VBZoom 1.0 - SQL Injection

VBZoom 1.0 - SQL Injection source: https://www.securityfocus.com/bid/5919/info A SQL injection vulnerability has been discovered in VBZoom v1.01. Due to insufficient sanitization of variables used to construct SQL queries, it is possible to modify the logic of a query, via a malicious request...

Vulnerabilitie in PowerFTP server

I've found a DoS vulnerability in PowerFTP. He doesn't need an account on the server. Just send many information at the variable USER. You could see the xploit : / Remote DoS Exploit for PowerFTP server all version / / Coding by Morgan A. member of secureNT-2000 Greetz : / / kdm, Yann, GaLiaRepT,...

Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (1)

Cooolsoft PowerFTP Server 2.x - Remote Denial of Service 1 // source: https://www.securityfocus.com/bid/5899/info PowerFTP server is a shareware ftp server available for the Microsoft Windows platform. It is distributed and maintained by Cooolsoft. It has been reported that PowerFTP server does n...

GV 2.x/3.x - '.PDF'/'.PS' File Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/5808/info gv is a freely available, open source Portable Document Format PDF and PostScript PS viewing utility. It is available for Unix and Linux operating systems. It has been reported that an insecure sscanf function exists in gv. Due to this...

Rudi Benkovic JAWMail 1.0 - Script Injection

source: https://www.securityfocus.com/bid/5771/info Problems with JAWMail could make it possible to execute arbitrary script code in a vulnerable client. JAWMail does not sufficiently filter malicious HTML code from e-mails. As a result, when a user opens an email in JAWMail that contains malicio...

Trillian 0.74 - IRC Raw Messages Denial of Service

Trillian 0.74 - IRC Raw Messages Denial of Service // source: https://www.securityfocus.com/bid/5775/info A vulnerability has been reported for Trillian. Reportedly, Trillian is prone to a denial of service condition when certain IRC raw messages are received by the client. This may be exploited ...

AFD 1.2.14 multiple local root compromises

Netric Security Team - http://www.netric.org|be By Netric AFD 1.2.14 multiple local root exploits type: stack and heap overflows Priority: 5 1 Description 2 Vulnerable 3 Exploit 4 Proof of concept 5 Vendor response 6 Patches 1 Description The Automatic File Distributor provides a framework for ve...

RETRY : newly released winamp 3 fails to address serious "execution of arbitrary" code issue when combined with MSIE6

This one was missed by security focus . Lets try again -- jelmer ----- Original Message ----- From: "Jelmer" [email protected] To: [email protected] Sent: Sunday, August 11, 2002 1:28 AM Subject: newly released winamp 3 fails to address serious "execution of arbitrary" code issue...

HelpMe2.pl

Winhlp32.exe Remote BufferOverrun exploit code. written by Gary O'leary-Steele Sec-1 Ltd. [email protected] For use as proof of concept Ammended for use with kernel32.dll version 5.0.2195.2778 Kernell32 jmp ebx 77E87793 $sploit = "\x55\x8b\xec\x8b\xc3". Fixed from previous version...

mozillaftp.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 + Title: Mozilla FTP View Cross-Site Scripting Vulnerability + Date: 4 August 2002 + Author: Eiji James Yoshida [email protected] + Risk: Medium + Vulnerable: Windows2000 SP2 Mozilla 1.0 + Not vulnerable: Windows2000 SP2 Mozilla 1.1 Beta +...

LOCAL ROOT EXPLOIT - SUPPORT FULL-DISCLOSURE - LOCAL ROOT EXPLOIT

!/usr/bin/perl fartsy.pl by kanix [email protected] /usr/sbin/artswrapper local format string exploit Tested on Red Hat Linux release 7.2 Enigma Jul 6, 2002 "the secret to creativity is knowing how to hide your sources." - Albert Einstein commentz, job offerz, flamez, etc. should be directed t...

safemode-adv-nn.txt

==================================================================== Safemode.org security advisory: nn ==================================================================== Package: nn Version: 6.6.3 or prior Date: 28/06/2002 Issue: Remote format string Risk: High Credits: zillionatsafemode.org...

Apache Tomcat 34 - JSP Engine Denial of Service

Apache Tomcat 34 - JSP Engine Denial of Service source: https://www.securityfocus.com/bid/4995/info A vulnerability has been reported in Apache Tomcat for Windows that results in a denial of service condition. The vulnerability occurs when Tomcat encounters a malicious JSP page. The following...

Caldera OpenServer 5.0.x - XSCO Color Database File Heap Overflow

Caldera OpenServer 5.0.x - XSCO Color Database File Heap Overflow source: https://www.securityfocus.com/bid/4985/info OpenServer is commercial Unix operating system originally developed by SCO, and distributed by Caldera. It may be possible for a local user to gain elevated privileges. When Xsco ...

Sendmail 8.9.x/8.10.x/8.11.x/8.12.x - File Locking Denial of Service (1)

/ source: https://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious user acquires an exclusive lock on files that Sendmail requires for...

Matu FTP Server 1.13 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4792/info Matu FTP Server is a freely available FTP server for Microsoft Windows 95 and 98 operating systems. Matu FTP Server is vulnerable to a buffer overflow condition. It is possible for a malicious user to craft a request that will result in code...

NewAtlanta ServletExec/ISAPI 4.1 JSPServlet - Denial of Service

// source: https://www.securityfocus.com/bid/4796/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. A denial of service condition occurs when the JSPServlet is sent an overly long request either directly or via...

WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow (2)

WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/4713/info Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in th...

Windows 2000 Server IIS 5.0 .ASP Overflow Exploit

Summary: ======== The following code will allow you to safely test your system for the below motioned vulnerability. For more information about this vulnerability see http://www.eeye.com/html/press/PR20020410.html previous article:"windows 2000 and NT4 IIS .ASP Buffer Overflow". The following cod...

A bug in the Kerberos4 ftp client may cause heap overflow which leads to remote code execution

Kerberos4 ftp client is a simple ftp client, with the extensions defined by RFC 2228. When authentication fails with AUTH, client will use USER/PASS command as other ones. A bug in the code may cause a heap overflow which leads to remote code execution. The overflow occurs when the server respond...