[SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2078-1 [email protected] http://www.debian.org/security/ Nico Golde July 31nd, 2010 http://www.debian.org/security/faq -...

CVE-2010-2540

CVE-2010-2540 affects MapServer’s mapserv CGI interface. In MapServer versions prior to 4.10.6 and 5.x prior to 5.6.4, CGI arguments intended for debugging are not properly restricted, enabling remote attackers to craft arguments and trigger an unspecified impact. Fixed in MapServer 4.10.6 and 5....

Fedora 13 : gcc-4.4.4-10.fc13 (2010-10415)

Wed Jun 30 2010 Jakub Jelinek 4.4.4-10 - update from gcc-44-branch - PRs fortran/43841, fortran/43843, tree-optimization/44683 - fix qualified-id as template argument handling 605761, PR c++/44587 - -Wunused-but-set- staticcast fix PR c++/44682 - VTA backports - PRs debug/44610, debug/44668,...

Cкрипт для работы со слепыми инъекциями

Скрипт для работы со слепыми инъекциями. Наверное аналогов очень много, но этот скрипт заточен под слепые инъекции, а так же я постарался включить в него все возможные функции к примеру работа с informationschema очень полезно если версия БД = 5 или вывод файла что будет применимо если версия БД ...

Motorola SB5101 Hax0rware Rajko HTTPd Remote Proof Of Concept

!/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB5101 Hax0rware Rajko HttpD Remote...

Motorola SB5101 Hax0rware Event Reset Remote Overflow

Exploit for hardware platform in category dos / poc ===================================================== Motorola SB5101 Hax0rware Event Reset Remote Overflow ===================================================== !/usr/bin/perl Motorola SB5101 Hax0rware Event Reset Remote Overflow Tested on...

Motorola SB5101 Hax0rware Rajko HTTPd - Remote Denial of Service (PoC)

Motorola SB5101 Hax0rware Rajko HTTPd - Remote Denial of Service PoC !/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32...

Motorola SB5101 Hax0rware Rajko HTTPd - Remote Denial of Service (PoC)

!/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB5101 Hax0rware Rajko HttpD Remote...

Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC

Exploit for hardware platform in category dos / poc ======================================================== Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC ======================================================== !/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC...

Sun Solaris多个libc库数字转换函数缓冲区溢出漏洞

BUGTRAQ ID: 40309 Solaris是一款由Sun开发和维护的商业UNIX操作系统。 Solaris操作系统的libc库中所使用的econvert、ecvt、fcvt和gcvt等函数在执行数字转换操作时存在缓冲区溢出漏洞，攻击者提交恶意请求就可以触发这些溢出，导致执行任意指令。 Sun Solaris 10.0x86 Sun Solaris 10.0 厂商补丁： Sun --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://sunsolve.sun.com/security - --- 1. Sun Solar...

fetchmail resources exhaustion

Memory exhaustion on debugging information printing...

CVE-2010-1650

IBM WebSphere Application Server WAS 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option aka debugging mode is enabled, executes debugging statements that print string representations of unspecified objects, which allows attackers to obtain sensitive...

Design/Logic Flaw

IBM WebSphere Application Server WAS 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option aka debugging mode is enabled, executes debugging statements that print string representations of unspecified objects, which allows attackers to obtain sensitive...

CVE-2010-1650

IBM WebSphere Application Server WAS 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option aka debugging mode is enabled, executes debugging statements that print string representations of unspecified objects, which allows attackers to obtain sensitive...

CVE-2010-1650

CVE-2010-1650 affects IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11. When WAS is run with the -trace (debugging) option enabled, it prints string representations of unspecified objects, allowing a local attacker to read trace output...

Private Wire Gateway - Remote Buffer Overflow (Metasploit)

$Id: privatewiregateway.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

IBM WebSphere Application Server 6.1 < 6.1.0.31 Multiple Vulnerabilities

IBM WebSphere Application Server 6.1 before Fix Pack 31 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - It is possible for Administrator role members to modify primary administrative id via the administrative console. PK88606 - An...

IncrediMail 2.0 ActiveX (Authenticate) bof PoC

Exploit for windows platform in category dos / poc ============================================== IncrediMail 2.0 ActiveX Authenticate bof PoC ============================================== IncrediMail 2.0 activeX Authenticate bof poc by d3b4g Tested: incerdiMail 2.0 Vendor...

IncrediMail 2.0 Buffer Overflow

IncrediMail 2.0 activeX Authenticate bof poc by d3b4g Tested: incerdiMail 2.0 Vendor url:http://www.incredimail.com/english/splash.aspx Tested on windows XP SP3 1-03-2010 Debugging info -------------- Exception Code: ACCESSVIOLATION Disasm: 678914AE MOV EDX,ECX ImSpoolU.dll Seh Chain:...

IncrediMail 2.0 - ActiveX (Authenticated) Buffer Overflow (PoC)

IncrediMail 2.0 activeX Authenticate bof poc by d3b4g Tested: incerdiMail 2.0 Vendor url:http://www.incredimail.com/english/splash.aspx Tested on windows XP SP3 1-03-2010 Debugging info -------------- Exception Code: ACCESSVIOLATION Disasm: 678914AE MOV EDX,ECX ImSpoolU.dll Seh Chain:...