Lucene search
K

143 matches found

Packet Storm
Packet Storm
added 2004/07/24 12:0 a.m.44 views

netsupportDNA.txt

NetSupport DNA HelpDesk SQL Injection Summary DNA Helpdesk is "a fully web based solution providing detailed recording and tracking of user Help Requests". We found the product to contain at least one exploitable SQL Injection vulnerability that would allow a normal user to at the very least gain...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/10 12:0 a.m.105 views

MySQL 4.1/5.0 - Zero-Length Password Authentication Bypass

!/usr/bin/perl The script connects to MySQL and attempts to log in using a zero-length password Based on the vuln found by NGSSecurity The following Perl script can be used to test your version of MySQL. It will display the login packet sent to the server and it's reply. Exploit copyright c 2004 ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/04/15 12:0 a.m.20 views

WinZip - MIME Parsing Overflow

WinZip - MIME Parsing Overflow / Author: snooq Date: 14 April 2004 This is a PoC exploit for WinZip32 MIME Parsing Overflow bug reported by iDefense on 27 February 2004. The original advisory is found here: http://www.idefense.com/application/poi/display?id=76 This version is SP dependent becoz m...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2004/03/15 12:0 a.m.30 views

YaBBXSS.txt

Advisory Name : YaBB/YaBBse Cross Site Scripting Vulnerability Release Date : Mar 14,2004 Application : YaBB/YaBBse Test On : YaBB 1 GoldSP1.3 YaBB SE 1.5.1 Final Vendor URL : http://www.yabbforum.com/ http://www.yabbse.org/ Discover : Cheng Peng Suapplesoupatmsn.com Proof of conecpt: The problem...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/03/19 12:0 a.m.30 views

PHP Message Board/Guestbook

Product : PHP Message Board/Guestbook Version : First WebSite : http://www.cyber-cats.com/php Problem : Viewing passwords file Description: ------------ In this script passwords are in passwd.txt file They are encrypted by DES algorithm. In Shrot, all who want see the passwords can make it...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/03 12:0 a.m.17 views

XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (3)

// source: https://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/11/25 12:0 a.m.11 views

PHP-Nuke 5.x6.06.5 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities

PHP-Nuke 5.x6.06.5 Beta 1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/6244/info everal cross site scripting vulnerabilities have been reported for PHP-Nuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious lin...

Exploits0
Exploit DB
Exploit DB
added 2002/09/10 12:0 a.m.30 views

Microsoft Internet Explorer 6 - URI Handler Restriction Circumvention

source: https://www.securityfocus.com/bid/5730/info Microsoft Windows Internet Explorer 6.0 SP1 introduced restrictions for certain URI handlers such as file:// and res://. It has been demonstrated in the past that these URI handlers could be abused and incorporated into different types of attack...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/08/06 12:0 a.m.23 views

Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error (5)

Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error 5 // source: https://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/04/10 12:0 a.m.17 views

Microsoft IIS 4.05.0 - HTTP Error Page Cross-Site Scripting

Microsoft IIS 4.05.0 - HTTP Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/4486/info A Cross Site Scripting issue exists in some versions of IIS. The HTTP Error Page created by IIS may, under some circumstances, contain HTML content which includes unsanitized user...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2001/02/02 12:0 a.m.26 views

pkc001.txt

/ pkc001.txt / -= SECURITY ADVISORY 001 =- | \ www.pkcrew.org / \ \ | / \ | | | | | / | | | | | / | | | | / | | / / | | | / | Application : Oops proxy server 1.4.22 1.4.6 and maybe prior Type: heap buffer overflow --- The problem --- Function listparser in ftputils.c : line is the line sent by th...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/01/03 12:0 a.m.14 views

Solaris 2.6 7 8 - Lock Users Out of mailx

Solaris 2.6 7 8 - Lock Users Out of mailx !/bin/sh Solaris mailx1 username.lock proof of theory makes mailx not work for all users except those that can erase the lockfile even so mailx will hang for a long time. Tested on Solaris 2.6, 7, 8 by Optyx http://www.uberhax0r.net echo "mailx-lock by...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/12/22 12:0 a.m.25 views

ksh.temp-hole.txt

Author: Paul Szabo Recently I reported that, similarly to the recently discussed tcsh vulnerability, the Bourne shell /bin/sh creates temporary files in an insecure way: http://www.securityfocus.com/templates/archive.pike?list=1&msg=200011230225.N [email protected] At the time I als...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/12/04 12:0 a.m.11 views

GnomeHack - Local Buffer Overflow

GnomeHack - Local Buffer Overflow / gnomehack local buffer overflow. gid=games60 Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected] 12/17/2000 Tested on Debian 2.2, kernel 2.2.17 - x86. sgid "games"60 by default. bash-2.03$ id uid=1000loophole gid=501noc bash-2.03$ ....

0.8AI score
Exploits0
securityvulns
securityvulns
added 2000/08/24 12:0 a.m.29 views

Remote DoS Attack in Pragma TelnetServer 2000 (Remote Execute Daemon) Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS Attack in Pragma TelnetServer 2000 Remote Execute Daemon Vulnerability USSR Advisory Code: USSR-2000051 Release Date: August 24, 2000 Systems Affected: Pragma TelnetServer 2000 for Windows NT/2000 THE PROBLEM: The Ussr Labs team has recentl...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2000/05/07 12:0 a.m.154 views

Black Watch Labs Vulnerability Alert

Dear Security Professional, The following vulnerability: "Environment and Setup Variables Can Be Viewed Through DBMan db.cgi Script" is in the text of the message below and has just been posted to the Black Watch Labs Web site at http://www.perfectotech.com/blackwatchlabs/ Thank you, Black Watch...

Exploits0
Exploit DB
Exploit DB
added 2000/02/18 12:0 a.m.54 views

Microsoft Windows 95/98/NT 4.0 - 'autorun.inf' Code Execution

source: https://www.securityfocus.com/bid/993/info The Windows Autorun feature was designed to allow an executable and an icon to be specified for any piece of removable media. Upon insertion, the icon would be displayed for the drive, and the executable would automatically run. This feature also...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/11/23 12:0 a.m.29 views

SunOS 4.1.1 - '/usr/release/bin/makeinstall' Local Privilege Escalation

source: https://www.securityfocus.com/bid/21/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources sunsrc has an installation procedure which creates the directory /usr/release/bin and installs two setuid root files in it: makeinstall and winstall...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/10/08 12:0 a.m.31 views

SCO Open Server 5.0.5 - cancel Buffer Overflow

// source: https://www.securityfocus.com/bid/702/info There is a buffer overflow vulnerability in /opt/K/SCO/Unix/5.0.5Eb/.softmgmt/var/usr/bin/cancel. It is important to know that the overflows are not in "/usr/bin/cancel" or "/usr/lpd/remote/cancel". The consequence of this vulnerability being...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.29 views

sendmail.8.9.1-2.txt

Date: Thu, 24 Sep 1998 10:14:06 -0400 From: Simon Smith This is not the same attack as the last one regarding the "". This one does not make your system hang but rather alters permissions is seems. If this was already posted please disregard it...

7.4AI score
Exploits0
Rows per page
Query Builder