6679 matches found
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation. CVE-2003-0834. Local exploit for Solaris platform / $Id: raptorlibdthelp2.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp2.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi...
security flaw
The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service crash via a crafted ELF file with an interpreter with an invalid arch architecture, which triggers a BUG when an invalid VMA is unmapped...
Microsoft Internet Explorer 6.0 SP2 - File Download Security Warning Bypass
Orginal Advisory and exploit by cyberflash Vengy Circumvent Windows XP SP2 security features using execCommand 'SaveAs' function! Demonstration: Notice that you don't receive any warning messages such as: "File Download - Security Warning" or "Open File - Security Warning". If "Hide file extensio...
DSA-593-1 imagemagick - buffer overflow
Bulletin has no description...
Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit
Exploit for linux platform in category local exploits ======================================================================== Linux Kernel include include include include include include include include define BADNAME "/tmp/elfdump" void usagechar s printf"\nUsage: %s executable\n\n", s; exit0; ...
Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read
/ binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING, PRINTING, DISTRIBUTION, MODIFICATI...
Linux Kernel (<= 2.4.27 2.6.8) binfmt_elf Executable File Read Exploit
No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...
Linux Kernel 2.4.272.6.8 - binfmt_elf Executable File Read
Linux Kernel 2.4.272.6.8 - binfmtelf Executable File Read / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT...
MailPost vulnerable to cross-site scripting via an executable requested with a trailing slash appended to the filename
Overview A cross-site scripting vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions. Description According to a report by ProCheckUp, MailPost is vulnerable to a Cross-Site Scripting attack by adding a trailing '/' character to the executable filename. The...
Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038)
Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code MS04-038 source: https://www.securityfocus.com/bid/11466/info The Microsoft cumulative Internet Explorer patch MS04-038 attempted to limit what files may be dragged and dropped onto the local computer from the Internet Zone ...
Debian DSA-342-1 : mozart - unsafe mailcap configuration
mozart, a development platform based on the Oz language, includes MIME configuration data which specifies that Oz applications should be passed to the Oz interpreter for execution. This means that file managers, web browsers, and other programs which honor the mailcap file could automatically...
CoD United Offensive boom boom
An update for the Call of Duty bug http://aluigi.altervista.org/adv/codboom-adv.txt The 15th September 2004 has been officially released the expansion pack called United Offensive. It is an expansion pack but uses a new executable that unfortunally has not been fixed for the shutdown bug I report...
linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes
linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes. Shellcode exploit for linx86 platform / Linux/x86 /bin/cp /bin/sh /tmp/katy ; chmod 4555 /tmp/sh using fork / include char shellcode = "\xeb\x5e\x5f\x31\xc0\x88\x47\x07\x88\x47\x0f\x88\x47\x19\x89\x7f"...
bsd/PPC - execve /bin/sh 128 bytes
bsd/PPC execve /bin/sh 128 bytes. Shellcode exploit for bsdppc platform / Linux PPC shellcode execve of /bin/sh by Palante / long shellcode = / Palante's BSD PPC shellcode w/ NULL/ 0x7CC63278, 0x2F867FFF, 0x41BC005C, 0x7C6802A6, 0xB0C3FFF9, 0xB0C3FFF1, 0x38867FF0, 0x38A67FF4, 0x38E67FF3,...
Insecure file permissions in the Firefox browser for Linux >= v0.9
after installing firefox many of the permissions are set to 777, allowing anyone on the system to change the contents of the executable files. this first occured in the 0.9 release in the tar.gz release as well as in the installer. the problem or is it called a feature now? still exists in the...
Mozilla Firefox weak permissions
Weak permissions for executable files...
Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations
Overview Microsoft Internet Explorer IE treats arbitrary files as images during drag and drop mouse operations. This could allow an attacker to trick a user into copying a file to a location where it may be executed, such as the Windows StartUp folder. Description IE treats any file referenced by...
linux/x86 execve /bin/sh encrypted 58 bytes
No description provided by source. / !!!!!! PRIVATE !!!!!!! // ANTI-IDS SHELLCODE // // !!!!!!!!!!!!!!!!!! // [email protected] 0x1d abril 0x7d2 ./test.c !!! Shellcode execve sh Encriptada !!! AHORA EN 58 BYTES !!!!!!!!!!!!!! Notese que la encripcion se ha hecho a toda la shellcode y no...
BlackJumboDog FTP Server 3.6.1 Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ============================================================= BlackJumboDog FTP Server 3.6.1 Remote Buffer Overflow Exploit ============================================================= / 6.9.04|www.Delikon.de|Delikon BlackJumboDog FTP Serv...
CVE-2002-1548
The CVE-2002-1548 entry concerns autofs on AIX 4.3.0. When using executable maps, it may allow an attacker to execute arbitrary commands as root, potentially related to string handling around how the executable map is called. The provided documents do not include explicit remediation steps, affec...