1001 matches found
CVE-2005-2558
Stack-based buffer overflow in the initsyms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long functionname field...
CVE-2005-2558
Stack-based buffer overflow in the initsyms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long functionname field...
Oracle MySQL User-Defined Function init_syms() Overflow
Binary data 3158.prm...
MySQL user defined functions multiple vulnerabilities
Buffer overflow on oversized user defined function name. DoS, directory traversal and privilege escalation on external functions invocation...
[Full-disclosure] [AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Issues with MySQL User Defined Functions AppSecInc Team SHATTER Security Advisory MYSQL05-V0003 http://www.appsecinc.com/resources/alerts/mysql/2005-003.html August 08, 2005 Risk level: LOW Credits: This vulnerability was discovered and...
[Full-disclosure] [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Buffer Overflow in MySQL User Defined Functions AppSecInc Team SHATTER Security Advisory MYSQL05-V0002 http://www.appsecinc.com/resources/alerts/mysql/2005-002.html August 08, 2005 Risk level: LOW Credits: This vulnerability was discovered and...
[Full-disclosure] [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions AppSecInc Team SHATTER Security Advisory MYSQL05-V0001 http://www.appsecinc.com/resources/alerts/mysql/2005-001.html August 08, 2005 Risk level: LOW Credits: This...
CVE-2002-1722
Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button...
RHEL 3 : mysql-server (RHSA-2005:348)
Updated mysql-server packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL...
mysql security update
CentOS Errata and Security Advisory CESA-2005:348 Updated mysql-server packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This...
Important: Red Hat Security Advisory: mysql security update
Updated mysql packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL server...
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library (1)
MySQL 4.0.17 Linux - User-Defined Function UDF Dynamic Library 1 / $Id: raptorudf.c,v 1.1 2004/12/04 14:44:39 raptor Exp $ raptorudf.c - dynamic library for dosystem MySQL UDF Copyright c 2004 Marco Ivaldi This is an helper dynamic library for local privilege escalation through MySQL run with roo...
MySQL 4.0.17 UDF Dynamic Library Exploit
Exploit for linux platform in category local exploits ======================================== MySQL 4.0.17 UDF Dynamic Library Exploit ======================================== / $Id: raptorudf.c,v 1.1 2004/12/04 14:44:39 raptor Exp $ raptorudf.c - dynamic library for dosystem MySQL UDF Copyright...
PHP-Nuke 6.x/7.x - Public Message SQL Injection
source: https://www.securityfocus.com/bid/9615/info It has been reported that the 'public message' feature of PHP-Nuke is vulnerable to an SQL injection vulnerability. The issue is due to improper sanitization of user-defined parameters supplied to the module. As a result, an attacker could modif...
Man Utility 2.3.19 - Local Compression Program Privilege Escalation
source: https://www.securityfocus.com/bid/8675/info A vulnerability has been reported in man that may allow an attacker to gain elevated privileges. The problem lies in man failing to carry out sufficient sanity checks before executing a user-defined compression program. As a result, it may be...
CVE-2002-1722
Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button...
UDP Stress Tester - Denial of Service
UDP Stress Tester - Denial of Service include include include include include include include include include define shit "BLEAHD" timet elapsed; long sendcount = 0, kbs; void statsint signum kbs = sendcount6/time0-elapsed/1024; // i dont think this is right but... printf"\npid: %d, ran for %u...
Дырка в diagrpt из AIX (code execution)
Выполняется код из расположения, задаваемого пользователем...
Еще одна дыра в lpset
Вызывает динамическая библиотека задаваемая пользователем. Подменив библиотеку пользователь может получить права root...
Windowmaker wmmon 1.0 b2 - Command Execution
Windowmaker wmmon 1.0 b2 - Command Execution source: https://www.securityfocus.com/bid/885/info WMMon is a multiple platform Window Maker docking application. It monitors useful system information such as CPU load and disk activity. The application also allows the user to define commands that can...