274 matches found
ImageVue 2.0 - Remote Admin Login
Author: Sora Software Link: http://www.imagevuex.com/ Version: 2.0 Tested on: Windows and Linux --------------------------------- / ImageVue 2.0 Remote Admin Login Exploit Created by Sora Contact: vhr95zw at hotmail.com / + Google Dork: "inurl:/admin/" "ImageVue" + Description: ImageVue 2.0 suffe...
Snort DCE/RPC preprocessor buffer overflow
Added: 07/09/2007 CVE: CVE-2006-5276 BID: 22616 OSVDB: 32094 Background Snort is an open-source intrusion detection system. It includes a DCE/RPC preprocessor, which reassembles DCE/RPC traffic before it is passed to the intrusion detection engine. Problem A buffer overflow vulnerability in the...
tyger-sqlxss.txt
-=--------------------ADVISORY-------------------=- Tyger Bug Tracking System Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Tyger Bug Tracking System -=+ Version: 1.1.3 -=+ Vendor's URL: http://uk.homeunix.org/tyger/cms/ -=+ Platform:...
siteman-pass.txt
-=--------------------ADVISORY-------------------=- Siteman 2.0.x2 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Siteman 2.0.x2 -=+ Version: 2.0.x2 -=+ Vendor's URL: http://home.no.net/siteman/ -=+ Platform: Windows\Linux\Unix -=+ Bug type:...
logahead UNU edition 1.0 - Arbitrary File Upload / Code Execution
-=--------------------ADVISORY-------------------=- logahead UNU edition 1.0 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: logahead UNU edition -=+ Version: 1.0 -=+ Vendor's URL: http://typo.i24.cc/logahead/ -=+ Platform: Windows\Linux\Unix...
PunBB <= 2.0.10 (Register Multiple Users) Denial of Service Exploit
Exploit for unknown platform in category web applications =================================================================== PunBB include include ifdef WINDOWS include include // Link to libws232.a else include include include endif define NSTALIVE 1 int Connectchar; void SendPackint, int, char...
CYBSEC - Multiple Vendor Web Vulnerability Scanner Arbitrary Script Injection Vulnerability
CYBSEC S.A. www.cybsec.com Advisory Name: Multiple Vendor Web Vulnerability Scanner Arbitrary ============= Script Injection Vulnerability Vulnerability Class: Script Injection ==================== Release Date: 09.01.2005 ============= Affected Applications: ====================== N-Stealth...
CVE-2005-1766
Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file...
iDEFENSE Security Advisory 01.24.05: DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability
DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability iDEFENSE Security Advisory 01.24.05 www.idefense.com/application/poi/display?id=189&type=vulnerabilities January 24, 2005 I. BACKGROUND DataRescue Inc.'s IDA Pro is a Windows or Linux hosted multi-processor disassembler and...
[Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability
Opera Telnet URI Handler File Creation/Truncation Vulnerability iDEFENSE Security Advisory 05.12.04 www.idefense.com/application/poi/display?id=104&type=vulnerabilities May 12, 2004 I. BACKGROUND Opera is a cross-platform web browser. More information is available from http://www.opera.com/ II...
Format string bug in EpicGames Unreal engine
Luigi Auriemma Application: Unreal engine http://unreal.epicgames.com Games: - America's Army - DeusEx - Devastation - Magic Battlegrounds - Mobile Forces - Nerf Arena Blast - Postal 2 - Rainbow Six: Raven Shield - Rune - Sephiroth: 3rd episode the Crusade - Star Trek: Klingon Honor Guard -...
Essentia Web Server 2.1 - 'URL' Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/4159/info Essentia Web Server is a multi-threaded HTTP server designed for Microsoft Windows and Linux environments. Essentia is maintained by Essen. Essentia is prone to a remote denial of service. This condition may be triggered by submitting an...
zerooexploit.txt
According to the vendor's web page , Zeroo is a "simple, small, portable, fast HTTP server". The server is available for Windows, and Linux operating systems. A folder traversal flaw in the server may allow attackers to compromise sensitive information stored on the server's volume. !/usr/bin/per...
gnut gnutella client html injection
Hello I recently discovered a bug in gnut, a console/www Gnutella client for Linux and Windows, that allows the injection of html code in the Search Result Page of the Webfrontend. This is done by sharing a file with html tags embedded. testHR.mp3 for example More complex things are possible with...