2058 matches found
SiteScape Enterprise Forum 7 TCL Injection
No description provided by source. !/usr/bin/env python -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...
Windows 95/98 UNC Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/779/info There is a overflowable buffer in the networking code for Windows 95 and 98 all versions. The buffer is in the part of the code that handles filenames. By specifying an exceptionally long filename, an attacker ca...
mtftpd <= 0.0.3 - Remote Root Exploit
No description provided by source. / \ mtftpd = 0.0.3 remote root exploit / by darkeagle \ / discovered by darkeagle - xx.10.04 \ / c unl0ck research team http://unl0ck.org \ / greetz: unl0ckerZ, rosielloZ, nosystemZ, etc.. \ / darkeagle@localhost darkeagle$ ./0x666-ftpd -a 127.0.0.1 -p...
RealAdmin (detail.php) Blind SQL Injection Vulnerability
No description provided by source. RealAdmin detail.php Blind Sql Injection Vulnerability ======================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : RealAdmin .:. Download Script:...
Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609 (2010.5.23) - Kernel Mode Local Priv. Escalation
No description provided by source. / Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date2010-4-14...
Simple PHP Blog 0.5.1 - Local File Inclusion Vulnerability
No description provided by source. Simple PHP Blog is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context ...
WebScripts WebBBS 4.x/5.0 - Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5048/info WebBBS does not sufficiently filter shell metacharacters from CGI parameters. As a result, remote attackers may execute arbitrary commands on the underlying shell of the system hosting the vulnerable software...
Powder Blue Design SQL Injection Vulnerability
No description provided by source. .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || Powder Blue Desaign SQL Injection Vulnerability Vendor: http://www.powder-blue.com/ Discovered by : cyberlog Site : Sekuritionline.net Channel : SekuritiOnlin...
Affix Bluetooth Protocol Stack 3.1/3.2 Signed Buffer Index Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/13347/info A local signed buffer index vulnerability affects Affix Bluetooth Protocol Stack. This issue is due to a failure of the affected utility to properly handle user-supplied buffer size parameters. This issue may b...
iphone ifile 2.0 - Directory Traversal
No description provided by source. ---------------------------------------------------------------- Software : iPhone iFile 2.0 Type of vunlnerability : Directory Traversal Tested On : iPhone 4 IOS 4.0.1 Risk of use : High ---------------------------------------------------------------- Program...
Pragma Systems InterAccess TelnetD Server 4.0 Terminal Configuration Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1001/info The Pragma Systems InterAccess TelnetID Server 4.0 can be crashed by sending invalid, unexpected characters in the client's terminal configuration settings. This causes telnetd.exe to GPF, and will cause the...
netbsd/x86 setreuid(0, 0); execve("/bin//sh", ..., NULL); 29 bytes
No description provided by source. / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve/bin//sh, ..., NULL; note: unsafe shellcode, but 29 bytes long; doesn't work if eax & 0x40000000 != 0; / include sys/types.h include stdio.h include string.h char scode = \x99 // cltd...
AVG Internet Security 9.0.851 - Local Denial of Service Exploit
No description provided by source. / Exploit Title: AVG Internet Security 0day Local DoS Exploit Date: 2010-11-01 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.avg.com Version: up to date, version 9.0.851, avgtdix.sys version 9.0.0.832 Tested on: Win XP SP3 CVE :...
Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
No description provided by source. !/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack jack\x40gulcas\x2Eorg 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the RewriteRule kung/. $1 rule if not you must...
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23142/info The Linux kernel is prone to a NULL-pointer dereference vulnerability. A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. The attacker may also be ab...
Netscape SmartDownload 1.3 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2615/info Netscape SmartDownload, a download manager add-on for popular web browsers, is vulnerable to a buffer overflow. The library 'sdph20.dll' used by SmartDownload contains an URL parser function that will overflow...
Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit
No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY. COPYING,...
Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC
No description provided by source. Exploit Title: Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC Date: date Author: webDEViL Software Link: download link if available Version: app version Tested on: ALL CVE : CVE-2011-1276 w3bd3vilatgmaildotcom twitter.com/w3bd3vil open FILE,...
AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w acaroatjervus.it http://www.securityfocus.com/bid/21320 [email protected] is credited with the discovery of this vulnerability use IO::Socket; if!$ARGV1 print Uso: atftp-19.pl victim port\n\n; exit; $victim = IO::Socket::INET-newProto='udp',...
Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x
No description provided by source. !/usr/bin/python Exploit Title: Exploit for Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x Date: 29 dec 2009 Author: Emanuele 'emgent' Gentili and Emanuele 'crossbower' Acri Software Link: N/A Version: IIS 5.x/6.x Tested on: Windows 2003 Server SP...