6809 matches found
REFRESH: EUDORA MAIL 5.1.1
Tuesday, July 23, 2002 Trivial silent delivery and installation of an executable on a target computer. This can be accomplished with the default installation of the mail client Eudora 5.1.1: 'allow executables in HTML content' DISABLED 'use Microsoft viewer' ENABLED The manufacturer...
CORE-20020620: Inktomi Traffic Server Buffer Overflow
CORE SECURITY TECHNOLOGIES http://www.corest.com Vulnerability Report For Inktomi Traffic Server Date Published: 2002-07-02 Advisory ID: CORE-20020620 Bugtraq ID: 5098 CVE CAN: None currently assigned. Title: Inktomi Traffic Server trafficmanager local overflow. Class: Boundary error condition...
CVE-2001-1149
Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service crash when a user selects an action for a malformed UPX packed executable file...
IBM Informix SE 7.25 sqlexec - Local Buffer Overflow (1)
IBM Informix SE 7.25 sqlexec - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/4891/info Informix is an enterprise database distributed and maintained by IBM. A buffer overflow vulnerability has been reported for Informix-SE for Linux. The overflow is due to an unbounded stri...
ICQLite executable trojaning
Title: ICQ Lite executable trojaning Affected: ICQLite 2003a Vendor: ICQ Inc Risk: Average Exploitable: Yes Remote: No I. Intro: ICQ Lite is popular internet messenger software. This is only ICQ version which requires no elevated privileges such as Power User to work, so, it's often used by...
TRU64 /usr/bin/passwd overflow
In light of the recent conversations on the non-executable stack I have decided to release some of the information I have been sitting on. alpha.snosoft.com uname -a OSF1 alpha.snosoft.com V5.1 732 alpha alpha.snosoft.com id uid=201dotslash gid=15users groups=0system alpha.snosoft.com ls -al...
[SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability
---------------------------------------------------------------------- SNS Advisory No.51 Compaq Tru64 UNIX libc Buffer Overflow Vulnerability Problem first discovered: Sun, 18 Nov 2001 Published: Thu, 17 Apr 2002 ---------------------------------------------------------------------- Overview:...
DoS через специальные устройства в Domino (DOS DoS)
Обращение к CGI-файлу с именем содержащим название DOS-устройства и длинным расширением приводит к запуску cmd.exe...
HELP.dropper: IE6, OE6, Outlook...lookOut
Thursday, 28 March, 2002 Silent delivery and installation of an executable on a target computer. No client input other than opening an email or newsgroup post or web site. This can be accomplished with the default installation of Internet Explorer 6.0, Outlook Express 6.0 and probably Outlook and...
Executable launch via Windows Medial Player from Microsoft Outlook/Outlook express
Via Windows Media file wma it's possible to open HTML file in local security zone, from html it's open chm, from chm - executable...
CVE-2001-1140
BadBlue Personal Edition v1.02 beta is affected by CVE-2001-1140, where remote attackers can read source code of executables by adding a null byte (%00) to the request. The vulnerability is exploitable over a network with low attack complexity and no authentication, causing partial confidentialit...
CVE-1999-1019
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable processd with a Trojan horse, facilitating a root or Administrator compromise...
Perl2Exe 1.0 95.0 26.0 - Code Obfuscation
Perl2Exe 1.0 95.0 26.0 - Code Obfuscation source: https://www.securityfocus.com/bid/6909/info Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the "encrypt" option is selected. Those who use Perl2Exe with the expectatio...
Perl2Exe 1.0 9/5.0 2/6.0 - Code Obfuscation
source: https://www.securityfocus.com/bid/6909/info Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the "encrypt" option is selected. Those who use Perl2Exe with the expectation that the source code will be concealed...
CVE-2002-0077
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable...
Buffer overflow vulnerability in pwck command line utility
Overview The CERT/CC has received a public report of a local buffer overflow vulnerability in the pwck utility. Description The pwck utility performs syntax checking of /etc/password and /etc/shadow password information files. This utility contains a buffer overflow vulnerability in the section o...
locale_sol.txt
----/ Exploiting the Libc Locale Subsystem Format String Vulnerability on Solaris/SPARC ---/ 10/10/2000 -/ Solar Eclipse ---/ I. Introduction This paper describes in detail the exploitation of the libc locale format strin g vulnerability on Solaris/SPARC. The full source code for the exploit is...
PT-2001-1854 · Microsoft · Internet Explorer +2
Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 6 and earlier Description: The issue allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later...
CVE-2001-0004
IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability...
CVE-1999-1440
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is...