7991 matches found
PHP 4.4.6 crack_opendict() Local Buffer Overflow Exploit PoC
No description provided by source. ?php //PHP 4.4.6 crackopendict local buffer overflow poc exploit //win2k sp3 version / seh overwrite method //to be launched from the cli // by rgod // site: http://retrogod.altervista.org if !extensionloadedcrack dieyou need the crack extension loaded.; $scode=...
Internet Explorer Winhlp32.exe MsgBox Code Execution
No description provided by source. $Id: ms10022ievbscriptwinhlp32.rb 10504 2010-09-28 16:19:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...
CuteNews <= 1.4.5 Admin Password md5 Hash Fetching Exploit
No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // Cutenews = 1.4.5 admin password md5 hash fetching exploit // Version 1.0 // written by Jan...
point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure
point-cli Gem for Ruby contains a flaw in /lib/commands/setup.rb that is due to the application exposing credential information in plaintext in the process table. This may allow a local attacker to gain access to credential information...
Juniper Networks Junos OS Exclusive Edit Mode Privilege Escalation Vulnerability
Privilege Escalation in exclusive edit mode SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...
Fedora 19 : php-phpunit-PHPUnit-MockObject-1.2.3-4.fc19 / php-5.5.13-3.fc19 / etc (2014-6904)
29 May 2014, PHP 5.5.13 CLI server : - Fixed bug 67079 Missing MIME types for XML/XSL files. Anatol COM : - Fixed bug 66431 Special Character via COM Interface CPUTF8. Anatol Core : - Fixed bug 65701 copy doesn't work when destination filename is created by tempnam. Boro Sitnikovski - Fixed bug...
Fedora 20 : php-phpunit-PHPUnit-MockObject-1.2.3-4.fc20 / php-5.5.13-3.fc20 / etc (2014-6901)
29 May 2014, PHP 5.5.13 CLI server : - Fixed bug 67079 Missing MIME types for XML/XSL files. Anatol COM : - Fixed bug 66431 Special Character via COM Interface CPUTF8. Anatol Core : - Fixed bug 65701 copy doesn't work when destination filename is created by tempnam. Boro Sitnikovski - Fixed bug...
CVE-2013-2073
The Connected documents confirm CVE-2013-2073 affects the Transifex command-line client, where versions before 0.9 do not validate X.509 certificates, allowing an attacker to MITM-spoof the Transifex server with an arbitrary certificate. Impact is spoofing data-transfer connections due to missing...
Cisco Unified Communications Manager Arbitrary File Read Vulnerability
A vulnerability in the command-line interface CLI of Cisco Unified Communications Manager Cisco UCM could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to incomplete input validation. An attacker could exploit this vulnerability by issuin...
CVE-2014-0880
IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrativ...
Code injection
IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrativ...
CVE-2014-0880
IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrativ...
Allied Telesis AT-RG634A Unauthenticated Webshell
Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing Authentication for Critical Function Affected products: - Allied Teles...
TP-LINK TL-R600VPN V2安全漏洞
TP-LINK TL-R600VPN是千兆比特宽带VPN路由器。 TP-LINK TL-R600VPN V2 140212之前版本在Web CLI、PPTP VPN相关的实现上存在安全漏洞,目前细节未知。 0 TP-LINK TL-R600VPN V2 厂商补丁: TP-LINK ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.tp-link.com/en/support/download/ http://www.tp-link.us/support/download/?model=TL-R600VPN&version=V2...
Palo Alto Networks PAN-OS < 4.0.9 / 4.1.x < 4.1.2 Multiple Command Injections
The remote host is running a version of Palo Alto Networks PAN-OS prior to 4.0.9 / 4.1.2. It is, therefore, affected by multiple command injection vulnerabilities : - A vulnerability exists that allows an authenticated user to inject arbitrary shell commands via the CLI. CVE-2012-6595 /...
Palo Alto Networks PAN-OS < 4.0.8 Multiple Vulnerabilities
The remote host is running a version of Palo Alto Networks PAN-OS prior to 4.0.8. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to overly verbose error messages. An attacker can exploit this vulnerability by sending specially crafted...
CVE-2014-2059
Directory traversal vulnerability in the CLI job creation hudson/cli/CreateJobCommand.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name...
CVE-2014-2059
Directory traversal vulnerability in the CLI job creation hudson/cli/CreateJobCommand.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name...
Directory traversal
Directory traversal vulnerability in the CLI job creation hudson/cli/CreateJobCommand.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name...
CVE-2014-2059
CVE-2014-2059 describes a directory traversal in Jenkins via the CLI CreateJobCommand (hudson/cli/CreateJobCommand.java). The vulnerability allows remote authenticated users to overwrite arbitrary files through the job name, affecting Jenkins before 1.551 and LTS before 1.532.2. Connected sources...