Lucene search
+L

5494 matches found

Exploit DB
Exploit DB
added 2008/04/03 12:0 a.m.38 views

Xitami Web Server 2.5c2 - LRWP Processing Format String (PoC)

/ PoC exploit for Xitami Web Server v2.5c2 LRWP processing format string bug Advisory is available at: http://www.bratax.be/advisories/b013.html multiple vulnerabilities! check it out! @author: bratax @url: http://www.bratax.be/ @email: [email protected] Thanks to BuzzDee for learning me how to us...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2008/03/18 11:0 p.m.27 views

CVE-2008-0989

Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname...

8.6AI score0.00444EPSS
Exploits1References9
Saint
Saint
added 2008/03/13 12:0 a.m.38 views

mIRC PRIVMSG hostname buffer overflow

Added: 03/13/2008 CVE: CVE-2008-4449 BID: 31552 OSVDB: 48752 Background mIRC is an Internet Relay Chat IRC client. Problem A buffer overflow in mIRC allows command execution when a user connects to a malicious IRC server which sends a PRIVMSG message with a long, specially crafted hostname...

9.3CVSS6.9AI score0.38737EPSS
Exploits8
Prion
Prion
added 2008/02/19 12:0 a.m.18 views

Stack overflow

Multiple stack-based buffer overflows in the legacy modjk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long 1 Host header, or 2 Hostname within a Host header...

7.5CVSS8.1AI score0.41466EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2008/02/18 11:0 p.m.20 views

CVE-2007-6258

Multiple stack-based buffer overflows in the legacy modjk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long 1 Host header, or 2 Hostname within a Host header...

7.7AI score0.41466EPSS
Exploits0References9
seebug.org
seebug.org
added 2008/01/23 12:0 a.m.21 views

SocksCap主机名解析远程栈溢出漏洞

BUGTRAQ ID: 27357 SocksCap是NEC公司开发的一个免费软件,允许某些没有提供代理设置的客户端软件连接Internet。 SocksCap在解析远程资源的主机名时存在栈溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 如果主机名大于692字节的话,就可能触发这个溢出,导致执行任意指令。成功攻击要求打开了Resolve all names remotely选项。 NEC SocksCap = 2.40-051231 NEC --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://socks.nec.com/...

6.9AI score
Exploits0
NVD
NVD
added 2008/01/22 8:0 p.m.11 views

CVE-2008-0378

Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long hostname...

6.8CVSS8.1AI score0.02512EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/01/22 7:0 p.m.20 views

CVE-2008-0378

Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long hostname...

8.1AI score0.02512EPSS
Exploits0References4
exploitpack
exploitpack
added 2008/01/22 12:0 a.m.16 views

Coppermine Photo Gallery 1.4.10 - SQL Injection

Coppermine Photo Gallery 1.4.10 - SQL Injection table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1...

0.5AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.35 views

Debian Security Advisory DSA 837-1 (mozilla-firefox)

The remote host is missing an update to mozilla-firefox announced via advisory DSA 837-1. Tom Ferris discovered a bug in the IDN hostname handling of Mozilla Firefox, which is also present in the other browsers from the same family that allows remote attackers to cause a denial of service and...

7.5CVSS0.7AI score0.21112EPSS
Exploits2
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.25 views

Debian: Security Advisory (DSA-837-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.21112EPSS
Exploits2References3
Exploit DB
Exploit DB
added 2008/01/16 12:0 a.m.30 views

PixelPost 1.7 - Blind SQL Injection

!/usr/bin/php -q -d shortopentag=on ?php // magicquotesgpc needs to be off errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc3 print "-------------------------------------------------------------------------\r\n"; print " PixelPost 1.7 Blind SQL Injection...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/12/18 11:52 p.m.8 views

Flash plugin DNS rebinding

The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash SWF movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML...

5CVSS6AI score0.06153EPSS
Exploits1References4
seebug.org
seebug.org
added 2007/12/12 12:0 a.m.21 views

SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit

No description provided by source. !/usr/local/bin/ruby puts"http://backdoored.net\n" puts "SquirrelMail G/PG deletekey command injection exploit\n" puts "http://backdoored.net Visit Us\n" puts "Coded by Backdoored member. \n" puts "--------------------------------------------------\n" if ARGV0 =...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/12/03 12:0 a.m.53 views

PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability

PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability Description: BEA Plumtree portal is vulnerable to a internal hostname disclosure vulnerability. The internal hostname of the server hosting BEA Plumtree portal is always included at the bottom of every requested HTML page...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2007/11/28 12:0 a.m.15 views

BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities

BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernam...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/28 12:0 a.m.27 views

BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernames in the Plumtree portal as well as the server hostname, build date, and server version. Informati...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/26 12:0 a.m.25 views

Fedora 7 : net-snmp-5.4-16.fc7 (2007-3019)

Fri Oct 19 2007 Jan Safranek 5.4-16 - License: field fixed to 'BSD and CMU' - fix hrSWInst 250237 - fix leak in UDP transport 247771 - fix remote DoS attack CVE-2007-5846 - Mon Oct 8 2007 Jan Safranek 5.4-15 - License: field changed to MIT - fix segfault on parsing smuxpeer without password...

7.8CVSS7.9AI score0.28966EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/11/07 12:0 a.m.5 views

Moderate: Red Hat Bug Fix Advisory: tcp_wrappers bug fix update

Updated tcpwrappers packages that fix several bugs are now available. The tcpwrappers package provides small daemon programs which can monitor and filter incoming requests for systat, finger, FTP, telnet, rlogin, rsh, exec, tftp, talk and other network services. It also contains the libwrap libra...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2007/10/31 4:0 p.m.20 views

CVE-2002-2367

Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname...

8.2AI score0.05409EPSS
Exploits1References3
Rows per page
Query Builder