1140 matches found
Accessing XBL compilation scope via valueOf.call() — Mozilla
mozbugra4 discovered that the compilation scope of privileged built-in XBL bindings was not fully protected from web content and could be accessed by calling valueOf.call and valueOf.apply on a method of that binding. This could then be used to compile and run attacker-supplied JavaScript, giving...
Cube 2005_08_29 - Multiple Buffer Overflow / Crash
/ by Luigi Auriemma You NEED Enet for compiling this tool then remember -lenet http://enet.bespin.org / http://enet.cubik.org / include include include include define VER "0.1" define PORT 28765 define MAXTRANS 5000 define BOFSZ MAXTRANS + 2400 define MAPSUX...
Borland C BCB6 compiler / tiny c compiler Invalid sizeof() calculation
Invalid sizeof calculation for integer during 64-bit code compilation leads to different problems...
Internet Download Manager <= 4.05 Input URL Stack Overflow Exploit
No description provided by source. / Title : Internet Download Manager = 4.05 universal remote overflow Exploit bug analyse and exploit code by : c0d3r "Kaveh Razavi" [email protected] my advisory : http://www.ihsteam.com/advisory/downloadmanageradv.txt this bug is differnt from what was found in...
Einstein <= 1.01 Local Password Disclosure Exploit (asm)
No description provided by source. ; Nothing Special other than the program doesnt encode the user/pass in the registry. ; Einstein v1.01 - http://www.Bfriendly.com some crappy file school sharing program ; made because i think C is overkill for these types of local exploits, ; shit we can does...
DEBIAN-CVE-2004-2687
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks...
CVE-2004-0490
cPanel, when compiling Apache 1.3.29 and PHP with the modphpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPTFILENAME variable to find and execute a script instead of the PATHTRANSLATED variable, which allows local users to execute arbitrary PHP code...
cPanel 5 < 9 - Local Privilege Escalation
source: https://www.securityfocus.com/bid/10407/info cPanel is reported prone to a privilege escalation vulnerability. It is reported that the options used by cPanel to compile Apache 1.3.29 and PHP using the modphpsuexec option are insecure. These settings will reportedly permit a local attacker...
XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit
Exploit for linux platform in category remote exploits ======================================================= XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit ======================================================= / X-Chatv1.8.0 - v2.0.8: socks-5 remote buffer overflow exploit. by:...
MS Windows 2K/XP TCP Connection Reset Remote Attack Tool
Exploit for unknown platform in category dos / poc ======================================================== MS Windows 2K/XP TCP Connection Reset Remote Attack Tool ======================================================== AFX TCP Reset by Aphex http://www.iamaphex.cjb.net email protected Compile...
Symbolic links problem during automake compilation
No description provided...
GNU libtool simbolic links problem
Symbolic links problem during compilation...
Microsoft Windows - Workstation Service WKSSVC Remote (MS03-049)
Microsoft Windows - Workstation Service WKSSVC Remote MS03-049 / Author: snooq Date: 14 November 2003 +++++++++++++ THIS IS A PRIVATE VERSION +++++++++++++++ This is just slightly better than the one I posted to packetstorm.... The public version will crash 'services.exe' immediately while this o...
MySQL 3.23.x/4.0.x - Remote Buffer Overflow
/ Mysql 3.23.x/4.0.x remote exploit proof of concept using jmp eax bkbll bkbll cnhonker.net,bkbll tom.com 2003/09/12 compile:gcc -o mysql mysql.c -L/usr/lib/mysql -lmysqlclient DO NOT DISTRUBITED IT / include include include include include include include include include define PAD 1942 define...
MS Windows RPC Locator Service Remote Exploit
Exploit for unknown platform in category remote exploits ============================================= MS Windows RPC Locator Service Remote Exploit ============================================= / rpcexp.c RPC LOCATOR Exploit Autor: Marcin Wolak mail: email protected Last update: 30 march 2003 / ...
Microsoft Windows 2000NT 4 - RPC Locator Service Remote Overflow
Microsoft Windows 2000NT 4 - RPC Locator Service Remote Overflow / rpcexp.c RPC LOCATOR Exploit Autor: Marcin Wolak mail: [email protected] Last update: 30 march 2003 / / About Compilation: What You need to compile rpcexp.c ? 1. MS Platform SDK August SDK is sufficient. 2. Compilator f.e. MS Visual...
Bug in compile portion for older versions of CheckPoint Firewalls
There is a bug in how CheckPoint firewalls prior to version 4.0 SP2 handled compiling the firewall policy on Solaris workstations. I was actually migrating a client from version 4.0 SP1 when I stumbled on this. The vendor was contacted on January 30, 2001 and responded on February 2, 2001 that th...
[SECURITY] [DSA-048-2] samba for sparc was incorrectly built
Package : samba Problem type : recompile of sparc packages Debian-specific: yes The updated samba packages that were mentioned in DSA-048-1 were unfortunately compiled incorrectly: the stable chroot we used turned out to be running unstable instead. A new package with version 2.0.7-3.2.1 have bee...
Allaire JRun 2.3 - Arbitrary Code Execution
Allaire JRun 2.3 - Arbitrary Code Execution source: https://www.securityfocus.com/bid/1831/info Jrun contains a vulnerability that allows a user to compile and execute JSP code from an arbitrary file on the webserver's filesystem. This bug is due to the way JSP execution is invoked -- if a...
CVE-2000-0685
BEA WebLogic 5.1.x is vulnerable because PageCompileServlet does not properly restrict access, allowing remote attackers to compile and execute Java JHTML code by invoking the servlet on any source file. The issue stems from inadequate access controls for the servlet, enabling arbitrary code exec...