71 matches found
CVE-2021-43523
The CVE-2021-43523 issue affects uClibc/uClibc-ng prior to 1.0.39, where improper handling of special characters in DNS-derived domain names can cause domain hijacking and injection into applications (potential remote code execution, XSS, crashes). The vulnerability arises from a missing validati...
D-Link DNS-325 ShareCenter 1.05B03 Shell Upload / Command Injection Vulnerabilities
D-Link DNS-325 ShareCenter versions 1.05B03 and below suffer from remote shell upload and command injection vulnerabilities. D-Link DNS-325 ShareCenter Multiple Vulnerabilities Released Date: 2017-XX-XX Last Modified: 2017-06-22 Company Info: D-Link Version Info: Vulnerable D-Link DNS-325...
WDMyCloud 2.30.165 CSRF / File Upload / Code Execution / Backdoor / DoS
/ / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and Development WDMyCloud = 2.30.165 Multiple Vulnerabilities Released Date: 2018-01-04 Last Modified: 2017-06-11 Company Info: Western Digital Version Info: Vulnerable MyCloud =...
Oracle Linux 7 : tcpdump (ELSA-2017-1871)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2017-1871 advisory. 14:4.9.0-5 - Resolves: 1441597; use bigger capture buffer than in upstream 14:4.9.0-4 - Drop downstream patch drop root privileges - Add libcap-ng as a...
Torsocks 1.2 Released - Socks friendly ssh and irssi with Tor
Torsocks 1.2 Released - Socks friendly ssh and irssi with Tor Torsocks is an application for Linux, BSD and Mac OSX that allows you to use network applications such as ssh and irssi with Tor. Torsocks allows you to use most socks-friendly applications in a safe way with Tor. It ensures that DNS...
Nuked-klaN 1.7.7 SP4.4 - Multiple Vulnerabilities
Nuked-klaN 1.7.7 SP4.4 - Multiple Vulnerabilities URL: http://real.o-n.fr/ Date: 14/10/2008 Special thanks to Louis for remembering me I had to finish it = VULNERABILITY DETAILS --------------------- Nuked-klaN suffers from a vulnerability due to HTTPREFERER, which is not correctly filtered befor...
Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities
URL: http://real.o-n.fr/ Date: 14/10/2008 Special thanks to Louis for remembering me I had to finish it = VULNERABILITY DETAILS --------------------- Nuked-klaN suffers from a vulnerability due to HTTPREFERER, which is not correctly filtered before being inserted in nukedstatsvisitor table. If HT...
auracms-blindsql.txt
!/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor : http://www.auracms.org/ ------------------------------------ Audit...
Windows 2003/XP gethostbyaddr() NULL pointer bug
If invalid CNAME in reverse lookup zone is specified, gethostbyaddr returns hostent structure with name pointer set to NULL...
Windows XP SP1 gethostbyaddr() flow (Re[3]: mirc32 6.0x crash when resolving dns.)
Dear vulndev, It's definitely bug in Windows XP SP1, as it was supposed by Roland Postle [email protected] To reproduce it: 1. Created zone 1.168.192.in-addr.arpa and add record: 254 IN CNAME non.existant.name 2. Use test program attached 3. I did tests on Windows NT 4.0, Windows 2000 and Windows...
CVE-2001-0207
CVE-2001-0207: A buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname that is copied into a small buffer after a reverse DNS lookup (gethostbyaddr). Affected software is bing; the underlying cause is unsafe handling of hostname data leading to potentia...