7196 matches found
win64 (URLDownloadToFileA) download and execute 218+ bytes
No description provided by source. ; ; dexec64.asm - 218+ bytes unoptimised ; ; Win64 asm code, download & execute file using URLDownloadToFileA moniker & WinExec ; ; tested on AMD64 running Windows x64 SP1 ; ; there probably are errors in the code, but this is more of an experimental source if...
ACMS vulnerability-vulnerability warning-the black bar safety net
A few days ago a friend asked me to help him dosecurity testing, his Station is ACMS information distribution system. I to the official down a set of ACMS to study. ACMS front Desk is by the back-end to generate the static page, there is no injection vulnerability. The background comes with the...
SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-007 Advisory Title: Microsoft Office Malformed String Parsing Vulnerability Author : Elia Florio / [email protected] Release Date :...
QTOFileManager.txt
-------------------------- Cross Site Scripting XSS -------------------------- http://target.xx/qtofm.php?delete=%3Cscript%3Ealert%22Ellipsis%20Security%20Test%22%3C/script%3E&u=username&pathext=1...
atutor153-xss-sql.txt
ATutor 1.5.3 http://www.atutor.ca -------------------------- Cross Site Scripting XSS -------------------------- http://target.xx/documentation/indexlist.php?lang="alert/EllipsisSecurityTest/ --- POST http://target.xx:80/registration.php?register=Register HTTP/1.0 Accept: / Content-Type:...
CentOS 3 : tar (CESA-2006:0195)
An updated tar package that fixes a path traversal flaw is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that...
gawab.txt
Script: Gawab.com Mail Services Portal System Version: ? Language: PHP Problem: Xss Vendor: http://www.HackMaster.Us Discovered by: rootterathackmasterdotus Example:...
infocus
Hi, We have released simple and user friendly GUI FTP fuzzer tool for stress testing FTP server implementations. It is quite configurable tool, which means that you can precisely define which FTP commands will be fuzzed with the parameter size and test strings. Running this fuzzer against FTP...
SA-03.txt
I'm proud to introduce an example of return into libc exploit which works though grsecurity patch protection. Please read source carefully and change some lines cause default version probably wont work on your machine. - This is example, remember it. ; / Grsecurity bypass tryout - system"/bin/sh"...
Multiple DNS servers different security vulnerabilities
Multiple vulnerabilities were discovered with automated testing tool...
[eVuln] MD News Authentication Bypass and SQL Injection Vulnerabilities
New eVuln Advisory: MD News Authentication Bypass and SQL Injection Vulnerabilities http://evuln.com/vulns/120/summary.html --------------------Summary---------------- eVuln ID: EV0120 Software: MD News Sowtware's Web Site: http://www.matthewdingley.co.uk/ Versions: 1 Critical Level: Moderate Typ...
[eVuln] CzarNews XSS and Multiple SQL Injection Vulnerabilities
New eVuln Advisory: CzarNews XSS and Multiple SQL Injection Vulnerabilities http://evuln.com/vulns/118/summary.html --------------------Summary---------------- eVuln ID: EV0118 CVE: CVE-2006-1640 CVE-2006-1641 Software: CzarNews Sowtware's Web Site: http://www.czaries.net/scripts/ Versions: 1.14...
Hacked SQL Server system ten ways-vulnerability warning-the black bar safety net
Using either the manual probe or the use of security testing tools, malicious attackers always use a variety of tricks from your firewall to internal and external compromise your SQL Server system. Since the hackers do such a thing. You also need to implement the same attacks to test your system'...
panic-reloaded TCP Denial of Service Tool
Exploit for multiple platform in category dos / poc ========================================= panic-reloaded TCP Denial of Service Tool ========================================= / ----------------------------------------------------------------------------- / \ / / / / / / / / / / / / / / / / / /...
[eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities
New eVuln Advisory: QLnews XSS and PHP Code Insertion Vulnerabilities http://evuln.com/vulns/113/summary.html --------------------Summary---------------- eVuln ID: EV0113 CVE: CVE-2006-1575 CVE-2006-1576 Software: QLnews Sowtware's Web Site: http://www.vscripts.pl/ Versions: 1.2 Critical Level:...
[eVuln] VNews Multiple Vulnerabilities
New eVuln Advisory: VNews Multiple Vulnerabilities http://evuln.com/vulns/112/summary.html --------------------Summary---------------- eVuln ID: EV0112 CVE: CVE-2006-1543 CVE-2006-1544 CVE-2006-1545 Software: VNews Sowtware's Web Site: http://www.vscripts.pl/?id=vnews Versions: 1.2 Critical Level...
[eVuln] [V]Book Multiple Vulnerabilities
New eVuln Advisory: VBook Multiple Vulnerabilities http://evuln.com/vulns/111/summary.html --------------------Summary---------------- eVuln ID: EV0111 CVE: CVE-2006-1561 CVE-2006-1562 CVE-2006-1563 Software: VBook Sowtware's Web Site: http://www.vscripts.pl/?id=vbook2 Versions: 2.0 Critical Leve...
Construct a special file name to bypass multiple anti-virus engine-vulnerability warning-the black bar safety net
Category: design error Threat level: medium BUGTRAQ ID: 1 5 4 2 3 Affected by the anti-virus engine: Kaspersky Antivirus Symantec AntiVirus F-Prot Antivirus ClamWin Antivirus Avast Antivirus RAV AntiVirus Microsoft AntiSpyware Tested version: Symantec AntiVirus Corporate 8.0 Kaspersky Antivirus...
[eVuln] Maian Events SQL Injection Vulnerability
New eVuln Advisory: Maian Events SQL Injection Vulnerability http://evuln.com/vulns/102/summary.html --------------------Summary---------------- eVuln ID: EV0102 CVE: CVE-2006-1341 Software: Maian Events Sowtware's Web Site: http://www.maianscriptworld.co.uk/ Versions: 1.0 Critical Level: Moderat...
w3wp-dos.txt
--0-1633069887-1142992701=:20251 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sorry, if you are receiving multiple copies of it. Just resending as the one that I sent last night has not yet appeared. w3wp remote DoS due to improper reference of STA COM components i...