Exploits7
Exploit DB
Exploit DB
added 2003/07/08 12:0 a.m.38 views

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)

// source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no attention to the name, long...

7.2CVSS6.5AI score0.04858EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2003/02/20 12:0 a.m.43 views

Default Password (manager) for 'system' Account

The account 'system' has the password 'manager'. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "system"; password = "manager"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11257;...

7.5CVSS8.2AI score0.53618EPSS
Exploits41References1
securityvulns
securityvulns
added 2002/10/03 12:0 a.m.44 views

wp-02-0003: MySQL Locally Exploitable Buffer Overflow

Westpoint Security Advisory Title: MySQL Locally Exploitable Buffer Overflow Risk Rating: Medium Software: mySQL Database v3.23.49-nt Platforms: Win32 other platforms not tested Vendor URL: www.mysql.com Author: Matt Moore [email protected] Date: 1st October 2002 Advisory ID: wp-02-0003 CVE...

4.6CVSS2.3AI score0.01446EPSS
Exploits1
securityvulns
securityvulns
added 2002/08/23 12:0 a.m.25 views

Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A)

NGSSoftware Insight Security Research Advisory Name: Arbitrary Command Execution on SQL Server 2000 Systems: Microsoft SQL Server 2000 SP 2 Severity: High Risk for Distributor servers Category: Arbitrary Command Execution Vendor URL: http://www.microsoft.com/ Author: David Litchfield...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.35 views

zen25-hole.txt

Date: Wed, 29 Jul 1998 18:02:07 +1100 From: Dave Cottle Subject: ALERT: security hole in zen 2.5 client for NT 4.0 This was passed to Novell last week. here are the details: Situation: NT 4.0 Workstation Service Pack 3 ZEN Client 2.5 installed connecting to a NW 4.11 server Security Hole: using t...

7.4AI score
Exploits0
Rows per page
Query Builder