7636 matches found
PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (1)
/ GNU PeerCast include include include include include include include include include struct target char name; int retaddr; ; struct she...
postgresql81-server -- SET ROLE privilege escalation
The PostgreSQL team reports: Due to inadequate validity checking, a user could exploit the special case that SET ROLE normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example...
DSA-959-1 unalz - buffer overflow
Bulletin has no description...
Exiv2 - Corrupted EXIF Data Denial of Service
Exiv2 - Corrupted EXIF Data Denial of Service source: https://www.securityfocus.com/bid/16400/info Exiv2 is susceptible to a denial-of-service vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input data before attempting to read it, resulting in...
MyBB 1.0.2 XSS attack in search.php redirection
http://127.0.0.1/mybb/search.php?action=dosearch&keywords=&postthread=1&author=imei&matchusername=1&forums=all&findthreadst=1&numreplies=&postdate=0&pddir=1&sortby="script language=javascriptalertdocument.cookie/script&sorder=1&showresults=threads&submit=Search...
Alt-N WebAdmin USER Buffer Overflow
Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. This module requires Metasploit: https://metasploit.com/download Current source:...
Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-125-1)
Marco Alvarez found a Denial of Service vulnerability in the Jabber protocol handler. A remote attacker could exploit this to crash Gaim by sending specially crafted file transfers to the user. CAN-2005-0967 Stu Tomlinson discovered an insufficient bounds checking flaw in the URL parser. By sendi...
Ubuntu 4.10 / 5.04 : apache2 vulnerability (USN-120-1)
Luca Ercoli discovered that the 'htdigest' program did not perform any bounds checking when it copied the 'user' and 'realm' arguments into local buffers. If this program is used in remotely callable CGI scripts, this could be exploited by a remote attacker to execute arbitrary code with the...
Apple QuickTime 6.46.57.0.x - PictureViewer .JPEG.PICT File Buffer Overflow
Apple QuickTime 6.46.57.0.x - PictureViewer .JPEG.PICT File Buffer Overflow source: https://www.securityfocus.com/bid/16212/info Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to...
Apple QuickTime 6.4/6.5/7.0.x - PictureViewer '.JPEG'/.PICT' File Buffer Overflow
source: https://www.securityfocus.com/bid/16212/info Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers. An attacker may be able to exploit this issue to...
Cray UNICOS usrbinscript - Command Line Argument Local Overflow
Cray UNICOS usrbinscript - Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities wi...
NetBSD Security Advisory 2006-001: Kernfs kernel memory disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-001 ================================= Topic: Kernfs kernel memory disclosure Version: NetBSD-current: source prior to November 23, 2005 NetBSD 3.0: not affected NetBSD 2.1: affected NetBSD 2.0.3: affected NetBSD 2.0:...
CMailServer mail system, the attachment download module download mail system installation disk arbitrary file vulnerability-vulnerability warning-the black bar safety net
CMailServer mail system, the attachment download module download mail system installation disk arbitrary file vulnerability Our Team: http://www.ph4nt0m.org Author: cloud [email protected] Date: 2005-11-06 Severity: medium Error type: parameter checking is not strict Affect the system: th...
linux/x86 if(read(fd,buf,512)<=2) _exit(1) else buf(); 29 bytes
Exploit for linux/x86 platform in category shellcode =============================================================== linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large...
linux/x86 ifreadfd,buf,512<=2 _exit1 else buf; 29 bytes
linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large payload of goodness. This actually is a bit larger than necessary because of the error checking but in some cases...
[Full-disclosure] ZDI-05-002: Clam Antivirus Remote Code Execution
ZDI-05-002: Clam Antivirus Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-05-002.html November 4th, 2005 -- CVE ID: CAN-2005-3303 -- Affected Vendor: Clam AntiVirus -- Affected Products: Clam AntiVirus 0.80 through 0.87 -- TippingPointTM IPS Customer Protectio...
War FTP Daemon CWD/MKD Buffer Overflow
The version of the War FTP Daemon running on this host is vulnerable to a buffer overflow attack. This is due to improper bounds checking within the code that handles both the CWD and MKD commands. By exploiting this vulnerability, it is possible to crash the server, and potentially run arbitrary...
War FTP Daemon CWD/MKD Buffer Overflow
The version of the War FTP Daemon running on this host is vulnerable to a buffer overflow attack. This is due to improper bounds checking within the code that handles both the CWD and MKD commands. SPDX-FileCopyrightText: 2003 Digital Defense Inc. Some text descriptions might be excerpted from a...
INN buffer overflow
The remote version of this INN InterNetNews server does not do proper bounds checking. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft IIS 'showcode.asp' Default File Directory Traversal Vulnerability - Active Check
Internet Information Server IIS 4.0 ships with a set of sample files to help web developers learn about Active Server Pages ASP. One of this sample file is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 1999 Immo Goltz C-Plugin / Renaud Deraison Converted to NASL Some text...