CVE-2004-2639

Unspecified vulnerability in Journalness 3.0.7 and earlier allows remote attackers to create or modify posts via unknown attack vectors...

xarayaDOS.txt

Xaraya = 1.0.0 RC4 D.O.S / file corruption software: site: http://www.xaraya.com description: "Xaraya 1.0 Core is an Open Source web application framework written in PHP" vulnerable code in create function in xarMLSXML2PHPBackend.php: i you can create an empty dir, in some cases this leads to...

Xaraya <= 1.0.0 RC4 D.O.S / file corruption

Xaraya = 1.0.0 RC4 D.O.S / file corruption software: site: http://www.xaraya.com description: "Xaraya 1.0 Core is an Open Source web application framework written in PHP" vulnerable code in create function in xarMLSXML2PHPBackend.php: i you can create an empty dir, in some cases this leads to...

phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit

Exploit for linux platform in category remote exploits ================================================================ phpBB 2.0.13 adminstyles.php Remote Command Execution Exploit ================================================================ !/usr/bin/perl r57phpbbadmin2exec.pl phpBB...

USN-180-1: MySQL vulnerability

AppSecInc Team SHATTER discovered a buffer overflow in the "CREATE FUNCTION" statement. By specifying a specially crafted long function name, a local or remote attacker with function creation privileges could crash the server or execute arbitrary code with server privileges. However, the right to...

CVE-2005-2489

Web Content Management News System allows remote attackers to create arbitrary accounts and gain privileges via a direct request to Admin/Users/AddModifyInput.php...

Alt-N MDaemon 8.0 - IMAP Server CREATE Remote Buffer Overflow (PoC)

Alt-N MDaemon 8.0 - IMAP Server CREATE Remote Buffer Overflow PoC source: https://www.securityfocus.com/bid/14315/info Alt-N MDaemon IMAP Server is affected by a remote buffer overflow vulnerability. This issue presents itself when an attacker submits excessive data through the CREATE command...

Multiple MDaemon mail server vulnerabilities

DoS on incomlete CRAM-MD4 handshake, buffer overflow on IMAP CREATE command...

FreeBSD : mysql-server -- multiple remote vulnerabilities (619ef337-949a-11d9-b813-00d05964249f)

SecurityFocus reports : MySQL is reported prone to an insecure temporary file creation vulnerability. Reports indicate that an attacker that has 'CREATE TEMPORARY TABLE' privileges on an affected installation may leverage this vulnerability to corrupt files with the privileges of the MySQL proces...

CVE-2005-1759

Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751...

Forum Russian Board 4.2 Full Command Execution Exploit

No description provided by source. !/usr/bin/perl Forum Russian Board 4.2 Full FRB http://www.carline.ru , http://frb.ru command execution exploit by RST/GHC http://rst.void.ru , http://ghc.ru bugs found by foster & 1dt.w0lf , xpl coded by 1dt.w0lf RST/GHC - http://rst.void.ru , http://ghc.ru use...

Tcpdump - bgp_update_print Remote Denial of Service

/ 2005-05-31: Modified by [email protected] to test tcpdump infinite loop vulnerability. libnet 1.1 Build a BGP4 update message with what you want as payload Copyright c 2003 Fr d ric Raynal All rights reserved. Examples: empty BGP UPDATE message: ./bgp4update -s 1.1.1.1 -d 2.2.2.2 libnet 1.1...

CVE-2005-1903

Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command...

CVE-2005-1151

qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root...

Mozilla Firefox view-source:javascript url Code Execution Exploit

Exploit for multiple platform in category remote exploits ================================================================= Mozilla Firefox view-source:javascript url Code Execution Exploit ================================================================= Firelinking 2 - Proof-of-Concept by mikx...

CVE-2005-1496

The DBMSScheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSIONUSER to the SYS user...

CVE-2005-0244

PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command...

CVE-2005-0244

PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command...

security flaw

The bluezsockcreate function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via 1 socket or 2 socketpair call with a negative protocol value...

USN-103-1: Linux kernel vulnerabilities

Mathieu Lafon discovered an information leak in the ext2 file system driver. When a new directory was created, the ext2 block written to disk was not initialized, so that previous memory contents which could contain sensitive data like passwords became visible on the raw device. This is...