NukeSentinel <= 2.5.06 (mysql >= 4.0.24) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php = 4.0.24 Exploit --- ----------------------------------------------------------------------- PHP conditions: none CMS conditions: disableswitch URL: http://www.acid-root.new.fr/ ----------------------------------------------------------------------...

Linux CAPI library buffer overflow

Buffer overflow in debug printing function...

Samba winbindd Debug Log Server Credentials Local Disclosure

According to its version number, the remote Samba server is affected by a flaw that may allow a local attacker to get access to the passwords sent to the winbindd daemon if the debug level has been set to 5 or higher. C Tenable Network Security, Inc. include"compat.inc"; if description...

Fedora Core 6 : kernel-2.6.19-1.2895.fc6 (2007-058)

This is a large rebase to the latest upstream stable kernel 2.6.19.2 Complete changelogs available at www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19 www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.1 www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.2 This update also introduces...

Berlios GPSD 2.7 - Remote Format String (Metasploit)

package Msf::Exploit::gpsdformatstring; use base "Msf::Exploit"; use strict; use Pex::Text; use IO::Socket; my $advanced = ; my $info = 'Name' = 'Berlios GPSD Format String Vulnerability', 'Version' = '$ 1.0 $', 'Authors' = 'Enseirb ', , 'Arch' = 'x86' , 'OS' = 'linux' , 'Priv' = 1, 'UserOpts' =...

GNU InetUtils ftpd 1.4.2 - &#039;ld.so.preload&#039; Remote Code Execution

FTP server GNU inetutils 1.4.2 Remote Root Exploit This program remotely exploits the most recent versions of GNU inetutils ftpd on linux systems. Requirements: 1. There MUST be a chroot'ed environment for the logged in user 2. Directory etc must be writeable by the logged in user duh! The exploi...

Hacking tricks of using pictures do Trojan applications completely resolution-vulnerability warning-the black bar safety net

What is a BMP web page Trojan. It and last long with the stink of a MIME header vulnerability of Trojans different, MIME Trojans is to put an EXE file with a MIME-encoded as an EMLOUT LOOK mailthe file, put it on a web page using IE and OE coding vulnerability to automatically download and execut...

IBM AIX Debug Malloc工具本地溢出漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX的debug malloc工具中存在堆溢出漏洞，本地攻击者可能利用此漏洞提升自己的权限。 如果本地攻击者使用debug malloc工具调试可执行程序的话，就可能以超级用户权限执行任意代码。 IBM AIX 5.3L IBM AIX 5.3 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： ftp://aix.software.ibm.com/aix/efixes/security/dbgmallocifix.tar.Z...

IBM AIX chcons命令本地溢出漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX chcons命令中存在本地溢出漏洞，成功利用这个漏洞的攻击者可以以当前用户的权限执行任意代码。 如果启用了DEBUG MALLOC的话，则攻击者可以通过发送超长的输入参数导致chcon发生核心转储（coredump）。 IBM AIX 5.3L IBM AIX 5.3 IBM AIX 5.2L IBM AIX 5.2 IBM AIX 5.1L IBM AIX 5.1 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.ers.ibm.com/...

debug217_php.txt

INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode = $regs3; else $suffix = "&debug=1"; $curl = curlinit$site.'act=Reg&CODE=10'.$suffix; curlsetopt$curl, CURLOPTPROXY, $proxy; curlsetopt$curl,...

Invision Power Board &lt;= 2.1.7 (Debug) Remote Password Change Exploit

No description provided by source. ?php / Debug Mode password change vulnerability Affects Invision Power Borard 2.0.0 to 2.1.7 by Rapigator This works if: "Debug Level" is set to 3 or Enable SQL Debug Mode is turned on In General Configuration of the forum software. / // The forum's address up t...

[Full-disclosure] Invision Power Board 2.1.7 debug mode vulnerability

Debug mode is a feature in IPB 2.0.0-2.1.7 that shows all database queries for each forum page requested. If Debug mode is turned on, it is possible for anyone to request a forgotten password for an account, and capture the validation key that is sent to the account's email address. This allows a...

Invision Power Board <= 2.1.7 (Debug) Remote Password Change Exploit

Exploit for unknown platform in category web applications ==================================================================== Invision Power Board INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode =...

Invision Power Board 2.1.7 - &#039;Debug&#039; Remote Password Change

INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode = $regs3; else $suffix = "&debug=1"; $curl = curlinit$site.'act=Reg&CODE=10'.$suffix; curlsetopt$curl, CURLOPTPROXY, $proxy; curlsetopt$curl,...

Invision Power Board 2.1.7 - Debug Remote Password Change

Invision Power Board 2.1.7 - Debug Remote Password Change INSERT INTO \w?regantispam \regid,regcode,ipaddress,ctime\ VALUES\'\w32?',\d?,/', $page, $regs $prefix = $regs1; $regid = $regs2; $regcode = $regs3; else $suffix = "&debug=1"; $curl = curlinit$site.'act=Reg&CODE=10'.$suffix;...

SCO Unixware 7.1.3 (ptrace) Local Privilege Escalation Exploit

No description provided by source. / SCO Unixware 7.1.3 ptrace local root exploit ============================================ SCO Unixware 7.1.3 kernel allows unprivledged users to debug binaries. The condition can be exploited by an attacker when he has execute permissions to a file which has t...

liblesstif &lt;= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit

No description provided by source. !/bin/sh echo echo "mtink libXm local root exploit" echo " [email protected] " echo umask 000 export DEBUGFILE="/etc/ld.so.preload" cat /tmp/lib.c EOF include unistd.h void initvoid if getuid!=0 && geteuid==0 setuid0; unlink"/etc/ld.so.preload"; execl"/bin/bash",...

FreeBSD : dokuwiki -- multiple vulnerabilities (fcba5764-506a-11db-a5ae-00508d6a62df)

Secunia reports : rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the 'TARGETFN' parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via director...

[SA22041] Fi Win WiFi Phone SS28S Debug Console Security Issue

---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available:...

FiWin SS28S Wi-Fi phones backdoor account

Phone has debug console with telnet access and hardcoded account 1 with password 1...