Ubuntu 4.10 / 5.04 : linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities (USN-178-1)

Oleg Nesterov discovered a local Denial of Service vulnerability in the timer handling. When a non group-leader thread called exec to execute a different program while an itimer was pending, the timer expiry would signal the old group leader task, which did not exist any more. This caused a kerne...

CVE-2005-4779

verifiedexecioctl in verifiedexec.c in NetBSD 2.0.2 calls NDINIT with UIOUSERSPACE rather than UIDSYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs...

win32 Download & Exec Shellcode 226 bytes+

win32 Download & Exec Shellcode 226 bytes+. Shellcode exploit for win32 platform / \ WINSHELLCODE / :: win32 download & exec shellcode :: \ :: by Darkeagle of Unl0ck Research Team http://exploiterz.org :: / :: to avoid 0x00 use ^^xor^^ : :: \ :: greets goes to: Sowhat, 0x557 guys, 55k7 guys,...

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

Veritas Backup Exec Name Service Overflow

This module exploits a vulnerability in the Veritas Backup Exec Agent Browser service. This vulnerability occurs when a recv call has a length value too long for the destination stack buffer. By sending an agent name value of 63 bytes or more, we can overwrite the return address of the recv...

VERITAS Backup Agent Detection

The remote host is running a Backup Agent that uses the Network Data Management Protocol NDMP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid20175; scriptversion"1.16"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...

linux/ppc - read & exec shellcode 32 bytes

linux/ppc read & exec shellcode 32 bytes. Shellcode exploit for linuxppc platform / readnexecppc-core.c by Charles Stevenson / char hellcode = / read0,stack,1028; stack; linux/ppc by core / "\x7c\x63\x1a\x79" / xor. r3,r3,r3 / "\x38\xa0\x04\x04" / li r5,1028 / "\x30\x05\xfb\xff" / addic r0,r5,-10...

AWStats configdir parameter arbitrary cmd exec

The remote host is running AWStats, a free real-time logfile analyzer. The remote version of this software is prone to an input validation vulnerability. The issue is reported to exist because user supplied OpenVAS Vulnerability Test $Id: awstatsconfigdir.nasl 6056 2017-05-02 09:02:50Z teissa $...

vBulletin 'Calendar' Command Execution Vulnerability (CVE-2001-0475) - Active Check

A vulnerability in vBulletin enables attackers to craft special URLs that will execute commands on the server through the vBulletin PHP script. SPDX-FileCopyrightText: 2005 SecurITeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVE-2005-3106

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONEVM such as linuxthreads and vfork, might allow local users to cause a denial of service deadlock by triggering a core dump while waiting for a thread that has just performed an exec...

CVE-2005-3106

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONEVM such as linuxthreads and vfork, might allow local users to cause a denial of service deadlock by triggering a core dump while waiting for a thread that has just performed an exec...

wzdftpd unfiltered shell characters problem

popen unfiltered characters on SITE EXEC command...

VERITAS Storage Exec DCOM servers contain multiple buffer overflows

Overview VERITAS Storage Exec contains several buffer overflows, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description VERITAS Storage Exec is software package that performs storage management. Multiple DCOM server components provided by Storage Exec...

CVE-2005-2996

Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls...

CVE-2005-2996

Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls...

CVE-2005-2996

The connected advisory CPAI-2005-297 describes a buffer overflow in Veritas Storage Exec and StorageCentral DCOM Server components. The flaw is caused by insufficient validation of user-supplied data, allowing remote code execution in the security context of the logged-on user when a target user ...

CVE-2005-2611

VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write...