CVE-2008-3236

Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server WAS 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties" that are not encrypted...

Linux ncpfs Local Exploit

No description provided by source. !/bin/sh Had to remove local -r to get it to work via sh on my box Root's encrypted password was in toupper form but the super stated it worked fine for him Gentoo with ncpfs 2.2.5 If it worked for you send an email to [email protected] /str0ke echo 'head1 by...

OFFL <= 0.2.6 (teams.php fflteam) Remote SQL Injection Vulnerability

No description provided by source. -+================================================================================+- -+ OFFL = 0.2.6 Remote SQL Injection Vulnerability +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On:...

Online Fantasy Football League (OFFL) 0.2.6 - 'teams.php' SQL Injection

-+================================================================================+- -+ OFFL = 0.2.6 Remote SQL Injection Vulnerability +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On: 19 JUNE 2008 Script Download:...

CVE-2008-2780

The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...

CVE-2008-2780

The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...

Returnil Virtual System 2008 - Password Disclosure Issue

Returnil Virtual System 2008 - Password Disclosure Issue -=== Vulnerable ============================================- Product: Returnil Virtual System 2008 + Personal Edition 2.0.0.5011 Final + Premium Edition 2.0.0.5007 Final -=============================================================- Found...

CVE-2008-1950

Integer signedness error in the gnutlsciphertext2compressed function in lib/gnutlscipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service buffer over-read and crash via a certain integer value in the Random field in an encrypted Client Hello message withi...

CVE-2008-1950

Integer signedness error in the gnutlsciphertext2compressed function in lib/gnutlscipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service buffer over-read and crash via a certain integer value in the Random field in an encrypted Client Hello message withi...

Integer overflow

Integer signedness error in the gnutlsciphertext2compressed function in lib/gnutlscipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service buffer over-read and crash via a certain integer value in the Random field in an encrypted Client Hello message withi...

APOP password recovery vulnerability

Overview POP3 is a protocol for receiving email from mail servers. APOP is an authentication mechanism used by the POP3 protocol. It is reported that APOP passwords could be recovered by third parties. In its successful attack, the attacker spoofs itself as the mail server, provides challenge...

GNUTLS-SA-2008-1-3 GnuTLS memory overread flaw

Integer signedness error in the gnutlsciphertext2compressed function in lib/gnutlscipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service buffer over-read and crash via a certain integer value in the Random field in an encrypted Client Hello message withi...

Command injection

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...

CVE-2008-2291

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...

CVE-2008-2291

Symantec Altiris Deployment Solution 6.8.x and 6.9.x prior to 6.9.176 are affected by CVE-2008-2291 due to an insecure credential mechanism in axengine.exe. The service, listening on TCP port 402, generates domain credentials with a fixed salt or no salt at all, enabling remote attackers to guess...

Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities

The version of the Altiris Deployment Solution installed on the remote host reportedly is affected by several issues : - A SQL injection vulnerability that could allow a user to run arbitrary code CVE-2008-2286. - A remote attacker may be able to obtain encrypted Altiris Deployment Solution domai...

Acidcat CMS Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: Acidcat CMS Multiple Vulnerabilities. Vendor: www.acidcat.com Vulnerable Version: 3.4.1 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/36 1. Description: Acidcat CMS is a web site and simple Conte...

How to force to crack encrypted WinRAR file-vulnerability warning-the black bar safety net

When a very important RAR file because of forgotten password unable to decompress when you are not so abandoned it? Of course not, you can use the RAR Password Cracker this software will be encrypted RAR file crack. After installation run the program RAR Password Cracker Wizard settings, first...

PIGMy-SQL 1.4.1 - &#039;getdata.php&#039; Blind SQL Injection

!/usr/bin/perl - PIGMy-SQL ; print "Valid Photo ID: "; chompmy $pid=; ifinjecttest$url, $pid print "\nInjecting Please Wait.. This could take several minutes.\n"; my $result = blindattack$url, $pid; print "Exploited! Admin Details Are: ".$result; exit; sub blindattack my $url = shift; my $pid =...

CVE-2008-1365

Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service crash via a long encrypted password, which triggers the overflow in 1...