2400 matches found
Important: 389-ds-base
Issue Overview: It was found that when replication was enabled for each attribute in 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose...
Hacking Traffic Lights is Amazingly Really Easy
Hacking Internet of Things IoTs have become an amazing practice for cyber criminals out there, but messing with Traffic lights would be something more crazy for them. The hacking scenes in hollywood movies has just been a source of entertainment for the technology industry, like we've seen traffi...
SimpleProgramDebugger - Simple program debugger that shows all debug events
SimpleProgramDebugger is a simple debugging tool for Windows that attaches to existing running program or starts a new program in debugging mode, and then displays all major debugging events occurs while the program is running, including Exception, Create Thread, Create Process, Exit Thread, Exit...
NSA-Proof "Blackphone" Gets Rooted Within 5 Minutes
The ultra secure NSA-Proof Blackphone titled as, “world’s first Smartphone which places privacy and control directly in the hands of its users,” has been rooted within 5 minutes at the BlackHat security conference in Las Vegas this weekend. Blackphone, a joint venture between encrypted...
Mozilla Firefox 3.6.16 mChannel Use-After-Free漏洞
漏洞分析 此漏洞是由于Mozilla Firefox的xul.dll在处理mChannel标签时,在OnChannelRedirect中对mChannel对象进行创建,但在随后调用Release释放,在释放对象过后没有对该指针进行标记,从而导致在随后的调用用中引用mChannel标签时,由于指针已经被释放,导致call地址不可读,从而引发漏洞,下面对此漏洞进行详细分析。 首先打开PoC,火狐浏览器崩溃,附加调试器,到达漏洞现场。 858.85c: Access violation - code c0000005 first chance First chance exceptions a...
389-ds: unauthenticated information disclosure
It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to...
389-ds: unauthenticated information disclosure
It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to...
PT-2014-1863 · Red Hat +1 · 389-Ds-Base-Debuginfo +5
Name of the Vulnerable Software and Affected Versions: 389-ds-base versions 1.3.1.6 389-ds-base-debuginfo versions 1.3.1.6 389-ds-base-devel versions 1.3.1.6 389-ds-base-libs versions 1.3.1.6 Description: The issue allows remote attackers to obtain sensitive replicated metadata by searching the...
LibreSSL Portable Fork Of OpenSSL Released
After months of code cleanup and rewriting, the OpenBSD Foundation this weekend sent LibreSSL out the door. The slimmed down OpenSSL fork works on a number of platforms beyond OpenBSD, including several Linux flavors, Solaris, Mac OS X and Free BSD. “I firmly believe that LibreSSL is in a better...
Daphne - Tool for killing, controlling and debugging processes in Windows
Daphne is a small application for killing, controlling and debugging Windows’ processes. It was born to kill a windows process and became almost a task manager replacement. You can kill a process by dragging the mouse over the windows, by right-clicking the process in the main process list, or by...
Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC
No description provided by source. !/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB51...
Microsoft Windows 2000 / NT 4.0 Process Handle Local Privilege Elevation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4287/info A vulnerability in Microsoft Windows 2000 and NT 4 could allow a user to gain SYSTEM-level privileges on the local host. The debugging subsystem, which is available to all users, may be used to create duplicate...
Mocha LPD 1.9 - Remote Buffer Overflow DoS PoC
No description provided by source. !/usr/bin/python Mocha LPD v1.9 Remote Heap Overflow Exploit ol skool 'write 4' whoops, I said it was a DoS. My bad. btw yes, I know its 2010 :0 CVE: 2010-1687 tested on XP sp1 use anti debugging to see it work - !hidedebug zwqueryinformationprocess call trace:...
IDA Pro 6.3 Crash PoC
No description provided by source. / IDA Pro 6.3 crash due an internal error ELF anti-debugging/reversing patcher Published @ IOActive Labs Research blog: http://blog.ioactive.com/2012/12/striking-back-gdb-and-ida-debuggers.html - nitr0us http://twitter.com/nitr0usmx Tested under: IDA Pro Starter...
AIC Audio Player 1.4.1.587 Local Crash PoC
No description provided by source. !/usr/bin/python Title: AIC Audio Player 1.4.1.587 Local Crash PoC Date: 01-26-2010 Author: b0telh0 Link: http://www.aic-media.com/Download/SetupAICAudioPlayer.exe Tested on: Windows XP SP3 I couldn't even debug it. There's some anti-debugging protection... Trie...
Microsoft Office Word 2010 Crash PoC
No description provided by source. Title : Microsoft Office Word 2010 Stack Overflow Version : Microsoft Office professional Plus 2010 Date : 2012-10-23 Vendor : http://office.microsoft.com Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Bug : ----...
PHPNuke 4.x/5.x SQL_Debug Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3906/info PHPNuke is a website creation/maintenance tool. It is can be back-ended by a number of database products such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. The sqllayer.php script contains a debugging...
WinVNC Web Server <= 3.3.3r7 - GET Overflow
No description provided by source. $Id: winvnchttpget.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...
Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments...
Private Wire Gateway Buffer Overflow
No description provided by source. $Id: privatewiregateway.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...