JDKChat v1.5 Remote Integer Overflow PoC

Summary JDKChat is a simple C++ chat server for GNU/Linux systems. Users can connect to it through a simple tcp client like telnet. Description JDKChat is prone to a remote integer-overflow vulnerability. A remote attacker may exploit this issue to execute arbitrary code within the context of the...

JDKChat 1.5 - Remote Integer Overflow (PoC)

JDKChat 1.5 - Remote Integer Overflow PoC !/usr/bin/perl Title: JDKChat v1.5 Remote Integer Overflow PoC Summary: JDKChat is a simple C++ chat server for GNU/Linux systems. Users can connect to it through a simple tcp client like telnet. WebSite : http://www.jdkoftinoff.com/...

[SECURITY] [DSA 1719-2] New GNUTLS packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1719-2 [email protected] http://www.debian.org/security/ Florian Weimer February 28, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1727-1] New proftpd-dfsg packages fix SQL injection vulnerabilites

-------------------------------------------------------------------------- Debian Security Advisory DSA 1727-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 26th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1726-1] New python-crypto packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1726-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 25, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1724-1] New moodle packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1724-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 13th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1722-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 11, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1722-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 11, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1718-1] New boinc packages fix validation bypass

------------------------------------------------------------------------ Debian Security Advisory DSA-1718-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 08, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1715-1] New moin packages fix insufficient input sanitising

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1715 [email protected] http://www.debian.org/security/ Steffen Joeris January 29, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1704 [email protected] http://www.debian.org/security/ Steffen Joeris January 14, 2009 http://www.debian.org/security/faq -...

Debian GNU/Linux XTERM DECRQSS Weakness

Package: xterm Version: 222-1etch2 Severity: grave Tags: security patch Justification: user security hole DECRQSS Device Control Request Status String "DCS $ q" simply echoes responds with invalid commands. For example, perl -e 'print "\eP$q\nbad-command\n\e\"' would run bad-command...

CVE-2006-7236

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences...

CVE-2006-7236

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences...

CVE-2006-7236

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences...

CVE-2006-7236

The CVE-2006-7236 issue concerns the xterm program and its default configuration on Debian sid (and possibly Ubuntu), where the allowWindowOps resource is enabled. This permits a user-assisted attacker to execute arbitrary code or otherwise impact the system via crafted escape sequences. Related ...

CVE-2006-7236

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences...

Linux/x86-64 - sethostname(Rooted !) + killall Shellcode (33 bytes)

Linux/x86-64 - sethostnameRooted ! + killall Shellcode 33 bytes. Shellcode exploit for Linuxx86-64 platform Linux/x8664 sethostname & killall 33 bytes shellcode Date: 2010-04-26 Author: zbt Tested on: x8664 Debian GNU/Linux / ; sethostname"Rooted !"; ; kill-1, SIGKILL; section .text global start...

CVE-2008-5747

F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a "corrupted" header that still allows the program to be executed. NOTE: due to an error in the initial disclosure, F-secure was incorrectly stated as the vendor...

Authentication flaw

F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a "corrupted" header that still allows the program to be executed. NOTE: due to an error in the initial disclosure, F-secure was incorrectly stated as the vendor...