youtube blog 0.1 (rfi/sql/xss) Multiple Vulnerabilities

No description provided by source. / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title...

dompdf 0.6.0 (dompdf.php, read param) - Arbitrary File Read

No description provided by source. Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 partial fix Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is present on dompdf.ph...

linux/x86 break chroot 79 bytes

No description provided by source. bt:/ ./pwn perl -e 'print \x90x189...

linux/x86 chroot & standart 66 bytes

No description provided by source. / Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru ---------------------------------------------------------------------------------------------- / / Mkdir and Chroot are written in C: / includestdio.h includeunistd.h includesys/types.h...

openSUSE Security Update : libcap (openSUSE-SU-2011:1259-1)

capsh did not chdir'/' after calling chroot. Programs could therefore access the current directory outside of the chroot CVE-2011-4099. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : dhcp (openSUSE-SU-2011:1021-1)

This update of dhcp fixes two Denial of Service CVE-2011-2748, CVE-2011-2749 vulnerabilities caused by specially crafted BOOTP packets. Also following bugs were fixed : - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when...

openSUSE Security Update : libcap (openSUSE-SU-2011:1259-1)

capsh did not chdir'/' after calling chroot. Programs could therefore access the current directory outside of the chroot CVE-2011-4099. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Vulnerabilities in HVM MSI injection

ISSUE DESCRIPTION The implementation of the HVM control operation HVMOPinjectmsi, while checking whether a particular IRQ was already set up in the necessary way, fails to properly check all respective conditions. In particular it doesn't check the returned pointer for being non-NULL before de-...

CVE-2014-3790

The CVE-2014-3790 entry concerns VMware vCenter Server Appliance's Ruby vSphere Console (RVC). The vulnerability arises from escaping the chroot jail, enabling remote authenticated users to execute arbitrary commands as root. Documents consistently describe a privilege-escalation path via RVC tha...

CVE-2014-3790

Ruby vSphere Console RVC in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail...

(0Day) VMware vCenter Server Appliance Ruby vSphere Console Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware vCenter Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the usage of the Ruby vSphere Console RVC provided by the vCenter Server Applianc...

CVE-2014-2383 - Arbitrary file read in dompdf

Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 partial fix Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is present on dompdf.php file that allows remote or local...

CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

DEBIAN-CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

UBUNTU-CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

PT-2014-4669 · Dompdf · Dompdf

Name of the Vulnerable Software and Affected Versions: dompdf versions prior to 0.6.1 Description: The issue allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input file parameter. This can be demonstrated by using a...

CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

dompdf 0.6.0 Arbitrary File Read Vulnerability

Exploit for php platform in category web applications Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 partial fix Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is...