8680 matches found
SOL9761 - PHP vulnerability - CVE-2008-5557
A heap-based buffer overflow in PHP 4.3.0 through 5.2.6 may allow attackers to execute arbitrary code. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without o...
EO Video 1.36 - Playlist Overwrite (SEH)
!/usr/bin/python usage: exploit.py print "" print " EO Video v1.36 PlayList Seh Overwrite Exploit\n" print " Author: j0rgan" print " Seh Exploitation : His0k4" print " Tested on: Windows XP SP2 Fr\n" print " Greetings to: All friends & Muslims HacKerS DZ" print "" buff = "\x41" 1356 nextseh =...
Can we learn from Microsoft and Google on security?
Tech security company Fortify and security consulting firm Cigital are getting ready to release a set of best practices that tech companies and other businesses can follow to ensure that the software they develop is secure. The authors developed the model by studying the security practices at...
Media Commands Universal SEH Overwrite
usage: exploit.py print "" print " Media Commands m3u File Universal Seh Overwrite Exploit\n" print " Founder: Hakxer" print " Exploited by : His0k4" print " Another Exploiter : Stack" print " Tested on: Windows XP Pro SP2 Fr\n" print " Greetings to:" print " All friends & muslims HaCkersdz\n"...
libpng fails to properly initialize element pointers
Overview Libpng contains a vulnerability in the way element pointers are handled. Description A vulnerability in the way libpng handles element pointers may result in uninitialized element pointers. This vulnerability is due to an off-by-one error introduced in multiple functions in libpng-0.89c...
POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl KL0209EXP-poppeeperuidl-bof.pl 02.27.2009 Krakow Labs Development www.krakowlabs.com POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Exploit SEH overwrite exploitation, uses Imap.dll included with POP Peeper for universal exploitation gotta love no...
CentOS Update for sblim-cmpi-base CESA-2008:0497 centos4 x86_64
Check for the Version of sblim-cmpi-base OpenVAS Vulnerability Test CentOS Update for sblim-cmpi-base CESA-2008:0497 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for kdewebdev FEDORA-2007-2985
Check for the Version of kdewebdev OpenVAS Vulnerability Test Fedora Update for kdewebdev FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Fedora Update for kdevelop FEDORA-2007-2985
Check for the Version of kdevelop OpenVAS Vulnerability Test Fedora Update for kdevelop FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
SOL9754 - BIND 9 vulnerability CVE-2009-0025
BIND does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature. Information about this advisory is available at the following location: Note: The previous link takes y...
Vim PySys_SetArgv函数本地命令执行漏洞
BUGTRAQ ID: 33447 CVECAN ID: CVE-2009-0316 VIM是一款免费开放源代码文本编辑器,可使用在Unix/Linux操作系统下。 VIM的python接口使用argv0调用PySysSetArgv函数。由于Python对sys.path变量附加了空字符串,如果工作目录中的文件名匹配VIM试图导入的python模块名,就可能允许本地用户在系统中执行任意代码。 VIM Development Group VIM...
GForge多个SQL注入漏洞
BUGTRAQ ID: 31674 CVECAN ID: CVE-2008-6187,CVE-2008-6188,CVE-2008-6189 GForge是用于管理软件开发周期的工具。 GForge的new/index.php、news/index.php和top/topusers.php文件没有正确地过滤offset输入参数: function dbquery$qstring,$limit='-1',$offset=0 global $QUERYCOUNT; $QUERYCOUNT++; if $limit 0 if !$offset || $offset 0 $offset=0;...
Fedora Update for chmsee FEDORA-2008-6491
Check for the Version of chmsee OpenVAS Vulnerability Test Fedora Update for chmsee FEDORA-2008-6491 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for trac FEDORA-2008-6833
Check for the Version of trac OpenVAS Vulnerability Test Fedora Update for trac FEDORA-2008-6833 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for Django FEDORA-2008-4248
Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2008-4248 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for xemacs-packages-extra FEDORA-2008-5504
Check for the Version of xemacs-packages-extra OpenVAS Vulnerability Test Fedora Update for xemacs-packages-extra FEDORA-2008-5504 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Core 10 FEDORA-2009-1291 (nss)
The remote host is missing an update to nss announced via advisory FEDORA-2009-1291. OpenVAS Vulnerability Test $Id: fcore20091291.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-1291 nss Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
[SECURITY] Fedora 10 Update: nss-3.12.2.0-4.fc10
Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...
Mono ASP.NET action Attribute XSS
The remote host is running Mono, an open source, UNIX implementation of the Microsoft .NET development platform. The version of Mono installed on the remote host fails to encode user-supplied input to the URL before using it for the default 'action' of a form. An attacker may be able to leverage...
SOL9592 - bzip2 vulnerability CVE-2008-1372
Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge. F5 Product Development tracked this issue as CR114442 and CR107644 for BIG-IP LTM, GTM...