118 matches found
linux/x86 shared memory exec 50 bytes
linux/x86 shared memory exec 50 bytes. Shellcode exploit for linx86 platform / [email protected] - http://www.nopninjas.com Platform: Linux x86 Length: 50 bytes - This shellcode connects to the shared memory segment matching the key and executes the code at that address. xorl %edi,%edi xorl...
linux/x86 ipchains -F 49 bytes
linux/x86 ipchains -F 49 bytes. Shellcode exploit for linx86 platform include include / asm" sub $0x4,%esp Con esto conseguimos que la shellcode nunca se popl %esp sobreescriba... gracias RaiSe : xorl %edx,%edx %edx a cero pushl %edx y ponemos los zeros del final del string en memoria pushw $0x46...
BlackJumboDog FTP Server 3.6.1 - Remote Buffer Overflow
/ 6.9.04|www.Delikon.de|Delikon BlackJumboDog FTP Server Buffer Overflow version 3.6.1 http://www.securiteam.com/windowsntfocus/5AP040ADPW.html Thx to Chew Keong TAN C:\Codes\blackjumbodog\Releasebjdexploit 192.168.0.3 21 klein.exe BlackJumboDog FTP Server Buffer Overflow version 3.6.1...
JPortal SQL Injects
Jportal is a portal system, quite commonly used: Google Results 1 - 10 of about 56,100 for "powered by jportal". 0.22 seconds Homepage: http://jportal2.com/ I've read its code and found: in module/print.inc.php: function artprint .... $query = "SELECT FROM $arttbl WHERE id=$id"; ... What to say? ...
MS04-009: Vulnerability in Outlook could allow code execution (828040)
The remote host is running a version of outlook that could allow Internet Explorer to execute script code in the Local Machine zone and therefore let an attacker execute arbitrary programs on this host. To exploit this bug, an attacker would need to send an special HTML message to a user of this...
Ezboard - 'invitefriends.php3' Cross-Site Scripting
source: https://www.securityfocus.com/bid/8519/info The 'invitefriends.php3' script of Ezboard has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on user-supplied URI parameters. This issue could be exploited to cause hosti...
Microsoft Security Bulletin MS03-013: Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges 811493 Date: 16 April 2003 Software: Microsoft Windows NT 4.0, Windows 2000, and Windows XP Impact...
Geeklog 1.3.7 - 'users.php?uid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6602/info Geeklog is prone to a cross-site scripting vulnerability in the 'users.php' script. This issue is due to insufficient sanitization of input submitted in URI parameters. As a result, an attacker may create a malicious link to a site hosting...
Geeklog 1.3.7 - 'Homepage User' HTML Injection
source: https://www.securityfocus.com/bid/6604/info Geeklog is prone to HTML injection attacks. The user account 'Homepage' field is not sufficiently sanitized of HTML and script code. As a result, a malicious user may inject malicious HTML and script code into this field. When the malicious user...
Drupal 4.0 - News Message HTML Injection
source: https://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contain...
BadBlue 302 Status Message XSS
BadBlue 1.74 presumably earlier is susceptible to a cross-site scripting attack. When BadBlue is passed a name of a non-existant file path or an existant folder that does not end in a 0x2f character "/" it returns a 302 status code containing some text: HTTP/1.0 302 found Location: /SCRIPT/...
Geeklog 1.3.5 - HTML Attribute Cross-Site Scripting
source: https://www.securityfocus.com/bid/5270/info A cross site scripting vulnerability has been reported for Geeklog. Reportedly, Geeklog does not properly sanitize user supplied input before being included when posting comments or writing stories. Geeklog makes efforts to sanitize some malicio...
Fluid Dynamics Search Engine 2.0 - Cross-Site Scripting
Fluid Dynamics Search Engine 2.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5199/info Fluid Dynamics Search Engine is a search application for local and remote web sites, and is designed to work in most UNIX and Microsoft Windows environments. Fluid Dynamics Search Engine an...
Icecast list_directory Function Traversal File/Directory Enumeration
The remote server does not return the same error codes when it is requested a nonexistent directory and an existing one. An attacker may use this flaw to deduct the presence of several key directory on the remote server, and therefore gain further knowledge about it. %NASLMINLEVEL 70300 C Tenable...
CSSearch 2.3 - Remote Command Execution
CSSearch 2.3 - Remote Command Execution source: https://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to...
WU-FTPD 2.6.0 - Remote Format Strings
WU-FTPD 2.6.0 - Remote Format Strings / 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible f...
CVE-1999-0879
CVE-1999-0879 describes a buffer overflow in WU-FTPD and related FTP servers that allows remote attackers to gain root privileges by exploiting macro variables in a message file. The vulnerability affects the FTP server software in the late 1990s era; multiple sources (including Red Hat CVE refer...
Netscape Communicator 4.06/4.5/4.6/4.51/4.61 - EMBED Buffer Overflow
/ source: https://www.securityfocus.com/bid/618/info In several versions of Netscape Communicator, there is an unchecked buffer in the code that handles EMBED tags. The buffer is in the 'plugins page' option. This vulnerability can be exploited by a malicious webpage. / // /Netscape communicator...