8009 matches found
[SECURITY] Fedora Core 6 Update: postgresql-8.1.7-1.fc6
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
Vmare workstation guest isolation weaknesses (clipboard transfer)
Suggested severity level: Low Type of Risk: isolation failure, information leakage, infection path Affected Software: VMware Workstation, version 5.5.3 build 34685 including installation of "VMware tools" of the same version on the guest OS. Other products by the vendor using the same isolation...
CVE-2007-0627
Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process...
Default credentials
Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process...
CVE-2007-0627
The CVE-2007-0627 issue affects gtalkbot (before v1.2). The root cause is that username and password are placed on the command line, enabling local users to obtain credentials by listing the process. The vulnerability exposes sensitive information via process listing (local exploit). The connecte...
CVE-2007-0627
Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process...
MOAB-21-01-2007.rb.txt
!/usr/bin/ruby Copyright c 2007 Kevin Finisterre Lance M. Havok All pwnage reserved. "Exploit" for MOAB-21-01-2007: OS X, making root shells easier each day. SHELLWRAP = 'int main system"/bin/sh -i"; return 0; ' SHELLPLANT = 'int main system"chown root: /tmp/shX; chmod 4755 /tmp/shX"; return 0; '...
Using Porttunnel do Super springboard-a vulnerability warning-the black bar safety net
PortTunnel heard? Uh, a good port mapping tool Previously had not how to use, just bitter to the even data are put in the www. brinkster. com space, and domestic on this website has been blocked, so can not access,, gas Had to pick up this weapon Because in the cafe can not properly use the http...
WinZip命令行远程缓冲区溢出漏洞
WinZip是一款流行的解压缩程序。 WinZip处理命令行参数存在缓冲区溢出,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击,可能执行任意指令。 提交类似的命令,可导致WinZip产生缓冲区溢出: Winzip32.exe "A" x 5002 WinZip 9.0 SR-1 目前没有解决方案: http://www.winzip.com/...
Buffer overflow
Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted...
CVE-2007-0264
Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted...
CVE-2007-0264
Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted...
Packeteer PacketShaper multiple buffer overflow
Buffer overflow in Web and command line interfaces...
Invasion of the Windows2000 system is placed back door method-vulnerability warning-the black bar safety net
Before reading this article, assume that you have successfully invaded a Windows2000 host and made the administrator account. Most of the time we invade a host, the purpose is not to directly destroy, in the host on the left back door so that their future can easily“use”of the machine. The Genera...
formbank19-traverse.txt
!perl found by Bl0od3r visit http://dc3.dl.am download:http://www.download-tipp.de/cgi-bin/jump.cgi?ID=8796 developer:http://www.fersch.de/formbankserver/ use LWP::Simple; sub usage die"file.pl host.com /../file.txt"; $host= $ARGV0; $file= $ARGV1; if !$host die"No Host."; ; if !$file die"No File....
Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin
126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex = '\b\d1,3.\d1,3.\d1,3.\d1,3:\d1,5\b...
CVE-2006-6607
The Java Key Store JKS for WebSphere Application Server WAS for IBM Tivoli Identity Manager ITIM 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods...
The command line to create a virtual directory-vulnerability warning-the black bar safety net
Long, long no and we chat, want to everyone. Meet first just to give everyone a small gift. In fact also is not what good stuff. In research and study in progress, no research, no in-depth to understand, there is no progress. Serious learning attitude+pursued+one hundred thousand why. The result...
Critical: Red Hat Security Advisory: elinks security update
An updated elinks package that corrects a security vulnerability is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Elinks is a text mode Web browser used from the command line that supports renderi...
HP-UX 11i (swmodify) Stack Overflow Local Root Exploit
No description provided by source. / HP-UX swmodify buffer overflow exploit ======================================= HP-UX 'swmodify' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficent bounds checking in the "-S"...