Microsoft Excel - Code Execution

// This is an easy compilation version by phar include include /--------------------------------------------------------------------- Microsoft Excel Remote Code Execution Proof Of Concept. Tested against : Excel 2000 on Win XP SP1 , and Win2000 SP4 Description: Microsoft Excel is prone to a remo...

[Full-disclosure] MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable

Hello this is kcope, recently I thought I had discovered a remote preauth vulnerability in MDaemon latest version 9.0.1/9.0.2. And it really looked like one in the debugger OllyDbg .. so I posted it to full disclosure. Afterwards I tried to write an exploit, and yes I succeeded! But the problem i...

Dynamic function monitoring technology in a buffer overflow detection-vulnerability warning-the black bar safety net

Dynamic function monitoring technology in a buffer overflow detection applications Abstract: this article through the Window of the environment under the function of the hijacking method of analysis, and combined with the debugger techniques, the proposed dynamic monitoring process of the functio...

CVE-2006-1832

sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action...

Design/Logic Flaw

sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action...

CVE-2006-1832

CVE-2006-1832 affects sysinfo.cgi in sysinfo 1.21, allowing remote attackers to obtain the installation path via the debugger action. The available sources describe the affected component and the exposure but do not provide a public fix or remediation details. There is no explicit exploit code or...

CVE-2006-1832

sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action...

devhelp, mozilla security update

CentOS Errata and Security Advisory CESA-2006:0329 Updated mozilla packages that fix several security bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 24 Apr 2006 The erratum text has been updated to include the...

linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes

linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes. Shellcode exploit for linx86 platform / linux/x86 anti-debug trick INT 3h trap + execve"/bin/sh", "/bin/sh", NULL, NULL - 39 bytes The idea behind a shellcode w/ an anti-debugging trick embedded in it, is if for any reason the IDS...

ACT P202S wireless VoIP phone multiple vulnerabilities

VxWorks debugger TCP/17185 access, rlogin access...

Senao SI-7800H wireless VoIP phone multiple vulnerabilities

VxWorks debugger TCP/17185 access...

Ubuntu 4.10 / 5.04 : binutils vulnerability (USN-136-1)

Tavis Ormandy found an integer overflow in the Binary File Descriptor BFD parser in the GNU debugger. The same vulnerable code is also present in binutils. By tricking an user into processing a specially crafted executable with the binutils tools strings, objdump, nm, readelf, etc., an attacker...

Ubuntu 4.10 / 5.04 : gdb vulnerabilities (USN-135-1)

Tavis Ormandy found an integer overflow in the GNU debugger. By tricking an user into merely load a specially crafted executable, an attacker could exploit this to execute arbitrary code with the privileges of the user running gdb. However, loading untrusted binaries without actually executing th...

CVE-2005-4741

NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid PSUGID process that performs an exec without a reset of real credentials...

Microsoft IIS Remote DoS .DLL Url exploit

Microsoft IIS Remote DoS .DLL Url exploit Advisory Name Microsoft IIS Remote Denial of Service DoS .DLL Url exploit Release Date 16. December 2005 Vulnerable Microsoft® Internet Information Server® V5.1 Not vulnerable Microsoft® Internet Information Server® V5.0 Microsoft® Internet Information...

CVE-2005-3804

Cisco IP Phone VoIP 7920 1.08 listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service...

CVE-2005-3804

The CVE-2005-3804 family is tied to Cisco IP Phone 7920 (VoIP) 1.0(8), where the device listens on UDP port 17185 to support a VxWorks debugger. This exposes a WDB debug service that remote attackers can use to obtain sensitive information and cause a denial of service. Related entries (Wind Rive...

CVE-2005-3804

Cisco IP Phone VoIP 7920 1.08 listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service...

PT-2005-4555

Name of the Vulnerable Software and Affected Versions Cisco IP Phone VoIP 7920 version 1.08 Description The issue allows remote attackers to obtain sensitive information and cause a denial of service. This is due to the phone listening to UDP port 17185 for a VxWorks debugger. Recommendations For...

CVE-2005-3715

Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service...