CVE-2007-3494

Papoo CMS 3.6, and possibly earlier, does not verify user privileges when accessing the backend administration plugins, which allows remote authenticated users to 1 read the entire database by accessing the database backup plugin via a devtools/templates/newdumpbackend.html argument in the templa...

maildisable-v4.pl.txt

!/usr/bin/perl maildisable-v4.pl Mail Enable Professional/Enterprise v2.32-4 win32 remote exploit by mu-b - Wed Nov 29 2006 - Tested on: Mail Enable Professional v2.32 win32 - with HOTFIX Mail Enable Professional v2.33 win32 Mail Enable Professional v2.35 win32 Mail Enable Professional v2.37 win3...

maildisable-v3.pl.txt

!/usr/bin/perl maildisable-v3.pl Mail Enable Professional/Enterprise v2.32-4 win32 remote exploit by mu-b - Thu Nov 23 2006 - Tested on: Mail Enable Professional v2.32 win32 - with HOTFIX Mail Enable Professional v2.33 win32 Mail Enable Professional v2.34 win32 what does this remind you off? Note...

maildisable-v6.pl.txt

!/usr/bin/perl maildisable-v6.pl Mail Enable Professional =v2.35 win32 remote exploit by mu-b - Tue Dec 5 2006 - Tested on: Mail Enable Professional v2.35 win32 Note: timing is quite critical with this!!, so change $senddelay if it doesn't work.... use Getopt::Std; getopts't:n:', %arg; use Socket...

maildisable-v7.pl.txt

!/usr/bin/perl maildisable-v7.pl Mail Enable Professional/Enterprise v2.32-7 win32 by mu-b - Wed Feb 14 2007 - Tested on: Mail Enable Professional v2.37 win32 use Getopt::Std; getopts't:', %arg; use Socket; use MIME::Base64; my $target; if defined$arg't' $target = $arg't' if !defined$target my...

maildisable-v5.pl.txt

!/usr/bin/perl maildisable-v5.pl Mail Enable Professional/Enterprise Connected\n"; sendSOCKET, "1 AUTHENTICATE NTLM\r\n", 0; sleep$senddelay; $buf = $PAD x 12. "\xfa\xff\xff\xff". $PAD x 12; sendSOCKET, encodebase64$buf."\r\n", 0; sleep$senddelay; $buf = $PAD x 28. "\x00\x01". $PAD x 2...

CVE-2006-6331

metaInfo.php in TorrentFlux 2.2, when $cfg"enablefilepriority" is false, allows remote attackers to execute arbitrary commands via shell metacharacters backticks in the torrent parameter to 1 details.php and 2 startpop.php...

Cisco Password Bruteforcer Exploit

No description provided by source. / .: free source :. .: coded 4 Avatar Corp :. enabler. cisco internal bruteforcer. coder - norby concept - anyone this program just logs into a CISCO router and tries a list of passes looking for the enable one. it works in password-only CISCO as well in...

PHPay 2.02 - 'nu_mail.inc.php?mail()' Remote Injection

!/usr/bin/perl Script: phPay v2.02 http://phpay.de/ Vuln File: numail.inc.php Exploit & Advisory: beford Vulnerability: mail Injection Vuln Code: \n"; if scalar@ARGV headers\n"; print "\t : orly\n"; print "\t : folder where phpay is installed /phpay/ /phpayv2.02/ ..\n"; print "\t : duh\n"; print...

Remote file inclusion

PHP remote file inclusion vulnerability in Ottoman 1.1.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via the defaultpath parameter in 1 error.php, 2 index.php, and 3 classes/mainclass.php...

CVE-2003-0216

Unknown vulnerability in Cisco Catalyst 7.51 allows local users to bypass authentication and gain access to the enable mode without a password...

Cisco Catalyst switches allow access to "enable mode" without password

Overview Cisco Catalyst OS 7.51 contains a vulnerability that allows anyone who can obtain command line access to gain "enable" mode access without knowledge of the "enable" password. Description Cisco Catalyst OS is an operating system for Cisco's line of Catalyst switches. Version 7.51 of...

CVE-2003-0216

Unknown vulnerability in Cisco Catalyst 7.51 allows local users to bypass authentication and gain access to the enable mode without a password...

Cisco Catalyst CatOS Authentication Bypass Vulnerability

Description A vulnerability has been reported for Cisco Catalyst switches that may result in unauthorized access to the enable level. The vulnerability exists due to the way the 'enable' mode is accessed through the switch. An attacker who is able to obtain command line access to a vulnerable...

PHP 4.3 - 'socket_iovec_alloc()' Integer Overflow

source: https://www.securityfocus.com/bid/7187/info A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socketiovecalloc and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied...

Unpassworded 'friday' Account

The account 'friday' has no password set. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "friday"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11254; scriptversion"1.35";...

Sun iPlanet Web Server Buffer Overflow (#NISR09072002)

NGSSoftware Insight Security Research Advisory Name: iPlanet Search Buffer Overflow Systems: iWS 6.0 and iWS 4.1 Severity: High Risk if Search enabled Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.iplanet.com/ Author: David Litchfield [email protected] Advisory URL:...

Ошибка форматной строки в lynx при работе с логами (format string)

Ошибка форматной строки при работе с syslog если lynx собран с опцией --enable-syslog...

Cisco PIX Firewall Manager stores enable password in plain text

Overview A vulnerability exists in the way the Cisco Pix Firewall Manager stores authentication credentials which could allow local attackers to have read access to the enable password for the Cisco Pix Firewall. Description The PIX Firewall Manager PFM is a software package designed to allow...

Cisco Password Bruteforcer Exploit

Exploit for hardware platform in category remote exploits ================================== Cisco Password Bruteforcer Exploit ================================== / .: free source :. .: coded 4 Avatar Corp :. enabler. cisco internal bruteforcer. coder - norby concept - anyone this program just lo...