112 matches found
ContentBoxx - 'login.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17612/info ContentBoxx is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the...
Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
No description provided by source. !/usr/bin/python PRE AUTHENTICATION Eudora Qualcomm WorldMail 3.0 IMAPd Service 6.1.19.0 Overflow. Discovered by Tim Shelton - [email protected] Coded by [email protected] Details: SEH gets overwritten at 970 bytes in the LIST command. No space...
BisonFTP 4R1 - Remote Denial of Service
source: https://www.securityfocus.com/bid/14079/info BisonFTP is prone to a remote denial-of-service vulnerability. A remote attacker may exploit this issue to deny service for legitimate users. Reports indicate that the issue may be exploited only after successful authentication. !/usr/bin/pytho...
Monit <= 4.2 Basic Authentication Remote Root Exploit
No description provided by source. / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit = 4.2 Vulnerability: Buffer overflow in handling of Basic Authentication informations. Server authenticates clients through: Authentication: Basic...
Monit 4.2 - Basic Authentication Remote Code Execution
/ THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware 8.1 Update Code :...
Keene Digital Media Server 1.0.2 - Cross-Site Scripting
Keene Digital Media Server 1.0.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/11111/info Keene Digital Media Server is prone to multiple cross-site scripting vulnerabilities. These issues span multiple scripts. The source of the problem is that affected scripts do not...
SqWebMail 4.0.4.20040524 - Email Header HTML Injection
SqWebMail 4.0.4.20040524 - Email Header HTML Injection source: https://www.securityfocus.com/bid/10588/info SqWebMail is reported to be prone to an email header HTML injection vulnerability. This issue presents itself due to a failure of the application to properly sanitize user-supplied email...
CVE-2004-0009
Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user...
Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow (2)
Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow 2 // source: https://www.securityfocus.com/bid/7180/info A buffer-overflow vulnerability has been discovered in Kerio Personal Firewall. The problem occurs during the administration authentication process. An attacker...
CVE-2002-0639
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication ChallengeResponseAuthentication when OpenSSH is using SKEY or BSDAUTH authentication...
Win2k Telnet.exe malicious server vulnerability
Microsoft was informed of this problem with exploit over a month ago. I received some token responses right after emailing them, but have heard nothing since. If they have released an advisory of their own yet, I have not seen it. I informed them up-front that I would release a full-disclosure...
Linux_mini-sql_bof.txt
hi, i was looking for an exploitable buffer overflow in w3-msql from Hughes Technology since there was many security flaws inside. There is a static variable named PrivateScript in main function with a 255 chars size length. No luck ! main finish everywhere with an exit call. The http internal...