1287 matches found
mIRC 6.1 "IRC" Protocol Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ====================================================== mIRC 6.1 "IRC" Protocol Remote Buffer Overflow Exploit ====================================================== / remote mirc 998 chars to someone on IRC is simply NOT done : Then I...
Hummingbird CyberDOCS vulnerable to SQL injection
Overview Hummingbird CyberDOCS contains an SQL injection vulnerability that could allow a remote attacker to execute SQL commands. Description Hummingbird CyberDOCS Hummingbird DM is a web-based enterprise document management solution that runs on Windows NT/2000 using SQL database technology. Th...
JBoss 3.0.83.2.1 - HSQLDB Remote Command Injection
JBoss 3.0.83.2.1 - HSQLDB Remote Command Injection source: https://www.securityfocus.com/bid/8773/info A remote command-injection vulnerability has been reported in JBoss. The issue is reportedly exposed via the HSQLDB component, which is a SQL database server that manages JMS connections. Becaus...
Snitz Forums 3.3.03 Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl use Socket; print "\nRemote command execution against Snitz Forums 3.3.03 and probably others.\n"; print "You accept full responsibility for your actions by using this script.\n"; print "INTERNAL USE ONLY!! DO NOT DISTRIBUTE!!\n"; print "\nWeb...
KDE Security Advisory: PS/PDF file handling vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: PS/PDF file handling vulnerability Original Release Date: 2003-04-09 URL: http://www.kde.org/info/security/advisory-20030409-1.txt 0. References http://bugs.kde.org/showbug.cgi?id=53157 http://bugs.kde.org/showbug.cgi?id=53343...
Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (4)
source: https://www.securityfocus.com/bid/7294/info A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt...
CVE-2002-0758
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file...
CVE-2003-0077
The hanterm hanterm-xf terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious...
CVE-2002-1854
Rlaj whois CGI script whois.cgi 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field...
CVE-2002-2304
SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the idsession parameter...
XFree86 X11R6 3.3.x - Font Server Remote Buffer Overrun
XFree86 X11R6 3.3.x - Font Server Remote Buffer Overrun source: https://www.securityfocus.com/bid/6241/info A remotely exploitable buffer overrun condition has been reported in the XFS font server, fs.auto used by multiple vendors. This vulnerability may be exploited by remote attackers to execut...
Light HTTPd 0.1 - GET Buffer Overflow (2)
Light HTTPd 0.1 - GET Buffer Overflow 2 // source: https://www.securityfocus.com/bid/6162/info Light httpd is prone to a remotely exploitable buffer overflow condition. This overflow can be triggered by sending the server an excessively long GET request. As Light httpd drops user privileges when...
QNX RTOS 6.2 - Application Packager Non-Explicit Path Execution
source: https://www.securityfocus.com/bid/6146/info A vulnerability has been discovered in an application packager shipped with QNX RTOS. It should be noted that the vulnerable packager is installed setuid root by default. It has been reported that the packager fails to use absolute paths to...
CVE-2002-0661
Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. dot dot sequences containing \ backslash characters...
CVE-2000-0976
Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter...
BasiliX Webmail 1.1 - Message Content Script Injection
BasiliX Webmail 1.1 - Message Content Script Injection source: https://www.securityfocus.com/bid/5060/info BasiliX is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. A script injection issue has been reported in BasiliX...
CVE-2002-0591
CVE-2002-0591 refers to a directory-traversal vulnerability in AOL Instant Messenger (AIM) up to and including version 4.8 beta and earlier . The flaw allows a remote attacker to create arbitrary files and execute commands via a Direct Connection using an IMG tag with a SRC attribute that specifi...
CVE-2002-0591
Directory traversal vulnerability in AOL Instant Messenger AIM 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename...
CVE-2002-0134
Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command...
CVE-2001-0717
CVE-2001-0717 is a format-string vulnerability in the ToolTalk RPC server rpc.ttdbserverd that permits remote command execution via syslog formatting. Public advisories (Sun, HP, IBM, SunOS/Solaris, AIX, SGI/IRIX, Xi Graphics, Caldera) describe vulnerable platforms and vendor patches. CORE/SECURE...