Lucene search
K

6043 matches found

myhack58
myhack58
added 2007/03/19 12:0 a.m.12 views

oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)-vulnerability warning-the black bar safety net

include windows. h include stdio. h BOOL InjectShellcodeDWORD oldEIP,CHAR oSID HMODULE hKernel; FARPROC pCreateProc; LPSTR sCommand="cmd.exe"; DWORD dwStrLen; CHAR buff1 0 0; dwStrLen=strlensCommand; hKernel=LoadLibrary"Kernel32.dll"; pCreateProc=GetProcAddresshKernel,"CreateProcessA"; strcpybuff...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/10 12:0 a.m.36 views

Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption

!/usr/bin/python MS Windows DCE-RPC svcctl ChangeServiceConfig2A 0day Memory Corruption PoC Exploit Bug discovered by Krystian Kloskowski h07 Tested on Windows 2000 SP4 Polish all patches Requires.. - Impacket : http://oss.coresecurity.com/projects/impacket.html - PyCrypto :...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/03/07 12:0 a.m.5 views

PT-2007-1419 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server affected versions not specified Description: The issue allows remote authenticated users to read and modify arbitrary files via full filepaths to utl file functions such as utl file.put line and utl file.get line when u...

6CVSS6.7AI score0.05651EPSS
Exploits1References6
exploitpack
exploitpack
added 2007/03/01 12:0 a.m.18 views

Snort 2.6.1 - DCERPC Preprocessor Remote Buffer Overflow

Snort 2.6.1 - DCERPC Preprocessor Remote Buffer Overflow !/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow Command Execution Version Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit call calc.exe on Windows XP SP2 + Snort 2.6.1 Note: thi...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/01 12:0 a.m.35 views

Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow

!/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow Command Execution Version Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit call calc.exe on Windows XP SP2 + Snort 2.6.1 Note: this exploit use Scapy http://www.secdev.org/projects/scapy/...

7AI score
Exploits0
0day.today
0day.today
added 2007/02/23 12:0 a.m.17 views

Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit

Exploit for multiple platform in category dos / poc =================================================================== Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit =================================================================== !/usr/bin/python Snort DCE/RPC Preprocess...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/23 12:0 a.m.35 views

Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow (Denial of Service) (PoC)

!/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow DoS Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit just crash Snort 2.6.1 on Fedora Core 4. However, Code Execution may be possible, but I have no time to make it : I will post the...

7.4AI score
Exploits0
NVD
NVD
added 2007/01/26 12:28 a.m.17 views

CVE-2007-0507

SQL injection vulnerability in the Acidfree module for Drupal before 4.6.x-1.0, and before 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles...

6CVSS8AI score0.01005EPSS
Exploits0References6
seebug.org
seebug.org
added 2007/01/24 12:0 a.m.16 views

Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit

No description provided by source. / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret [email protected] Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/01/23 12:0 a.m.14 views

Oracle 10g - SYS.KUPW$WORKER.MAIN PL SQL Injection

Oracle 10g - SYS.KUPW$WORKER.MAIN PL SQL Injection / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2007/01/23 12:0 a.m.14 views

Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL SQL Injection

Oracle 10g - SYS.KUPV$FT.ATTACHJOB PL SQL Injection / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...

0.3AI score
Exploits0
0day.today
0day.today
added 2007/01/23 12:0 a.m.31 views

Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit

Exploit for multiple platform in category local exploits ======================================================== Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit ======================================================== / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret...

6.9AI score
Exploits0
0day.today
0day.today
added 2007/01/23 12:0 a.m.21 views

Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit

Exploit for multiple platform in category local exploits ========================================================== Oracle 10g SYS.KUPV$FT.ATTACHJOB PL/SQL Injection Exploit ========================================================== / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/23 12:0 a.m.29 views

Oracle 10g - SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL / SQL Injection

/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION Max. Length 97. Very, very cool / select from userroleprivs ; DECLARE SEQUENCEOWNER VARCHAR2200; SEQUENCENAME VARCHAR2200; vuserid number; vcommands VARCHAR232767; NEWVALUE NUMBER; BEGIN SELEC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/23 12:0 a.m.27 views

Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection

/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA AUTONOMOUSTRANSACTION; BEGIN EXECUTE IMMEDIATE 'GRANT DBA TO TEST'...

7.4AI score
Exploits0
OSV
OSV
added 2007/01/16 11:28 p.m.1 views

DEBIAN-CVE-2007-0254

Format string vulnerability in the errorscreatewindow function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors...

10CVSS7.6AI score0.03486EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2007/01/13 12:0 a.m.16 views

MOAB-09-01-2007.rb.txt

!/usr/bin/ruby c 2006 LMH . require 'fileutils' require 'zlib' hdiutil = "/usr/bin/hdiutil" dmgname = ARGV0 || "MOAB-09-01-2007.dmg" dmgsize = ARGV1 || "200k" filesys = ARGV2 || "UFS" volname = "" 255.times do volname i = Kernel.rand62; i += i 10 ? 48 : i 36 ? 55 : 61 .chr end FileUtils.rmfdmgnam...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/01/04 12:0 a.m.23 views

Cacti Copy_Cacti_User.PHP SQL注入漏洞

Cacti是一款基于PHP的WEB应用程序。 Cacti不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'CopyCactiUser.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意脚本代码作为参数数据,可导致获得敏感信息。 Cacti Cacti 0.8.6i 目前没有解决方案提供: http://cacti.net/ ?php printr' --------------------------------------------------------------------------- Cacti 0.8.6i...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/31 12:0 a.m.40 views

Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- Cacti 0.8.6i "copycactiuser.php" sql injection create new admin exploit by rgod dork: intitle:"login to cacti" mail: retrog at alice dot it site:...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/12/30 12:0 a.m.72 views

Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit

Exploit for unknown platform in category web applications ===================================================================== Cacti 0.8.6i copycactiuser.php SQL Injection Create Admin Exploit ===================================================================== 126 $result.=" ."; else $result.=...

7.1AI score
Exploits0
Rows per page
Query Builder