8515 matches found
CVE-2010-2950
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the pharstreamflush function,...
Format string
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the pharstreamflush function,...
CVE-2010-2950
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the pharstreamflush function,...
CVE-2010-2950
CVE-2010-2950 is a format-string vulnerability in the PHP phar extension (stream.c/phar_stream_flush) affecting PHP 5.3.x up to 5.3.3. It allows context-dependent attackers to disclose memory contents and potentially execute arbitrary code via a crafted phar:// URI. The issue is noted as stemming...
iSCSI target Multiple Implementations Format String Code Execution (CVE-2010-0743)
iSCSI Internet Small Computer System Interface is an Internet Protocol based storage networking standard for linking data storage facilities. It is used to transfer data over the network using the SCSI protocol. A format string vulnerability has been reported in multiple implementations of iSCSI...
SonicWALL SSL VPN End Point Interrogator Installer ActiveX Control
SonicWALL SSL VPN provides secure remote access to mission-critical resources from any endpoint including desktops, laptops, PDAs and smartphones. SonicWALL SSL VPN is bundled with a number of ActiveX controls such as, EPInstaller End Point Installer and EPInterrogator End Point Interrogator, tha...
SonicWALL Aventail - 'epi.dll' AuthCredential Format String (Metasploit)
$Id: aventailepiactivex.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
openSUSE Security Update : tgt (openSUSE-SU-2010:0608-1)
This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...
openSUSE Security Update : iscsitarget (openSUSE-SU-2010:0604-1)
This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...
openSUSE Security Update : tgt (openSUSE-SU-2010:0608-1)
This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...
openSUSE Security Update : iscsitarget (openSUSE-SU-2010:0604-1)
This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...
httpdx - 'tolog()' Format String (Metasploit) (1)
$Id: httpdxtologformat.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
httpdx - 'tolog()' Format String (Metasploit) (2)
$Id: httpdxtologformat.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
SonciWALL Aventail epi.dll AuthCredential Format String Exploit
$Id: aventailepiactivex.rb 10078 2010-08-20 11:36:50Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
SonicWALL SSL-VPN ActiveX format string vulnerability
End-Point Interrogator/Installer ActiveX format string vulnerability in AuthCredential method...
SonicWALL E-Class SSL-VPN ActiveX Control Format String Overflow
-------------------------- NSOADV-2010-005 --------------------------- SonicWALL E-Class SSL-VPN ActiveX Control format string overflow 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11...
NSOADV-2010-005: SonicWALL E-Class SSL-VPN ActiveX Control format string overflow
-------------------------- NSOADV-2010-005 --------------------------- SonicWALL E-Class SSL-VPN ActiveX Control format string overflow 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11...
SonicWALL Aventail epi.dll AuthCredential Format String
This module exploits a format string vulnerability within version 10.0.4.x and 10.5.1 of the SonicWALL Aventail SSL-VPN Endpoint Interrogator/Installer ActiveX control epi.dll. By calling the 'AuthCredential' method with a specially crafted Unicode format string, an attacker can cause memory...
SonicWALL E-Class SSL-VPN ActiveX Control Format String Overflow
Exploit for windows platform in category dos / poc ================================================================ SonicWALL E-Class SSL-VPN ActiveX Control Format String Overflow ================================================================ Title: SonicWALL E-Class SSL-VPN ActiveX Control...
SonicWALL E-Class SSL-VPN - ActiveX Control Format String Overflow
SonicWALL E-Class SSL-VPN - ActiveX Control Format String Overflow -------------------------- NSOADV-2010-005 --------------------------- SonicWALL E-Class SSL-VPN ActiveX Control format string overflow 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 1110110...