CVE-2002-2412

Winamp 2.80 stores authentication credentials in plaintext in the 1 HTTP-AUTH and 2 winamp sections in winamp.ini, which allows local users to gain access to other accounts...

Boa 0.93.15 HTTP Basic Authentication Bypass Exploit

Exploit for linux platform in category remote exploits ==================================================== Boa 0.93.15 HTTP Basic Authentication Bypass Exploit ==================================================== / Boa HTTP Basic Authentication Bypass Vuln: Boa/0.93.15 with Intersil Extensions...

Apache Tomcat - 'WebDAV' Remote File Disclosure

!/usr/bin/perl Apache Tomcat Remote File Disclosure Zeroday Xploit kcdarookie aka eliteb0y / 2007 thanx to the whole team & andi : +++KEEP PRIV8+++ This Bug may reside in different WebDav implementations, Warp your mind! +You will need auth for the exploit to work... use IO::Socket; use...

Mercury Mail SMTP AUTH CRAM-MD5 buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4440 BID: 25357 OSVDB: 39669 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the SMTP service allows remote attackers to execute arbitrary commands by sending a specially craft...

barracude-xss.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 || ISR || || Infobyte Security Research || www.infobyte.com.ar || 09.21.2007 || .:: SUMMARY Barracuda Spam Firewall Cross-Site Scripting Version: Barracuda Spam Firewall firmware v3.4.10.102 It is suspected that all previous versions of Barracuda Sp...

KLA10271 SB vulnerability in NetSupport Manager Client

An unspecified vulnerability was found in NetSupport Manager Client. By exploiting this vulnerability malicious users can bypass auth schemes. This vulnerability can be exploited remotely via spoofing UI. Original advisories - Related products NetSupport-Manager CVE list CVE-2007-5057 critical...

[ISR] - Barracuda Spam Firewall. Cross-Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 || ISR || || Infobyte Security Research || www.infobyte.com.ar || 09.21.2007 || .:: SUMMARY Barracuda Spam Firewall Cross-Site Scripting Version: Barracuda Spam Firewall firmware v3.4.10.102 It is suspected that all previous versions of Barracuda Sp...

Mercury/32 4.52 IMAPD - 'SEARCH' (Authenticated) Overflow

Z:\ExpmercurySEARCH.pl 127.0.0.1 143 void ph4nt0m.org Mercury/32 v4.52 IMAPD SEARCH command Post-Auth Stack Overflow Exploit Found & Code by void ph4nt0m.org S: OK mercury.ph4nt0m.org IMAP4rev1 Mercury/32 v4.52 server ready. C: pst06 LOGIN void ph4nt0m.org S: pst06 OK LOGIN completed. C: pst06...

Mercury32 Mail Server 3.32 4.51 - SMTP EIP Overwrite

Mercury32 Mail Server 3.32 4.51 - SMTP EIP Overwrite / Dreatica-FXP crew ---------------------------------------- Target : Mercury/32 SMTP Server Found by : [email protected], http://www.offensive-security.com ---------------------------------------- Exploit : Mercury/32 v3.32-v4.51 SMT...

Mercury/32 4.51 SMTPD CRAM-MD5 Pre-Auth Remote Overflow Exploit

No description provided by source. / Mercury/32 4.51 SMTPD CRAM-MD5 Pre-Auth Remote Stack OverflowUniversal Public Version 1.0 http://www.ph4nt0m.org 2007-08-22 Code by: Zhenhan.Liu Original POC: http://www.milw0rm.com/exploits/4294 Vuln Analysis:...

Stack overflow

Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961...

CVE-2007-4440

Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961...

CVE-2007-4440

CVE-2007-4440 describes a stack-based buffer overflow in the MercuryS SMTP server of the Mercury Mail Transport System (likely version ≤ 4.51). The vulnerability occurs when processing an SMTP AUTH CRAM-MD5 string, enabling a remote attacker to potentially execute arbitrary code with the privileg...

CVE-2007-4417

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed...

Mercury Mail Transport System AUTH CRAM-MD5 Buffer Overflow Vulnerability

Description Mercury Mail Transport System is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks when handling AUTH CRAM-MD5 requests. Attackers can exploit this issue to execute arbitrary code with the privileges of the user running th...

[SECURITY] Fedora 7 Update: lighttpd-1.4.16-1.fc7

Secure, fast, compliant and very flexible web-server which has been optimiz ed for high-performance environments. It has a very low memory footprint compa red to other webservers and takes care of cpu-load. Its advanced feature-set FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many mo...

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

Denial of service

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...