CVE-2008-1033

The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information credentials by reading the log data, related to "authentication environment variables."...

kernel-xen 3.1.1 virtual guest system denial of service (hypervisor crash) possibility

Xen 3.1.1 allows virtual guest system users to cause a denial of service hypervisor crash by using a debug register DR7 to set certain breakpoints...

CA iTechnology iGateway Debug Mode Buffer Overflow

This module exploits a vulnerability in the Computer Associates iTechnology iGateway component. When True is enabled in igateway.conf non-default, it is possible to overwrite the stack and execute code remotely. This module works best with Ordinal payloads. This module requires Metasploit:...

Arbitrary file deletion

inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file...

CVE-2008-1684

inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file...

CVE-2008-1684

CVE-2008-1684 affects Sun Solaris 10 where inetd with debug logging enabled allows a local user to write to arbitrary files via a symlink attack on /var/tmp/inetd.log. The vulnerability is triggered locally (attack vector: LOCAL) with integrity and confidentiality unaffected, but availability can...

CVE-2008-1684

inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file...

Neat weblog 0.2 (articleId) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================== Neat weblog 0.2 articleId Remote SQL Injection Vulnerability ============================================================== !/usr/bin/perl Neat weblog 0.2 SQL Injection Exploit...

Format string

Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent CMA 3.6.0.574 Patch 3 and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service crash or execute arbitrary code via format string...

Home FTP Server 1.4.5 Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ====================================================== Home FTP Server 1.4.5 Remote Denial of Service Exploit ====================================================== Discovered by 0in from DaRk-CodeRs Programming & Security Group Contact:...

Crysis <= 1.1.1.5879 Remote Format String Denial of Service PoC

No description provided by source. The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP...

crysis-format.txt

The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP+8 30503270 52 PUSH EDX 30503271 FF...

Crysis 1.1.1.5879 - Remote Format String Denial of Service (PoC)

The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP+8 30503270 52 PUSH EDX 30503271 FF...

Crysis 1.1.1.5879 - Remote Format String Denial of Service (PoC)

Crysis 1.1.1.5879 - Remote Format String Denial of Service PoC The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424...

ClassCastException reported when stopping JIRA

When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...

ClassCastException reported when stopping JIRA

When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...

ClassCastException reported when stopping JIRA

When stopping tomcat wich hosts only Jira, there is always such stack trace in tomcat logs: code 2008-02-18 19:25:32,767: ERROR Thread-33 - org.apache.catalina.core.ContainerBase.Catalina.localhost./jira.release - ApplicationFilterConfig.doAsPrivilege java.lang.ClassCastException:...

openSUSE 10 Security Update : kernel (kernel-4986)

This kernel update fixes the following security problems : - CVE-2008-0600: A local privilege escalation was found in the vmsplicepipe system call, which could be used by local attackers to gain root access. - CVE-2007-6206: Core dumps from root might be accessible to the wrong owner. And the...

ablog-sqlxss.txt

!/usr/bin/perl A-Blog V.2 Multiple Remote Vulnerabilities SQL Injection Exploit/XSS AUTHOR : IRCRASH Discovered by : Dr.Crash Exploited By : Dr.Crash IRCRASH Team Members : Dr.Crash - Malc0de - R3d.w0rm Script Download : http://heanet.dl.sourceforge.net/sourceforge/a-blog/A-BlogV2.rar XSS Address...

Digging inside the operating system does not export the function,will be injected to the end-vulnerability warning-the black bar safety net

InjectCode for Win9x.. Article author:Anskya Original source:see snow Forum Reproduced please retain the copyrightThank you Now injected many ways,but without the outer cover three: 1. Using the mapping code and then create a remote thread 2. The use of the message hook to insert the DLL in two 3...