PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit

No description provided by source. ? / Neo Security Team - Exploit made by Paisterist on 2006-10-22 http://www.neosecurityteam.net / $host="localhost"; $path="/phpnuke/"; $prefix="nuke"; $port="80"; $fp = fsockopen$host, $port, $errno, $errstr, 30; $data="query=fooaa&eid=foo'//UNION SELECT pwd as...

ackerTodo42.txt

ackerTodo 4.2 SQL Injection vendor: http://ackertodo.sourceforge.net/site2/index.html File: gadget/login.php Exploiting this issue could allow an attacker to access sensible data. Vuln code: $userlogin = trim$REQUEST'uplogin'; $userpass = trim$REQUEST'uppass'; $numtasks = trim$REQUEST'upnumtasks'...

Microsoft Windows Media Player 7.1 10 - .BMP Heap Overflow (PoC) (MS06-005) (1)

Microsoft Windows Media Player 7.1 10 - .BMP Heap Overflow PoC MS06-005 1 / For Remote Exploration hint: http://www.spyinstructors.com/atmaca/research/wmpremotepoc.asx / / Windows Media Player BMP Heap Overflow MS06-005 Bug discovered by eEye -...

Mandrake Linux Security Advisory : xine-lib (MDKSA-2005:228)

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the 'avcodecdefaultgetbuffer' function of 'utils.c' i...

Kcms Profile Server

The Kodak Color Management System service is running. The KCMS service on Solaris 2.5 could allow a local user to write to arbitrary files and gain root access. This warning may be a false positive since the presence of the bug has not been tested. Patches: 107337-02 SunOS 5.7 has been released a...

BNBT / CBTT / XBNBT Denial of Service Vulnerability

Secunia Advisory: SA16877 Release Date: 2005-09-20 Critical: Moderately critical Impact: DoS Where: From remote Solution Status: Vendor Patch Software: BNBT 7.x BNBT 8.x CBTT 8.x XBNBT 8.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it...

Microsoft Windows - WINS Remote Buffer Overflow (MS04-045) (3)

Microsoft Windows - WINS Remote Buffer Overflow MS04-045 3 / Windows Internet Name Service WINS Remote Heap Buffer Overflow ------------------------------------ ------------------------------------ Advisory credits: ---------------- Nicolas Waisman of Immunity Inc. www.immunitysec.com Advisory...

Moderate: Red Hat Security Advisory: squid security update

Updated squid packages that fix a denial of service issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team Squid is a full-featured Web proxy cache. A bug was found in the way Squid handles FQDN lookups. It was possible to cra...

Software PBLang 4.65 pmpshow.php XSS vulnerability

HRG - Hackerlounge Research Group Release: HRG002 Friday 11-02-05 Software PBLang 4.65 pmpshow.php XSS vulnerability The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: PBLang 4.65 current a...

HP-UX PHNE_29912 : HP-UX sendmail, Remote Unauthorized Privileged Access (HPSBUX00281 SSRT3631 rev.11)

s700800 11.22 sendmail1m 8.11.1 patch : A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681. %NASLMINLEVEL 70300 C Tenable...

HP-UX PHCO_21993 : HPSBUX0011-130 Sec. Vulnerability in auto_parms (rev.2)

s700800 11.00 autoparms/setparms : Security vulnerability in autoparms and setparms. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHCO21993. The text itself is copyright C Hewlett-Packard Development Company...

Fedora Core 2 : mod_python-3.1.3-1.fc2.2 (2005-139)

Graham Dumpleton discovered a flaw affecting the publisher handler of modpython, used to make objects inside modules callable via URL. A remote user could visit a carefully crafted URL that would gain access to objects that should not be visible, leading to an information leak. The Common...

SUSE-SA:2005:002: php4, mod_php4

The remote host is missing the patch for the advisory SUSE-SA:2005:002 php4, modphp4. PHP is a well known, widely-used scripting language often used within web server setups. Stefan Esser and Marcus Boerger found several buffer overflow problems in the unserializer functions of PHP CVE-2004-1019...

[SIG^2 G-TEC] NodeManager Professional V2.00 Buffer Overflow Vulnerability

SIG^2 Vulnerability Research Advisory NodeManager Professional V2.00 Buffer Overflow Vulnerability by Tan Chew Keong Release Date: 17 Jan 2005 ADVISORY URL http://www.security.org.sg/vuln/nodemanager200.html SUMMARY NodeManager Professional http://www.h4.dion.ne.jp/you4707/NodeManagerPro.html is ...

Low: Red Hat Security Advisory: pine security update

An updated Pine package is now available for Red Hat Enterprise Linux 2.1 to fix a denial of service attack. Pine is an email user agent. The c-client IMAP client library, as used in Pine 4.44 contains an integer overflow and integer signedness flaw. An attacker could create a malicious IMAP serv...

Simple PHP Blog directory traversal vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Simple PHP Blog directory traversal vulnerability Vulnerability discovery: Madelman madelman AT iname.com Date: 02/01/2005 Severity: Moderate Summary: - -------- I started this project because I wanted a dead-simple blog. Something that didn't...

Fedora Core 3 : samba-3.0.10-1.fc3 (2004-562)

Fri Dec 17 2004 Jay Fenlason 3.0.10-1.fc3 - New upstream release that closes CVE-2004-1154 bz142544 - Include the -64bit patch from Nalin. This closes bz142873 - Update the -logfiles patch to work with 3.0.10 - Create /var/run/winbindd and make it part of the -common rpm to close bz142242 Note...

RHEL 2.1 / 3 : ImageMagick (RHSA-2004:636)

Updated ImageMagick packages that fixes a buffer overflow are now available. ImageMagickTM is an image display and manipulation tool for the X Window System. A buffer overflow flaw was discovered in the ImageMagick image handler. An attacker could create a carefully crafted image file with an...

Hosting Controller

-= Security Advisory =- Advisory Information ------------------------- Software Package : Hosting Controller Vendor Homepage : http://www.hostingcontroller.com Platforms : Windows based servers Vulnerable Versions: All version Tested on: v.6.1 Hotfix 1.4 Vendor Contacted : 12/5/2004 Release Date:...

Hosting Controller <= 0.6.1 Hotfix 1.4 Directory Browsing Vulnerability

No description provided by source. Advisory Information ------------------------- Software Package : Hosting Controller Vendor Homepage : http://www.hostingcontroller.com Platforms : Windows based servers Vulnerable Versions : All version Tested on: v.6.1 Hotfix 1.4 Vendor Contacted : 12/5/2004...