MS06-042: Cumulative Security Update for Internet Explorer (918899)

The remote host is missing IE Cumulative Security Update 918899. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. Note that Microsoft has re-released this hotfix since the initial version contained a buffer overflow...

CAID 34509 - CA eTrust Antivirus WebScan vulnerabilities

Title: CA eTrust Antivirus WebScan vulnerabilities CA Vulnerability ID CAID: 34509 CA Advisory Date: 2006-08-03 Discovered By: Matt Murphy of the TippingPoint Security Research Team Impact: Remote attacker can execute arbitrary code. Summary: Ca eTrust Antivirus WebScan is a free, web-based virus...

WebCalendar send_reminders.php includedir Parameter Remote File Inclusion

The remote version of WebCalendar fails to sanitize user-supplied input to the 'includedir' parameter of the 'sendreminders.php' script. By leveraging this flaw, an attacker may be able to view arbitrary files on the remote host and execute arbitrary PHP code, possibly taken from third-party host...

[Full-Disclosure] [ GLSA 200503-12 ] Hashcash: Format string vulnerability

Gentoo Linux Security Advisory GLSA 200503-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

CVE-2003-1086

PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and 2.2.1 allows remote attackers to execute arbitrary PHP code by modifying the pmpath parameter to reference a URL on a remote web server that contains the code...

linux/x86 shared memory exec 50 bytes

linux/x86 shared memory exec 50 bytes. Shellcode exploit for linx86 platform / [email protected] - http://www.nopninjas.com Platform: Linux x86 Length: 50 bytes - This shellcode connects to the shared memory segment matching the key and executes the code at that address. xorl %edi,%edi xorl...

bsd/x86 - portbind port 31337 83 bytes

bsd/x86 portbind port 31337 83 bytes. Shellcode exploit for bsdx86 platform / portbinding execve shellcode port 31337 bsd/x86 83b - no1 greyhats.za.net / char shellc0de= "\x99" // cdq "\x52" // pushl %edx "\x6a\x01" // pushl $0x01 "\x6a\x02" // pushl $0x02 "\xb0\x61" // movb $0x61,%al "\x50" //...

GLSA-200406-14 : aspell: Buffer overflow in word-list-compress

The remote host is affected by the vulnerability described in GLSA-200406-14 aspell: Buffer overflow in word-list-compress aspell includes a utility for handling wordlists called word-list-compress. This utility fails to do proper bounds checking when processing words longer than 256 bytes. Impac...

BES-CMS 0.4/0.5 - 'hacking.php' File Inclusion

source: https://www.securityfocus.com/bid/9268/info It has been reported that BES-CMS is vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem exists in the...

cftp 0.12 - Banner Parsing Buffer Overflow

cftp 0.12 - Banner Parsing Buffer Overflow source: https://www.securityfocus.com/bid/8160/info A buffer overflow vulnerability has been reported in cftp. The vulnerability occurs when cftp is parsing 'Welcome' banner messages from remote FTP servers. When cftp receives an FTP banner exceeding a...

GNU Chess 5.0 - Local Buffer Overflow

GNU Chess 5.0 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/8097/info A local buffer overflow has been reported for GNU Chess that may result in an attacker obtaining elevated privileges. The vulnerability exists due to insufficient boundary checks performed on some...

phpBB 2.0.4 Remote php File Include Exploit

No description provided by source. // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include stdio.h include sys/types.h include sys/socket.h include...

CVE-2003-0435

Buffer overflow in netswapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code...

GLSA: python

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT - - -------------------------------------------------------------------- PACKAGE :python SUMMARY :os.execvpe vulnerability DATE ...

tcpdump vulnerable to buffer overflow via improper decoding of AFS RPC (Rx) packets

Overview A vulnerability exists in tcpdump that could allow an attacker to execute arbitrary code with the privileges of tcpdump, typically root. Description tcpdump is a widely-used network sniffer that is capable of decoding AFS traffic. A buffer overflow vulnerability has been discovered in...

LIDS Security Advisory 1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 LIDS Advisory 1 ================ ------------------------------BUG 1------------------------- Severity : CRITICAL Discovery : Stealth Original advisory : http://www.team-teso.net/advisories/teso-advisory-012.txt Description : - ------------- The use o...

Buffer Overflow in Lotus Domino Mail Server

Overview Lotus Domino R5 SMTP Server Contains a Buffer Overflow Description The Lotus Domino R5 SMTP server allows an administrator to restrict the domains from which the server will accept mail. In versions of Domino R5 prior to version 5.0.6 with domain restrictions enabled an intruder may be...

DST2K0011.txt

================================================================================ Delphis Consulting Plc ================================================================================ Security Team Advisories 05/06/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...

UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit)

source: https://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible to execute code on the machine. Executing the list command...