Security Best Practice: Protect Yourself from Directory Traversal

Directory traversal attacks allow hackers to access files and directories that should be out of their reach. This can allow viewing of directory listings, and in many attacks, could lead to running executable code on the web server with one simple URL...

ASP.NET source code disclosure

It's possible to retrieve source codes for scripts and executable, except protected file extensions...

WinRAR 3.60 Beta 6 - SFX Path Stack Overflow

""" WinRAR - Stack Overflows in SelF - eXtracting Archives ====================================================== Tested Versions..: WinRAR 3.60 beta 4 Author.............: posidron An SFX SelF-eXtracting archive is an archive, merged with an executable module, which is used to extract files from...

twiki -- multiple file extensions file upload vulnerability

A TWiki Security Alert reports: The TWiki upload filter already prevents executable scripts such as .php, .php1, .phps, .pl from potentially getting executed by appending a .txt suffix to the uploaded filename. However, PHP and some other types allows additional file suffixes, such as .php.en,...

CentOS 3 : binutils (CESA-2005:659)

An updated binutils package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Binutils is a collection of utilities used for the creation of executable code. A number of bugs were fou...

IIS Unicode Directory Traversal

Added: 07/03/2006 CVE: CVE-2000-0884 BID: 1806 OSVDB: 436 Background Microsoft IIS is a web server for Windows platforms. Problem Microsoft IIS 4.0 and 5.0 allow path validation checks to be bypassed by encoding invalid characters in Unicode. For example, a slash character is represented as %c0%a...

FailureToLaunch-2.pl.txt

!/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the hell are you fool. This is just a...

Apple Mac OSX 10.4.6 (x86) - launchd Local Format String

Apple Mac OSX 10.4.6 x86 - launchd Local Format String !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt Thi...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt This code currently jum...

Apple Mac OSX 10.4.6 (x86) - 'launchd' Local Format String

!/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt This code currently jumps into 0x1811111 via dyldstubclose...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)

Exploit for macOS platform in category local exploits ============================================================== Mac OS X = 10.4.6 launchd Local Format String Exploit x86 ============================================================== !/usr/bin/perl...

Apple Mac OSX 10.4.x - OpenLDAP Denial of Service

source: https://www.securityfocus.com/bid/18728/info Mac OS X Open Directory Server is prone to a denial-of-service vulnerability because it fails to handle exceptional conditions. An attacker can exploit this issue to cause a crash in the LDAP server, effectively denying service to legitimate...

CVE-2006-3070

CVE-2006-3070 affects Zeroboard 4.1 pl8 running on Apache with mod_mime. The issue allows remote attackers to bypass upload restrictions for executable extensions by uploading a .htaccess file containing an AddType directive that maps an assumed-safe extension (e.g., txt) to an executable handler...

CVE-2006-3070

writeok.php in Zeroboard 4.1 pl8, when installed on Apache with modmime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe...

CVE-2006-2908

The domecode function in inc/functionspost.php in MyBulletinBoard MyBB 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a pregreplace function call with a /e executable modifier...

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

Remote file inclusion

PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remote attackers to execute arbitrary code via a URL in the PXconfigmanagerpath parameter. NOTE: this is a different executable and affected version than CVE-2006-0725...

IntelliTamper 2.07 (*.map file) Local Arbitrary Code Execution Exploit

No description provided by source. /////////////////////////////////////////////////////////////////// //++ // IntelliTamper web analysis .Map File Handling Local Exploit // // Discovery By: Devil00 [email protected] // Coded By: JAAScois http://www.jaascois.com //++...

FreeBSD : mozilla -- multiple vulnerabilities (84630f4a-cd8c-11da-b7b9-000c6ec775d9)

A Mozilla Foundation Security Advisory reports of multiple issues. Several of which can be used to run arbitrary code with the privilege of the user running the program. - MFSA 2006-29 Spoofing with translucent windows - MFSA 2006-28 Security check of jsValueToFunctionObject can be circumvented -...