linux/x86 anti-debug trick (INT 3h trap) + execve /bin/sh 39 bytes

Exploit for linux/x86 platform in category shellcode ================================================================== linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes ================================================================== / linux/x86 anti-debug trick INT 3h trap +...

Across stop SQL injection database attacks-vulnerability warning-the black bar safety net

The previous stage, in an attempt to attack a web site, discover the other side of the system has been blocked error information, is also commonaccountto connect thedatalibrary, the system also is played with all the patches so you want to attack injection is more troublesome. So I get a“cross-si...

[Full-disclosure] Senao SI-680H VoIP Wifi phone undocumented open port

I disclosed today the following vulnerability at the 32nd CSI conference in Washington, D.C. https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438 Thanks, Shawn Merdinger =============================================================== VENDOR: Senao VENDOR NOTIFIED: 28 June, 2005 VENDOR...

http TRACE XSS attack

Debugging functions are enabled on the remote HTTP server. The remote webserver supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods which are used to debug web server connections. It has been shown that servers supporting this method are subject to cross-site-scripting...

Macromedia ColdFusion MX Path Disclosure Vulnerability

A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers. When certain malformed URL requests port 8500 are received by the server, an error message is returned containing the full path of the ColdFusion installation. OpenVAS...

PHP3 Physical Path Disclosure Vulnerability

PHP3 will reveal the physical path of the webroot when asked for a non-existent PHP3 file if it is incorrectly configured. Although printing errors to the output is useful for debugging applications, this feature should not be enabled on production servers. OpenVAS Vulnerability Test $Id:...

PHP3 Physical Path Disclosure Vulnerability

PHP3 will reveal the physical path of the webroot when asked for a non-existent PHP3 file if it is incorrectly configured. SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

HTTP Debugging Methods (TRACE/TRACK) Enabled

The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods which are used to debug web server connections. SPDX-FileCopyrightText: 2003 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVE-2005-3255

The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...

CVE-2005-3255

The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...

CVE-2005-3179

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information...

CVE-2005-3179

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information...

CVE-2005-3179

CVE-2005-3179 affects the Linux kernel, specifically the drm.c path in kernel versions 2.6.10 through 2.6.13. The vulnerability arises because a debug file is created in sysfs with world‑readable and world‑writable permissions. This allows a local user to enable DRM debugging and potentially obta...

Low: Red Hat Bug Fix Advisory: gdb bug fix update

An updated gdb package that fixes various bugs is now available. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages, by executing them in a controlled fashion, and then printing their data. This updated package addresses the following issues: - GDB on ia64...

CVE-2004-2435

Cross-site scripting XSS vulnerability in PeopleSoft Human Resources Management System HRMS 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTML via unspecified 1 debugging or 2 utility scripts...

CVE-2004-2435

The vulnerability CVE-2004-2435 affects PeopleSoft HRMS 7.0 when “web enabled” via HTML Access, enabling Cross-site Scripting (XSS) . The issue arises from the handling of (1) debugging and (2) utility scripts, allowing remote attackers to inject arbitrary web script or HTML. Current connected so...

CVE-2005-2353

run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-2353

run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-2353

run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-2353

CVE-2005-2353 affects Mozilla Thunderbird. The advisory notes that the script run-mozilla.sh, when Thunderbird is built with debugging enabled, can be exploited by local users to create or overwrite arbitrary files via a symlink attack on temporary files. Debian security notices (DSA-1046/DSA-105...