Lucene search
K

6604 matches found

seebug.org
seebug.org
added 2007/05/12 12:0 a.m.57 views

PhpWind 防盗链插件Showpic.php本地读文件漏洞

showpic.php str=$SERVER'QUERYSTRING'; $img=base64decode$str; $codelen=strlen$safeguard;//获取附加码长度 $img=substr$img,$codelen; //去掉附加码 readfile$img; 提交的参数经过base64编码后直接用readfile读文件,所以可以把路径base64编码后提交,以读出文件内容 PhpWind http://www.PhpWind.net http://bbs.xxx.com/showpic.php?ZGF0YS9zcWxfY29uZmlnLnBocA==...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/05/11 12:0 a.m.55 views

Microsoft Exchange Base64 MIME消息远程代码执行漏洞(MS07-026)

Microsoft Exchange Server是一款企业级的邮件服务程序。 Microsoft Exchange Server处理特定的畸形编码数据时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 Microsoft Exchange没有正确地解码base64编码的内容,如果用户向服务器发送了特制的base64编码的MIME邮件消息的话,就可能导致执行任意指令。 Microsoft Exchange Server 2007 Microsoft Exchange Server 2003 SP2 Microsoft Exchange Server 2003 SP1 Microsoft...

7.5AI score
Exploits0
CVE
CVE
added 2007/05/08 11:0 p.m.247 views

CVE-2007-0213

CVE-2007-0213 is a remote code execution vulnerability in Microsoft Exchange Server (2000 SP3, 2003 SP1/SP2, and 2007) caused by improper handling of base64-encoded MIME content. An attacker can exploit this by sending a crafted MIME email that triggers memory corruption/decoding issues, gaining ...

10CVSS7.3AI score0.6616EPSS
Exploits2References12Affected Software1
canvas
canvas
added 2007/04/24 8:19 p.m.51 views

Immunity Canvas: GROUPWISE_WEBACCESS

Name| groupwisewebaccess ---|--- CVE| CVE-2007-2171 Exploit Pack| CANVAS Description| Novell GroupWise WebAccess Base64 Decoding Stack Overflow Notes| CVE Name: CVE-2007-2171 VENDOR: Novell VersionsAffected: Repeatability: References: http://www.zerodayinitiative.com/advisories/ZDI-07-015.html CV...

10CVSS6.4AI score0.24332EPSS
Exploits5
Cvelist
Cvelist
added 2007/04/24 8:0 p.m.42 views

CVE-2007-2171

Stack-based buffer overflow in the base64decode function in GWINTER.exe in Novell GroupWise GW WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request...

7.9AI score0.24332EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2007/04/23 12:0 a.m.43 views

Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow

The remote host is running a version of GroupWise WebAccess from Novell that is vulnerable to a stack overflow in the way it handles HTTP Basic Authentication. By sending a specially crafted request, an attacker can exploit this flaw to execute code on the remote host with administrative...

10CVSS6AI score0.24332EPSS
Exploits5References3
securityvulns
securityvulns
added 2007/04/20 12:0 a.m.58 views

Novell Groupwise WebAccess buffer overflow

Stack buffer overflow stack overrun during TCP/7205 TCP/7211 HTTP basic authentication on base64 decoding...

10CVSS2.3AI score0.24332EPSS
Exploits5References1
securityvulns
securityvulns
added 2007/04/20 12:0 a.m.75 views

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-015.html April 18, 2007 -- CVE ID: CVE-2007-2171 -- Affected Vendor: Novell -- Affected Products: Groupwise WebAccess -- TippingPointTM IPS Customer Protection:...

10CVSS0.1AI score0.24332EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
added 2007/04/18 12:0 a.m.30 views

Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists in the GWINTER.exe process bound by default on TCP ports 7205 and 7211. During the...

10CVSS0.8AI score0.24332EPSS
Exploits5References1
exploitpack
exploitpack
added 2007/03/20 12:0 a.m.6 views

Mercur IMAPD 5.00.14 (Windows x86) - Remote Denial of Service

Mercur IMAPD 5.00.14 Windows x86 - Remote Denial of Service !/usr/bin/perl mercur-v1.pl Mercur v5.00.14 win32 remote exploit by mu-b - Dec 2006 - Tested on: Mercur v5.00.14 win32 use Getopt::Std; getopts't:n:', %arg; use Socket; use MIME::Base64; my $target; if defined$arg't' $target = $arg't' if...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.31 views

Mandrake Linux Security Advisory : bind (MDKSA-2006:207)

The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem CVE-2006-4339. BIND uses RSA cryptography as part of its DNSSEC implementation. As a result, to resolve the security issue, these packages need to be upgraded and for both KEY and DNSKEY record...

