Sun Java Web Start Plugin Command Line Argument Injection

$Id: javawsarginjectaltjvm.rb 9097 2010-04-16 08:08:40Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Sun Java Web Start Plugin Command Line Argument Injection

This module exploits a flaw in the Web Start plugin component of Sun Java Web Start. The arguments passed to Java Web Start are not properly validated. By passing the lesser known -J option, an attacker can pass arbitrary options directly to the Java runtime. By utilizing the -XXaltjvm option, as...

Serv-U 9.0.0.5 WebClient Buffer Overflow

-- KC Security PUBLIC ADVISORY -- http://www.rangos.de -- 11-01-2009 RhinoSoft.com Serv-U 9.0.0.5 WebClient Remote Buffer Overflow Background ------------ Serv-U includes a simple, browser-based transfer client perfect for every business environment. The Web Client is accessed through a standard...

Serv-u web client 9.0.0.5 buffer overflow

No description provided by source. -- KC Security PUBLIC ADVISORY -- http://www.rangos.de -- 11-01-2009 RhinoSoft.com Serv-U 9.0.0.5 WebClient Remote Buffer Overflow Background ------------ Serv-U includes a simple, browser-based transfer client perfect for every business environment. The Web...

WordPress Core 2.2 - 'xmlrpc.php' SQL Injection

/ El error, bastante tonto por cierto, se encuentra en la función wpsuggestCategories, en el archivo xmlrpc.php: function wpsuggestCategories$args global $wpdb; $this-escape$args; $blogid = int $args0; $username = $args1; $password = $args2; $category = $args3; $maxresults = $args4;...

Microsoft Windows WebClient service buffer overflow

Buffer overflow on RPC based service allows code execution with LocalSystem privileges...

SEC-20051025-0.txt

SEC-CONSULT Security Advisory 20051025-0 ====================================================================== title: Snoopy Remote Code Execution Vulnerability program: Snoopy PHP Webclient vulnerable version: 1.2 and earlier homepage: http://snoopy.sourceforge.net found: 2005-10-10 by: D. Fabi...

SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability

SEC-CONSULT Security Advisory 20051025-0 ====================================================================== title: Snoopy Remote Code Execution Vulnerability program: Snoopy PHP Webclient vulnerable version: 1.2 and earlier homepage: http://snoopy.sourceforge.net found: 2005-10-10 by: D. Fabi...