CVE-2007-0328

The DWUpdateService ActiveX control in the agent agent.exe in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via 1 the Execute method, and obtain the exit status using 2 the GetExitCode method...

Low: cpio security and bug fix update

2.5-13.RHEL4 - protoize cpio source - Resolves 217375 2.5-12.RHEL4 - improve previous fix of lfs.patch 2.5-11.RHEL4 - improve previous fix of lfs.patch 2.5-10.RHEL4 - fix cpio large filesize buffer overflow 172865 - fix exit codes 183224...

ifdate-bypass.txt

vendor : Liz0zim web: www.biyosecurity.net www.expw0rm.com Script Home Page : http://www.ifusionservices.co.uk/ vul. version : iFdate 2. vul code : all admin folder files /////////////////////////////////////// // Checks user is logged in // /////////////////////////////////////// if...

webdesproxy 0.0.1 - exec-shield GET Remote Code Execution

webdesproxy 0.0.1 - exec-shield GET Remote Code Execution / Fedora Core 6 exec-shield based Webdesproxy webdesproxy-0.0.1.tgz remote root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...

CVE-2007-2241

Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service daemon exit via a sequence of queries processed by the queryaddsoa function...

Low: Red Hat Security Advisory: cpio security and bug fix update

An updated cpio package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A buffer overflow was found in cpio on 64-bit platform...

CVE-2007-2415

Pi3Web Web Server 2.0.3 PL1 is affected by CVE-2007-2415, which allows remote attackers to trigger a denial of service by sending a long URI. The vendor describes the impact as a clean exit where the server’s I/O loop finishes and the process exits normally. No specific exploit details or fixes a...

linux/x86-64 execve(/bin/sh) 33 bytes

No description provided by source. Linux/X86-64 Dummy for shellcode: execve"/bin/sh", "/bin/sh", NULL hophet at gmail.com .text .globl start start: xorq %rdx, %rdx movq $0x68732f6e69622fff,%rbx shr $0x8, %rbx push %rbx movq %rsp,%rdi xorq %rax,%rax pushq %rax pushq %rdi movq %rsp,%rsi mov $0x3b,%...

QQ漏洞（远程可执行）Tencent QQ VQQPlayer.ocx

No description provided by source. ---------------------------------------------------------------------------------------- / ----------------------------------------------------------------------- Tencent QQ VQQPlayer.ocx all version 0day Author: axis Date: 2006-12-27 Mail: [email protected]...

linux/x86 execve read shellcode - 92 bytes

No description provided by source. XCHG Research Group Linux/x86 execve read shellcode - 92 bytes -- Writed by 0ut0fbound -- - http://outofbound.host.sk - http://xchglabs.host.sk .text .globl start start: EAX = 0x04 - syscall write xorl %eax, %eax movb $0x4, %al xorl %ebx, %ebx inc %ebx pushl...

Debian DSA-1143-1 : dhcp - programming error

Justin Winschief and Andrew Steets discovered a bug in dhcp, the DHCP server for automatic IP address assignment, which causes the server to unexpectedly exit. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

CVE-2006-4434

Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service crash via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of...

linux/x86 executes command after setreuid 9 + 40 bytes + cmd

linux/x86 executes command after setreuid 9 + 40 bytes + cmd. Shellcode exploit for linx86 platform / bunkerexec.c V1.3 - Tue Mar 21 22:50:18 CET 2006 Linux/x86 bytecode that executes command after setreuid 9 + 40 bytes + cmd setreuid0, 0 + execve"/bin//sh", "/bin//sh","-c","cmd", NULL; "cmd" MUS...

DEBIAN-CVE-2006-3410

Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit nodes," which allows remote attackers to conduct unspecified statistical attacks...

os-x/ppc execve(/bin/sh), exit() 72 bytes

Exploit for os-x/ppc platform in category shellcode ========================================= os-x/ppc execve/bin/sh, exit 72 bytes ========================================= / MacOSX/PowerPC Shellcode for: execve"/bin/sh", "/bin/sh", NULL, exit 72 bytes / include include char shellcode =...

[SA19737] Linux Kernel perfmon Local Denial of Service Vulnerability

TITLE: Linux Kernel perfmon Local Denial of Service Vulnerability SECUNIA ADVISORY ID: SA19737 VERIFY ADVISORY: http://secunia.com/advisories/19737/ CRITICAL: Not critical IMPACT: DoS WHERE: Local system OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/ DESCRIPTION: A...

security flaw

gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also...

USN-252-1: gnupg vulnerability

Tavis Ormandy discovered a potential weakness in the signature verification of gnupg. gpgv and gpg --verify returned a successful exit code even if the checked file did not have any signature at all. The recommended way of checking the result is to evaluate the status messages, but some third par...

CVE-2006-0455

gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also...

CVE-2006-0455

gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also...