HTTP Upload Tool (download.php) Information Disclosure Vulnerability

Exploit for unknown platform in category web applications ==================================================================== HTTP Upload Tool download.php Information Disclosure Vulnerability ==================================================================== Target: HTTP Upload Tool For PHP 1...

Novell Netmail User Authentication Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netmail. Exploitation does not require authentication. The specific flaw exists within the user authentication component of Novell Netmail. The routine responsible for authenticating Netmail...

Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (3)

Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow 3 source: https://www.securityfocus.com/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copyi...

Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (3)

source: https://www.securityfocus.com/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer. An attacker could leverage this issue to...

Linux Kernel 2.4.x mremap() bound checking Root Exploit

No description provided by source. / Linux kernel mremap bound checking bug exploit. Bug found by Paul Starzetz paul isec pl Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...

HP-UX 11i (LIBC TZ enviroment variable) Local Root Exploit

No description provided by source. / HP-UX libc timezone environment overflow exploit ================================================ HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient bounds checking in the...

HP-UX 11i (swpackage) Stack Overflow Local Root Exploit

No description provided by source. / HP-UX swpackage buffer overflow exploit ======================================= HP-UX 'swpackage' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficent bounds checking in the "-S"...

HP-UX 11i (swmodify) Stack Overflow Local Root Exploit

No description provided by source. / HP-UX swmodify buffer overflow exploit ======================================= HP-UX 'swmodify' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficent bounds checking in the "-S"...

HP-UX 11i (swmodify) Stack Overflow Local Root Exploit

Exploit for hp-ux platform in category local exploits ====================================================== HP-UX 11i swmodify Stack Overflow Local Root Exploit ====================================================== / HP-UX swmodify buffer overflow exploit =======================================...

HP-UX 11i - 'swmodify' Local Stack Overflow / Local Privilege Escalation

/ HP-UX swmodify buffer overflow exploit ======================================= HP-UX 'swmodify' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficent bounds checking in the "-S" optional arguement. 'swmodify' is...

HP-UX 11i - 'LIBC TZ' Enviroment Variable Privilege Escalation

/ HP-UX libc timezone environment overflow exploit ================================================ HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient bounds checking in the localtimer and related functions. Any...

Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (1)

source: https://www.securityfocus.com/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer. An attacker could leverage this issue to...

CVE-2006-5339

Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties th...

CVE-2006-5345

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB22. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB22 i...

CVE-2006-5339

CVE-2006-5339 affects the Oracle Spatial component of Oracle Database (versions 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.4). The vulnerability is linked to the mdsys.sdo_geom path and is related to a suspected length-checking issue before MD2.RELATE is called, as reported by third parties. The described...

A simple analysis of Linux kernel vulnerability issues-vulnerabilities and early warning-the black bar safety net

With Windows compared to Linux is considered to have better security and other extended properties. These features make the Linuxoperating systemfield meteoric rise, more and more attention. As the Linux application to increase the amount of its security has gradually been public, or even hacking...

opera -- URL parsing heap overflow vulnerability

iDefense Labs reports: Remote exploitation of a heap overflow vulnerability within version 9 of Opera Software's Opera Web browser could allow an attacker to execute arbitrary code on the affected host. A flaw exists within Opera when parsing a tag that contains a URL. A heap buffer with a consta...

[Full-disclosure] Asbru HardCore Web Content Editor - Command Injection

n.runs GmbH http://www.nruns.com/ [email protected] n.runs-SA-2006.001 15-Oct-2006 Vendor: Asbru Software, http://asbrusoft.com Product: Asbru HardCore Web Content Editor, http://editor.asbrusoft.com/ Vulnerability: Command Injection Vendor communication: 2006/10/05 initial notification of...

Debian DSA-1100-1 : wv2 - integer overflow

A boundary checking error has been discovered in wv2, a library for accessing Microsoft Word documents, which can lead to an integer overflow induced by processing word files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

Debian DSA-948-1 : kdelibs - buffer overflow

Maksim Orlovich discovered that the kjs JavaScript interpreter, used in the Konqueror web browser and in other parts of KDE, performs insufficient bounds checking when parsing UTF-8 encoded Uniform Resource Identifiers, which may lead to a heap based buffer overflow and the execution of arbitrary...