Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)

Microsoft Excel - Malformed Palette Record Denial of Service PoC MS07-002 """ MS07-002 EXCEL Malformed Palette Record Vulnerability DOS POC Author LifeAsaGeek at gmail.com ... and Microsoft said that vuln credit is for Greg MacManus of iDefense Labs Vulnerablity Description Bound error occurs whe...

Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)

""" MS07-002 EXCEL Malformed Palette Record Vulnerability DOS POC Author LifeAsaGeek at gmail.com ... and Microsoft said that vuln credit is for Greg MacManus of iDefense Labs Vulnerablity Description Bound error occurs when parsing Palette Record and it causes Heap Overflow check out here -...

Apple Mac OS X (/usr/bin/passwd) Custom Passwd Local Root Exploit

No description provided by source. !/usr/bin/perl /usr/bin/passwdOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Apple OSX's /usr/bin/passwd program has support for a custom passwd file to be used instead of the standard/static path. this feature has security issues in the...

CVE-2006-5175

Cross-site request forgery CSRF vulnerability in the administrative interface for the TeraStation HD-HTGL firmware 2.05 beta 1 and earlier allows remote attackers to modify configurations or delete arbitrary data via unspecified vectors...

Apple Mac OSX - usrbinpasswd Custom Passwd Privilege Escalation

Apple Mac OSX - usrbinpasswd Custom Passwd Privilege Escalation !/usr/bin/perl /usr/bin/passwdOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Apple OSX's /usr/bin/passwd program has support for a custom passwd file to be used instead of the standard/static path. this featu...

Apple Mac OS X (/usr/bin/passwd) Custom Passwd Local Root Exploit

Exploit for macOS platform in category local exploits ================================================================= Apple Mac OS X /usr/bin/passwd Custom Passwd Local Root Exploit ================================================================= !/usr/bin/perl /usr/bin/passwdOSX: local root...

Wimpy MP3 Player 5 - Text File Overwrite

Wimpy MP3 Player 5 - Text File Overwrite source: https://www.securityfocus.com/bid/16696/info Wimpy MP3 is prone to a weakness that permits the overwriting of a text file with arbitrary attacker-supplied data. Successful exploitation of this issue may aid an attacker in further attacks. The...

Wimpy MP3 Player 5 - Text File Overwrite

source: https://www.securityfocus.com/bid/16696/info Wimpy MP3 is prone to a weakness that permits the overwriting of a text file with arbitrary attacker-supplied data. Successful exploitation of this issue may aid an attacker in further attacks. The following proof of concept URI is available:...

Default credentials

edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account...

AlienForm CGI Script Directory Traversal Vulnerability (Jun 2002) - Active Check

The AlienForm CGI script is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2002 Andrew Hintz http://guh.nu Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2005-3561 · Land Down Under · Land Down Under (Ldu) 800

Name of the Vulnerable Software and Affected Versions: Land Down Under LDU 800 Description: Multiple SQL injection issues allow remote attackers to execute arbitrary SQL commands via various parameters to different PHP files, including s or m parameter to "forums.php", o, w, s, or p parameter to...

Small HTTP Server <= 3.05.28 Arbitrary Data Execution Exploit

No description provided by source. !/usr/bin/perl sHTTP FTPServer Abritary Data Execution Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\PERLperl shttp.pl localhost C:\shttps ? Version: libwww-perl-5.76 + Connect to localhost... + Connected + Send...

Small HTTP Server 3.05.28 - Arbitrary Data Execution

Small HTTP Server 3.05.28 - Arbitrary Data Execution !/usr/bin/perl sHTTP FTPServer Abritary Data Execution Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\PERLperl shttp.pl localhost C:\shttps ? Version: libwww-perl-5.76 + Connect to localhost... ...

Small HTTP Server 3.05.28 - Arbitrary Data Execution

!/usr/bin/perl sHTTP FTPServer Abritary Data Execution Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\PERLperl shttp.pl localhost C:\shttps ? Version: libwww-perl-5.76 + Connect to localhost... + Connected + Send user and pass.. + Logged in! +...

[VulnWatch] eEye Advisory - EEYEB-200505 - RealPlayer AVI Processing Overflow

RealPlayer vidplin.dll AVI Processing Heap Overflow Release Date: June 23, 2005 Date Reported: May 4, 2005 Patch Development Time In Days: 36 Severity: High Code Execution Vendor: RealNetworks Systems Affected: For Microsoft Windows RealPlayer 10.5 6.0.12.1040-1069 RealPlayer 10 RealOne Player v2...

PhotoPostData.pl.txt

!/usr/bin/perl PhotoPost Arbitrary Data Exploit -------------------------------- INFPG - Hacking&Security Research Use first the exploit code,then You'll get admin MD5 hash and user name on your mail. Greats: Infam0us Gr0up team/crew/fans,Zone-H,securiteam,str0ke-milw0rm,addict3d,...

[UNIX] PhotoPost Arbitrary Data (Exploit)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

PhotoPost - Arbitrary Data Hash

PhotoPost - Arbitrary Data Hash !/usr/bin/perl PhotoPost Arbitrary Data Exploit -------------------------------- INFPG - Hacking&Security Research Use first the exploit code,then You'll get admin MD5 hash and user name on your mail. Greats: Infam0us Gr0up...

PhotoPost Arbitrary Data Remote Exploit

Exploit for unknown platform in category web applications ======================================= PhotoPost Arbitrary Data Remote Exploit ======================================= !/usr/bin/perl PhotoPost Arbitrary Data Exploit -------------------------------- INFPG - Hacking&Security Research Use...

Silent-Storm Portal Multiple Input Validation Vulnerabilities

The remote host is running Silent-Storm, a web-based forum management software written in PHP. There are multiple input validation flaws in the remote version of this software : - There is a cross-site scripting vulnerability involving the 'module' parameter of the 'index.php' script. - The...