890 matches found
游戏使命召唤畸形stats命令拒绝服务漏洞
BUGTRAQ ID: 29026 使命召唤(Call of Duty)是Infinity Ward开发的非常流行的第一人称扮演游戏。 使命召唤在处理畸形格式的请求数据时存在漏洞,远程攻击者可能利用此漏洞导致服务器不可用。 使命召唤4引入了一类被称为stats的无连接命令,玩家加入远程游戏后就会顺序发送0到6类型的上述命令。服务器还接收额外的7类型stats命令,如果客户端使用了这个7类型命令的话,远程服务器就会由于负数大小值的memcpy而崩溃。 成功利用这个漏洞要求攻击者知道受保护服务器的口令,此外如果服务器要求的话还需要拥有有效的cdkey。 Activision Call of...
http://marmarahosting.org/infinity.txt
"Infinity Solutions LLC" e/description.asp sql injection Credit : CodeXpLoder'tq mail : codexploderathotmaildotcom site : Biyosecurity.net,expw0rm.com thx : BiyoSecurityTeam spec.note : "Live The Life" 1- example.com/patch/description.asp?id=sql methot 1- example.com/e/description.asp?id=sql meth...
n.runs-SA-2007.012 - Avira Antivir Antivirus TAR Denial of Service
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2007.012 30-May-2007 Vendor: Avira GmbH, http://www.avira.com Affected Product: Avira Antivir Antivirus Vulnerability: Infinity Loop DoS remote Risk: HIGH Vendor communication: 2007/05/07 initial notification to Avira GmbH 2007/05/07...
CVE-2004-0625
SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via the login page...
CVE-2004-0625
SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via the login page. Based on CVE-2004-0625 details, the issue enables partial confidentiality/integrity/availability impact (per CVSSv2: AV:N/AC:L/Au:N/C:P/I:P/A:P). Exploitation s...
CVE-2004-0625
SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via the login page...
[Full-Disclosure] ZH2004-14SA (security advisory):Sql Injection in Infinity WEB
06/27/2004 Vendor contacted: June 1st 2004 Published: June 26th 2004 Title: Infinity WEB Vulnerable versions :1.0 unpatched Type: Sql Injection Author: D'Amato Luigi from Zone-h Security Labs - [email protected] - [email protected] Vendor: http://www.websoft.it/ Description...
Infinity CGI Exploit Scanner Multiple Vulnerabilities
The remote is running Infinity Exploit Scanner, a web-based CGI vulnerability scanner implemented in perl and stored under the name 'nph-exploitscanget.cgi'. There is a flaw in this CGI that lets an attacker execute arbitrary commands on this host. In addition to this, there is a flaw in this CGI...
Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting
Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting source: https://www.securityfocus.com/bid/7910/info Infinity CGI Exploit Scanner is reported to be prone to a cross-site scripting vulnerability. An attacker could exploit this issue to creating a malicious link to a site hosting the softwa...
Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/7910/info Infinity CGI Exploit Scanner is reported to be prone to a cross-site scripting vulnerability. An attacker could exploit this issue to creating a malicious link to a site hosting the software that contains hostile HTML and script code. If this li...