Steam 54/894 - Local Privilege Escalation

Steam Multiple .exe's Local Privilage Escalation By: MrDoug mrdoug13atgmaildotcom Version Info: Steam windows client Built: Jun 30 2009, at 13:29:32 Steam API: v008 Steam Package versions: 54/894 Greetz: Slappywag, Doomchip, Bolo, Eliwood, and the rest. Special Thanks: Jeremy Brown and...

Steam v.54/894 Local Privilege Escalation Vulnerability

Exploit for unknown platform in category local exploits ======================================================= Steam v.54/894 Local Privilege Escalation Vulnerability ======================================================= Steam Multiple .exe's Local Privilage Escalation By: MrDoug Version Info:...

Steam Local Privilege Escalation

Steam Multiple .exe's Local Privilage Escalation By: MrDoug mrdoug13atgmaildotcom Version Info: Steam windows client Built: Jun 30 2009, at 13:29:32 Steam API: v008 Steam Package versions: 54/894 Greetz: Slappywag, Doomchip, Bolo, Eliwood, and the rest. Special Thanks: Jeremy Brown and...

Epson Status Monitor weak permissions

Weak permissions for EPSONEBRPCV401 and EPSONPMRPCV401 servicse executables...

Google Chrome Browser 0.2.149.27 Automatic File Download Exploit

No description provided by source. Author: nerex E-mail: nerexatlivedotcom Google's new Web browser Chrome allows files e.g., executables to be automatically downloaded to the user's computer without any user prompt. This proof-of-concept was created for educational purposes only. Use the code it...

google-download.txt

Author: nerex E-mail: nerexatlivedotcom Google's new Web browser Chrome allows files e.g., executables to be automatically downloaded to the user's computer without any user prompt. This proof-of-concept was created for educational purposes only. Use the code it at your own risk. The author will...

Apple Safari for Windows Multiple Vulnerabilities July-08

The host is installed with Apple Safari Web Browser, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplesafarimultvulnjuly08900002.nasl 5375 2017-02-20 16:39:23Z cfi $ Description: Apple Safari for Windows Multiple Vulnerabilities July-08 Authors: Chandan S...

Debian Security Advisory DSA 1616-1 (clamav)

The remote host is missing an update to clamav announced via advisory DSA 1616-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Debian Security Advisory DSA 1616-2 (clamav)

The remote host is missing an update to clamav announced via advisory DSA 1616-2. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1616-1] new clamav packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1616-1 [email protected] http://www.debian.org/security/ Devin Carraway July 24, 2008 http://www.debian.org/security/faq -...

CVE-2008-1054

Stack-based buffer overflow in the libspawnusergetpid function in 1 swatch.exe and 2 surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via an HTTP request with multiple long heade...

Design/Logic Flaw

Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to 1 DB2 instance or FMP startup on Linux and Solaris; 2 exec of executables while running as root on non-Windows systems, as...

CVE-2007-4275

Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to 1 DB2 instance or FMP startup on Linux and Solaris; 2 exec of executables while running as root on non-Windows systems, as...

Design/Logic Flaw

Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657...

Symantec Mail Security for SMTP buffer overflow

Buffer overflow on packed executables parsing...

SOL7593 - Command injection into F5 ActiveX control

A vulnerability exists in an F5 ActiveX control. The ActiveX control is downloaded to a Windows client system when you log in to a FirePass controller, which is configured for specific pre-logon sequence functionality. The ActiveX control could run executables that reside on the system if an...

Directory traversal

Directory traversal vulnerability in am.pl in 1 SQL-Ledger 2.6.27 and earlier, and 2 LedgerSMB before 1.2.0, allows remote attackers to run arbitrary executables and bypass authentication via a .. dot dot sequence and trailing NULL %00 in the login parameter. NOTE: this issue was reportedly...

CVE-2007-1541

Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL %00 character to protect against directory traversal attacks, which allows remote attackers to run arbitrary executables and bypass authentication via a .. dot dot sequence in the login paramete...

CVE-2007-1540

Directory traversal vulnerability in am.pl in 1 SQL-Ledger 2.6.27 and earlier, and 2 LedgerSMB before 1.2.0, allows remote attackers to run arbitrary executables and bypass authentication via a .. dot dot sequence and trailing NULL %00 in the login parameter. NOTE: this issue was reportedly...

CVE-2007-1541

Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL %00 character to protect against directory traversal attacks, which allows remote attackers to run arbitrary executables and bypass authentication via a .. dot dot sequence in the login paramete...