5117 matches found
Oxwall 1.7.0 - Remote Code Execution Exploit
Oxwall suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin/settings/user' script thru the 'avatar' and 'bigAvatar' POST parameters. This can be exploited to execute arbitrary PHP code by uploading a...
qemu: virtio: insufficient validation of num_sg when mapping
The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...
Upload the file of trap II pure alphanumeric. swf is a vulnerability?- Vulnerability warning-the black bar safety net
0x00 background In a previous uploaded file trap , the author mentioned for flash cross-domain data hijacking,sometimes does not need us to upload a file. Because we can simply use the JSONP interface,the flash content is assigned to the callback to be used. Just like in the comments@Sogili...
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 IIS IDC Path Mapping Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/299/info The full physical path name for the IIS web server root directory may be obtained by attempting to view a non-existent .IDC file. The web server will return an error message that lists the absolute pathname of th...
eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit
No description provided by source. / extremail-v6.c Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root exploit x86-lnx by mu-b - Wed Oct 18 2006 - Tested on: eXtremail 2.1.1 lnx eXtremail 2.1.0 lnx Stack overflow in ifParseAuthPlain - Private Source Code -DO NOT DISTRIBUTE -...
IBM GINA for NT 1.0 Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/608/info IBM has written a replacement GINA for Windows NT to allow NT hosts to authenticate against OS/2 domains. On machines running the modified GINA, the creation of a specific Registry key under...
Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26939/info Apache is prone to an information-disclosure vulnerability. This issue occurs because Apache fails to properly associate file extensions with the correct engines when handling specially crafted requests for fil...
OracleAS TopLink Mapping Workbench Weak Encryption Algorithm Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9515/info OracleAS TopLink Mapping Workbench is a tool included with OracleAS TopLink, a Java-based database integration development framework that is included as a component of various Oracle Application Server releases...
Play! Framework <= 1.0.3.1 Directory Transversal Vulnerability
No description provided by source. Exploit Title: Play! Framework = 1.0.3.1 Directory Transversal Vulnerability Date: July 24, 2010 Author: kripthor Software Link: http://www.playframework.org/ Version: Play! Framework = 1.0.3.1 Tested on: Ubuntu 10 CVE : N/A Notes: 28/07/2010 at 14:03 - Develope...
FrontPage 97/98 Server Image Mapper Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/1117/info The htimage.exe and imagemap.exe files included with FrontPage handle server-side image mapping functions. Under normal operations, it would be passed a map name and a set of coordinates in the format http:...
DMS POP3 Server 1.5.3 build 37 - Buffer Overflow Exploit
No description provided by source. ===== Start DMSPOP3Overflow.pl ===== Usage: DMSPOP3Overflow.pl ip port DMSPOP3Overflow.pl 127.0.0.1 110 DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 Download: http://www.digitalmapping.sk.ca/pop3srv/default.asp Patch:...
Linux Kernel 3.13 - SGID Privilege Escalation
/ CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC Vitaly Nikolenko http://hashcrack.org Usage: ./poc filepath where filepath is the file on which you want to set the sgid bit / define GNUSOURCE include include include include include include include include include define STACKSIZE 1024...
openSUSE Security Update : XEN (openSUSE-SU-2012:1572-1)
This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk XSA 25 CVE-2012-4544-xsa25.patch - bnc779212 - CVE-2012-4411: XEN / qemu: guest...
openSUSE Security Update : seamonkey (seamonkey-4074)
Mozilla SeaMonkey was updated to version 2.0.12, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...
KisMAC - Free Sniffer/Scanner application for Mac OS X
KisMAC is an open-source and free sniffer/scanner application for Mac OS X. It has an advantage over MacStumbler / iStumbler / NetStumbler in that it uses monitor mode and passive scanning. KisMAC supports many third party USB devices: Intersil Prism2, Ralink rt2570, rt73, and Realtek rtl8187...
CVE-2014-1718
Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/rendererhost/softwareframemanager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors...
Integer overflow
Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/rendererhost/softwareframemanager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors...
CVE-2014-1718
Removed by vendor...
NAT-PMP Detection (remote network)
The remote device has the NAT-PMP protocol enabled. This protocol may allow any application on an internal subnet to request port mappings from the outside to the inside. If this service is reachable from the outside your network, it may allow a remote attacker to gain more information about your...
STRUTS2 framework getClassLoader exploit-vulnerability warning-the black bar safety net
by emptiness prodigal heart http://www.inbreak.net Twitter: http://t.qq.com/javasecurity Summary: 2 0 1 2 year, I in the attack JAVA WEB action, the text of Titus on“the classLoader that caused the particular environment under DOS vulnerability”at the time and no more in-depth explanation, these...