2329 matches found
[Full-Disclosure] iDEFENSE Security Advisory 08.18.04: Courier-IMAP Remote Format String Vulnerability
Courier-IMAP Remote Format String Vulnerability iDEFENSE Security Advisory 08.18.04 www.idefense.com/application/poi/display?id=131&type=vulnerabilities August 18, 2004 I. BACKGROUND Courier-IMAP is an IMAP/POP3 mail server popular on sites utilizing Qmail/Exim/Postfix. More information is...
Ollydbg <= 1.10 Format String Bug
Exploit for unknown platform in category local exploits ================================= Ollydbg include include pragma commentlib,"kernel32.lib" void main unsigned char buffer = "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90...
nCipher Advisory #10: Pass phrases are exposed in netHSM log files
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 nCipher Security Advisory No. 10 Pass phrases are exposed in netHSM log files -------------------------------------------- SUMMARY ======= Pass phrases entered by means of the nCipher netHSM front panel, either using the built in thumbwheel or using a...
Confixx 2 - Perl Debugger Remote Command Execution
Confixx 2 - Perl Debugger Remote Command Execution source: https://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to ...
Microsoft Frontpage Server buffer overflow
Buffer overflow in remote debugging interface...
Microsoft FrontPage Server Extensions Remote Debug Buffer Overrun Vulnerability
Description Microsoft FrontPage Server Extensions are prone to a remotely exploitable buffer overrun vulnerability that is exposed via remote debugging functionality. It is possible to trigger this condition with a chunked-encoded HTTP POST request. This could be exploited to execute arbitrary co...
OpenSSL does not securely handle invalid public key when configured to ignore errors
Overview A vulnerability in the way OpenSSL handles invalid public keys in client certificate messages could allow a remote attacker to cause a denial of service. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typical...
PHP XSS exploit in phpinfo()
PHP XSS exploit in phpinfo by Silent Needle A: BACKGROUNDfrom php.net int phpinfo int what Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment if compiled ...
JBoss.txt
Hi, jboss 3.2.1 with jetty seems to be vulnerable to jsp source code disclosure. Trying to access the ServerInfo.jsp with an suffixed "%00" shows the source code of this JSP. Seems to be a forgotten debug feature :- http://192.168.0.4:8080/web-console/ServerInfo.jsp%00 Sincerely Marc Schoenefeld...
Macromedia ColdFusion MX CFIDE/probe.cfm Direct Request Path Disclosure
A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers. When certain malformed URL requests port 8500 are received by the server, an error message is returned containing the full path of the ColdFusion installation. %NASLMINLEVEL...
CVE-2002-0367
CVE-2002-0367 affects Windows NT/2000 and involves the smss.exe debugging subsystem not properly authenticating connections to privileged processes. This allows a local attacker to gain Administrator or SYSTEM privileges by duplicating a handle to a privileged process. The vulnerability is charac...
iDEFENSE Security Advisory 02.27.03: TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 02.27.03: http://www.idefense.com/advisory/02.27.03.txt TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsing February 27, 2003 I. BACKGROUND TCPDUMP is a widely used network debugging tool that prints out the...
HTTP TRACE / TRACK Methods Allowed
The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. This script was written by Thomas Reinke Improvements re TRACK and RFP reference courtesy of Improvements by rd - httpget to get full HTTP/1.1 support,...
CVE-2002-2032
sqllayer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sqldebug parameter to 1 index.php and 2 modules.php...
[AP] Oracle Reports Server Information Disclosure Vulnerability
-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: skp [email protected] release date: 07/17/2002 homepage: http://sec.angrypacket.com advisory id: 0x0004...
CVE-2001-1146
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 is affected. The issue stems from creating temporary files with predictable names, enabling local users to perform a symlink attack to modify files. The description in the Connected documents confirms the root cause as predictable t...
CVE-2001-1166
The CVE-2001-1166 entry concerns linprocfs on FreeBSD 4.3 and earlier that does not properly restrict access to kernel memory. The vulnerability enables a process with debugging rights on a privileged process to read restricted memory from that process. Affected component: linprocfs in FreeBSD; r...
CVE-2001-1146
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack...
CGIScript.net - csPassword.cgi 1.0 Information Disclosure
CGIScript.net - csPassword.cgi 1.0 Information Disclosure source: https://www.securityfocus.com/bid/4887/info CGIScript.net provides various webmaster related tools and is maintained by Mike Barone and Andy Angrick. A vulnerability has been reported in the csPassword.cgi script developed by...
DebPloit (exploit)
DebPloit allows Everyone to get handle to Any process or thread. Handles have enough access to promote everyone to system/admin in the case Target is running under LocalSystem, Administrator account. Works on: Any MS Windows NT 4.0, Windows 2000 SPs before Mar-12-2002. Former NTs weren't tested...