RCA DCM425 Cable Modem - micro_httpd Denial of Service (PoC)

RCA DCM425 Cable Modem - microhttpd Denial of Service PoC !/usr/bin/python Title: RCA DCM425 Cable Modem microhttpd DoS/PoC Date: 02/27/10 Author: ad0nis [email protected] Info: This script causes a Denial of Service on a DCM425 cable modem. Sending 1040 bytes causes a reboot of the device...

Cisco switch password-cracking-vulnerability warning-the black bar safety net

Use the console cable is connected toswitch, through HyperTerminal or Secure CRT connection to switch; 2. Press and hold down the switch on the front panel MODE button, plug in the switch power supply; 3. About 4 0 seconds after the release of the Mod 1. Use the console cable is connected...

Ease Audio Cutter 1.20 Local Crash

!/usr/bin/perl Ease Audio Cutter 1.20 .wav file Local Crash PoC By : zAx Application Homepage : http://mp3-cutter.com Application Download : http://mp3-cutter.com/download/audiocutter.exe Description : Click Select file button, select our file and click Play $crash = "\x42" x 15000; my $file =...

Ease Audio Cutter 1.20 (.wav file) Local Crash PoC

No description provided by source. !/usr/bin/perl Ease Audio Cutter 1.20 .wav file Local Crash PoC By : zAx Application Homepage : http://mp3-cutter.com Application Download : http://mp3-cutter.com/download/audiocutter.exe Description : Click Select file button, select our file and click Play...

Ease Audio Cutter 1.20 (.wav file) Local Crash PoC

Exploit for unknown platform in category dos / poc ================================================== Ease Audio Cutter 1.20 .wav file Local Crash PoC ================================================== !/usr/bin/perl Ease Audio Cutter 1.20 .wav file Local Crash PoC By : zAx Application Homepage :...

CVE-2008-6827

The ListView control in the Client GUI AClient.exe in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to 1 overwrite the CommandLine...

@ltacontent CMS Cross Site Scripting

=========================================================================================== Title : Cross-site Scripting XSS Vulnerability Software : @ltacontent CMS Vendor : http://altaconnect.com/ Date : 26 April 2009 Indonesia Author : Vrs-hCk Contact : [email protected] Blog :...

MDVA-2008:165 : gnome-power-manager

Some button press events where handled two times because they were reported both by X and by Hal. This update adds some code to detect them and ignore the duplicate events. This update also adds a gconf key /schemas/apps/gnome-power-manager/general/logoutcommand to allow using gnome-power-manager...

MDVA-2008:104 : x11-driver-input-evdev

This update corrects two issues with the evdev driver Xorg. The first is that button events were not generated for mice with more than seven buttons bug 39014; the second is that the pointer did not cross screens using the evdev driver. This update corrects both issues. %NASLMINLEVEL 70300...

Firefox directives to not cache pages ignored

Mozilla Firefox 3.x before 3.0.6 does not properly implement the 1 no-store and 2 no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the a back button or b history list of the victim's browser, as demonstrated by reading the response page of an...

Design/Logic Flaw

Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a 1 self-signed or 2 invalid certificate, which makes it easier for remote attackers to spoof web sites...

CVE-2008-2131

Cross-site scripting XSS vulnerability in mvnForum 1.1 GA allows remote authenticated users to inject arbitrary web script or HTML via the topic field, which is later displayed by user/viewthread.jsp through use of the "quick reply button."...

Cross site scripting

Cross-site scripting XSS vulnerability in mvnForum 1.1 GA allows remote authenticated users to inject arbitrary web script or HTML via the topic field, which is later displayed by user/viewthread.jsp through use of the "quick reply button."...

CVE-2008-2131

Cross-site scripting XSS vulnerability in mvnForum 1.1 GA allows remote authenticated users to inject arbitrary web script or HTML via the topic field, which is later displayed by user/viewthread.jsp through use of the "quick reply button."...

CVE-2007-6536

The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the 1 "Downloaded from" and 2 "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing...

CVE-2007-6536

The CVE-2007-6536 issue affects Google Toolbar 4 and 5 beta where the Custom Button Installer dialog may display domain names in the “Downloaded from” and “Privacy considerations” fields without validating them. The root cause is lack of domain verification, enabling remote attackers to spoof dom...

Google toolbar information spoofing

Add button dialog spoofing...

HP Info Center ActiveX Control Multiple Remote Vulnerabilities

The remote host contains the HP Quick Launch Button software, part of the HP Info Center software installed by default on many HP and Compaq laptop models. The version of this software on the remote host includes an ActiveX control that reportedly contains three insecure methods - 'GetRegValue',...

[security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01300486 Version: 1 HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button QLB Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access NOTICE: The information in this Securi...

Design/Logic Flaw

The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center hpinfocenter.exe 1.0.1.1 in HP Quick Launch Button QLBCTRL.exe, aka QLB 6.3 and earlier, allows remote attackers to read arbitrary registry values via the arguments to the GetRegValue method...