5.8CVSS7.2AI score0.04894EPSS
Exploits1References4
Prion
Prion
added 2007/02/12 11:28 p.m.13 views

Integer overflow

Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via certain base64-encoded data on the pop3 port 110/tcp, which triggers an integer overflow...

10CVSS8.2AI score0.08682EPSS
Exploits0References6Affected Software1
exploitpack
exploitpack
added 2007/02/08 12:0 a.m.11 views

Axigen 2.0.0b1 - Remote Denial of Service (1)

Axigen 2.0.0b1 - Remote Denial of Service 1 / doaxigen.c axigen 1.2.6 - 2.0.0b1 DoS x86-lnx by mu-b - Sat Oct 22 2006 - Tested on: AXIGEN 1.2.6 lnx AXIGEN 2.0.0b1 lnx 0x08088054: parsing error results in DoS little-endian, confirmed DoS + off-by-one heap smash big-endian Note: if you receive a...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2007/01/27 12:0 a.m.15 views

PHP Subscriber远程密码泄露漏洞

PHP Subscriber是一款基于PHP的WEB应用程序。 PHP Subscriber不正确过滤用户提交的输入,远程攻击者可以利用漏洞获得密码敏感信息。 攻击者可以请求http://www.site.com/path/pwd.txt连接获得密码文件信息,然后使用BASE64解码密码信息。 PHP Subscriber 目前没有详细漏洞细节提供...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.54 views

subscribe (pwd.txt) Remote Password Disclosur

subscribe pwd.txt Remote Password Disclosur D0rk = "Powered By PHP Subscriber" discovered by : ThE TiGeR 100 Exploit : http://www.site.com/path/pwd.txt or http://www.site.com/pwd.txt then crack the password with bass64 decode ,,the password is coded by base64 not hash Contact:[email protected]...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.44 views

RANDOM PHP QUOTE 1.0 (pwd.txt) Remote Password Disclosur

RANDOM PHP QUOTE 1.0 pwd.txt Remote Password Disclosur scrip : http://www.scriptsez.net/download/download.php?action=download&p=randomphpquote.zip&ns=1 discovered by : ThE TiGeR 100 Exploit : http://www.site.com/path/pwd.txt or http://www.site.com/pwd.txt then crack the password with bass64 decod...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.25 views

Fedora Core 6 : mutt-1.4.2.2-3.fc6 (2006-1063)

Tue Oct 24 2006 Miroslav Lichvar 5:1.4.2.2-3 - fix insecure temp file creation on NFS 211085, CVE-2006-5297 - Thu Aug 3 2006 Miroslav Lichvar 5:1.4.2.2-2 - fix a SASL authentication bug 199591 - Mon Jul 17 2006 Miroslav Lichvar 5:1.4.2.2-1 - update to 1.4.2.2 - fix directories in manual.txt...

7.5CVSS5.8AI score0.05889EPSS
Exploits1References1
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.11 views

Kerio Winroute Firewall 5.10 users credentials leak

Application: Kerio Winroute Firewall 5.10 Vendor: Kerio Technologies Inc. Vendor Site: http://www.kerio.com Remote: Yes Exploitable: Yes Risk level: Critical if proxy requires authentication Authors: Alexander Antipov & 3APA3A aka Pig Killer Authors Sites: http://www.securitylab.ru...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2006/12/27 12:0 a.m.25 views

PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl rgod u fucking little piece of shit faggot. way to ruin a private exploit, scumbag use strict; use IO::Socket; use MIME::Base64; use Getopt::Std; my $app = "PHP-Update 2.7"; my $type = "Remote Code Execution"; my $author = "undefined1"; my $date =...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/12/26 12:0 a.m.102 views

PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications =================================================================== PHP-Update = 2.7 admin/uploads.php Remote Code Execution Exploit =================================================================== !/usr/bin/perl rgod u fucking little...

7.1AI score
Exploits0
Rows per page
Query Builder