Lucene search
K

216 matches found

0day.today
0day.today
added 2010/01/19 12:0 a.m.82 views

Windows NT User Mode to Ring 0 Escalation Vulnerability

Exploit for unknown platform in category local exploits ======================================================= Windows NT User Mode to Ring 0 Escalation Vulnerability ======================================================= Microsoft Windows NT GP Trap Handler Allows Users to Switch Kernel Stack...

6.8AI score0.29253EPSS
Exploits13
ThreatPost
ThreatPost
added 2009/11/19 2:42 p.m.9 views

Exploitation 102: Mitigations and Shellcode

Security researcher Dino Dai Zovi discusses advanced techniques in exploitation, as well as exploit mitigation and shellcoding...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2009/07/16 2:14 p.m.9 views

Mitigating That Critical Firefox 3.5 Vulnerability

Earlier this week, I wrote about a “highly critical” — and unpatched — vulnerability that puts millions of Web surfers at risk of malicious hacker attacks. Since then, there has been word that the release of the vulnerability and exploit was “self-inflicted” Mozilla exposed the bug themselves and...

0.3AI score
Exploits0References5
seebug.org
seebug.org
added 2009/05/12 12:0 a.m.26 views

microTopic v1 (rating) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2009/04/03 7:26 p.m.12 views

Q&A: Dino Dai Zovi

Dino Dai Zovi has gained a reputation as one of the top Apple security researchers in the industry and is the author of a new book on Apple security, “The Mac Hacker’s Handbook.” In this interview, he talks about the state of Apple security, why the company hasn’t implemented better memory...

0.7AI score
Exploits0References4
seebug.org
seebug.org
added 2008/10/09 12:0 a.m.19 views

Cisco Unity远程管理验证绕过漏洞

BUGTRAQ ID: 31638 CVE ID:CVE-2008-3814 CNCVE ID:CNCVE-20083814 Cisco Unity是一款面向企业级机构的统一通信解决方案。 Cisco Unity WEB接口验证实现存在问题,远程攻击者可以利用漏洞访问受限制资源。 第一次尝试连接任意特定链接,会重定向到验证页,但是任意后续的尝试会导致无需要合法登录验证凭证而成功访问,攻击者借此可获得敏感信息或可编辑配置。 Cisco Unity 7.0 Cisco Unity 5.0 Cisco Unity 4.0 Cisco将发布补丁来提供解决方案,请用户关注供应商进度:...

5.8CVSS6.4AI score0.01703EPSS
Exploits1
exploitpack
exploitpack
added 2008/07/07 12:0 a.m.12 views

Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities

Netrw 125 Vim Script - Multiple Command Execution Vulnerabilities source: https://www.securityfocus.com/bid/30115/info Netrw is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues can...

0.8AI score
Exploits0
seebug.org
seebug.org
added 2008/04/09 12:0 a.m.39 views

CA Alert Notification服务多个RPC栈溢出漏洞

BUGTRAQ ID: 28605 CVECAN ID: CVE-2007-4620 Alert Notification Server是很多CA产品中都在使用的服务,用于向控制台用户提供通知。 Alert Notification服务在处理畸形格式的RPC请求时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 Alert Notification服务以GUID...

9CVSS6.4AI score0.52274EPSS
Exploits8
Symantec
Symantec
added 2008/02/12 12:0 a.m.12 views

Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer...

8AI score
Exploits0Affected Software4
seebug.org
seebug.org
added 2007/09/20 12:0 a.m.30 views

Flip <= 3.0 Remoe Admin Creation Exploit

No description provided by source. !/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip = 3.0"; my $type = "Admin Creation"; my $author = "undefined1"; my $vendor = "http://sourceforge.net/projects/flipsource"; my %opt; getopts"t:", %opt; $| = 1; print ":: $app $type - by...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/06/11 12:0 a.m.23 views

Link Request Contact Form 3.4 Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ================================================================= Link Request Contact Form 3.4 Remote Code Execution Vulnerability ================================================================= -=+ Application: Link Request Contact For...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/04/03 12:0 a.m.48 views

More information on ZERT patch for ANI 0day

Hi, more information about the patch released April 1st can be found here: http://zert.isotf.org/ Including: 1. Technical information. 2. Why this patch was released when eeye already released a third party patch. The newly discovered zero-day vulnerability in the parsing of animated cursors is...

Exploits0
exploitpack
exploitpack
added 2007/03/19 12:0 a.m.21 views

ScriptMagix Lyrics 2.0 - index.php?recid SQL Injection

ScriptMagix Lyrics 2.0 - index.php?recid SQL Injection !/usr/bin/perl Script Name: ScriptMagix Lyrics : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; $target =...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2005/09/26 12:0 a.m.15 views

MultiTheftAuto 0.5 patch 1 Server Crash and MOTD Deletion Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h ifdef WIN32 include winsock.h / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include string.h include errno.h void stderrvoid ch...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/08/04 12:0 a.m.32 views

SRT2003-08-01-0126 - cdrtools local root exploit

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

1AI score
Exploits0
securityvulns
securityvulns
added 2000/11/09 12:0 a.m.432 views

Security Bulletin (MS00-087)

Microsoft Security Bulletin MS00-087 - -------------------------------------- Patch Available for "Terminal Server Login Buffer Overflow" Vulnerability Originally posted: November 08, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Window...

8.1AI score
Exploits0
Rows per page
Query Builder