CVE-2008-4234

Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a...

IIS vulnerability application-vulnerability warning-the black bar safety net

by yuange The newly discovered IIS a bunch of vulnerabilities, and talk about the application. Need a virtual executable Directory,WINDOWS common /scripts,/cgi-bin,/vtibin, General/vtibin directory is mapped to the“program files”directory, usually in the system tray above, and the SCRIPTS sometim...

Hacking tricks of a few over-active Defense method-vulnerability warning-the black bar safety net

Generally the Trojan is added from the start is antivirus software active defense, or 3 6 0 intercept,a few days ago in an online found several registry since the start of the method,the effect is also good,can be considered currently active Defense of a large Dead Space,even of micro-point turne...

peid-overflow.txt

!/usr/bin/perl PEiD = 0.92 Buffer Overflow Universal Exploit Exploit by SkD [email protected] ---------------------------------------------- An old vulnerability but no existing exploit for it, so here it is. Of course, I had to make it universal because of that.This exploit will work on all OS...

linux/amd64 - flush iptables rules shellcode 84 bytes

linux/amd64 flush iptables rules shellcode 84 bytes. Shellcode exploit for linamd64 platform / /sbin/iptables -F shellcode for AMD64 84 bytes By gat3way The code to load the sc into an executable mmap-ed executable page was shamelessly stolen by hophet too lazy : Thanks Gustavo C. for the...

linux/amd64 flush iptables rules shellcode 84 bytes

No description provided by source. / /sbin/iptables -F shellcode for AMD64 84 bytes By gat3way gat3wayat gat3waydoteu The code to load the sc into an executable mmap-ed executable page was shamelessly stolen by hophet too lazy : Thanks Gustavo C. for the inspiration - x8664 assembly is fun : Here...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/uploadform.php in wPortfolio 0.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/...

Windows Command Shell, Bind TCP (via Ruby)

Continually listen for a connection and spawn a command shell via Ruby This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 128 include Msf::Payload::Single include...

CVE-2008-5002

Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control ChilkatCrypt2.dll 4.3.2.1 in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating...

Unrestricted file upload

Unrestricted file upload vulnerability in the "Add Image Macro" feature in WebCards 1.3 allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file...

Webshell under to crack computer administrator password-vulnerability warning-the black bar safety net

Information source: evil octal information security team www.eviloctal.com） This idea derived from previous studies runas command when inspired. Method of use: 1, The your password dictionary was renamed into the psw. txt, upload to the target server is an executable, writable directory. It is...

Webroot SpySweeper Enterprise Check

This plugin checks that the remote host has Webroot Spy Sweeper Enterprise installed and properly running, and makes sure that the latest Vdefs are loaded. OpenVAS Vulnerability Test $Id: spysweepercorpinstalled.nasl 7580 2017-10-26 11:16:36Z cfischer $ Description: Webroot SpySweeper Enterprise...

Webroot SpySweeper Enterprise Check

This plugin checks that the remote host has Webroot Spy Sweeper Enterprise installed and properly running, and makes sure that the latest Vdefs are loaded. SPDX-FileCopyrightText: 2008 Jeff Adams / Tenable Network Security Some text descriptions might be excerpted from a referenced sources, and a...

CVE-2008-4557

plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 aka Strawberry allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression...

Mozilla SeaMonkey Detection (Linux/Unix SSH Login)

SSH login-based detection of Mozilla SeaMonkey. Copyright C 2008 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit

!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...

Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit

No description provided by source. !-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes...

Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution

Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution !-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk...

Autodesk DWF Viewer Control / LiveUpdate Module - Remote Code Execution

!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...

Mass Downloader - Malformed Executable Denial of Service

Mass Downloader - Malformed Executable Denial of Service // source: https://www.securityfocus.com/bid/31406/info Mass Downloader is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to crash the application and trigger denial-of-service conditions,...