TFTP Backdoor Detection

A TFTP server is running on this port. However, while trying to fetch a random file, we got an executable file. Many worms are known to propagate through TFTP. This is probably a backdoor. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid18263; scriptversion "$Revision:...

DEBIAN-CVE-2005-1545

Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted ELF file, which leads to a heap-based buffer overflow...

CVE-2005-0230

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files...

Altris deployment solution AClient privilege escalation

It's possible to launch executable with LocalSystem privileges...

CVE-2005-1286

CVE-2005-1286 affects BitDefender 8 with an unquoted Windows search path when executing a process. The root cause is lack of quoting of the full pathname, enabling a local user to prevent BitDefender from starting by creating a malicious C:\program.exe. The NVD entry documents this local, high-co...

security flaw

The loadelflibrary in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service kernel crash via a crafted ELF library or executable, which causes a free of an invalid pointer...

security flaw

The loadelflibrary in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service kernel crash via a crafted ELF library or executable, which causes a free of an invalid pointer...

DoKuWiki file-upload vulnerabilities

ADZ Security Team =================== Info Program: DoKuWiki Version: 2005-02-18 Module: media.php Bug type: File Upload bug Vendor site: http://wiki.splitbrain.org/ Vendor Informed: Yes =================== Bug Info Remote user with file-upload privileges can upload anyone file with any...

sash 3.7 - Local Buffer Overflow

/ sash-3.7 buffer overflow in c argyment written by lammat for practice purposes http://grpower.ath.cx [email protected] gdb r -c perl -e 'print "A"x10256' The program being debugged has been started already. Start it from the beginning? y or n y Starting program: /sbin/sash -c perl -e 'print...

PT-2005-2067 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB versions 2.0.x Description: The issue concerns a file upload script, specifically the mod for phpBB, which fails to properly restrict the types of files that can be uploaded. This allows remote authenticated users to execute arbitrary...

CVE-2005-0749

The loadelflibrary in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service kernel crash via a crafted ELF library or executable, which causes a free of an invalid pointer...

Apple Mac OSX 10.3.8 - CF_CHARSET_PATH Local Buffer Overflow Local Privilege Escalation

Apple Mac OSX 10.3.8 - CFCHARSETPATH Local Buffer Overflow Local Privilege Escalation / MacOS XCFCHARSETPATH: local root exploit. by: [email protected] fakehalo/realhalo found by: iDefense anon finder saw the advisory on bugtraq and figured i'd slap this together, so simple i had to. exploits via th...

PaX non-executable memory protection privilege escalation

Bug in vma mirroring feature allows to execute code with privilege of the different application...

Image drag and drop executable spoofing — Mozilla

Images dragged and dropped from a webpage to the desktop preserved their original name and extension. If this were an executable extension then the file would be executed rather than opened in a media application...

Download dialog spoofing using Content-Disposition header — Mozilla

Andreas Sandblad of Secunia Research demonstrated a method to spoof the download dialog for saving files by supplying a Content-Disposition header with a different extension than the extension visible in the link and download dialog. Users could be tricked into downloading a safe-looking file suc...

un_0wnz_macue.txt

!/usr/bin/perl -w by unl0ck-0xdeadababe http://unl0ck.void.ru http://0xdeadbabe.blackhatz.info ------------------------------------------------- Only for challenge : and Researche pruproses. Distribution: ------------------------------------------------- It's a fuck public code , not private. Fuc...

security flaw

Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...

CVE-2005-0243

Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file...

HP-UX Security patch : PHCO_9605

The remote host is missing HP-UX Security Patch number PHCO9605 . Security Vulnerability in newgrp executable %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16942;...

HP-UX Security patch : PHNE_9771

The remote host is missing HP-UX Security Patch number PHNE9771 . Security Vulnerability in the ppl executable %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16968;...