Easewe FTP OCX ActiveX Control code execution

Unsafe methods allow data access and code execution...

Nmap NSE net: http-methods

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE net: http-methods

Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods. Optionally tests each method individually to see if they are subject to e.g. IP address restrictions. In this script, 'potentially risky' methods are anything except GET, HEAD,...

Easewe FTP ActiveX Control Multiple Insecure Methods

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Easewe FTP OCX ActiveX Control, which can be exploited to potentially compromise a user's system. 1 Insecure methods in Easewe FTP ActiveX Control 1.1 The vulnerability is caused due to the EaseWeFtp.FtpLibrary...

Exploit writing tutorial part 2 - Jumping to shellcode [RUS by pleaZ]

Автор: Peter Van Eeckhoutte corelanc0d3r Перевод: peaz 5/2011 В предыдущей части руководства Part1: Stack Based Overflows, я объяснял основы по использованию информации о найденной уязвимости в целях создания собственного эксплойта. На примере из предыдущей части, мы видели, что ESP указывал на...

SMTP Authentication Methods

The remote SMTP server advertises that it supports authentication. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid54580; scriptversion"1.7"; scriptcvsdate"Date: 2019/03/05 11:48:05"; scriptnameenglish:"SMTP Authentication Methods"; scriptsummaryenglish:"Checks which...

New Version of Alureon Ups the Ante on Encryption

A new version of the venerable Alureon malware has appeared, and this one includes some odd behavior designed to prevent analysis and detection by antimalware systems. However, this isn’t the typical evasion algorithm, as it uses some unusual encryption and decryption routines to make life much...

ECshop payment methods 0day manual injection EXP-vulnerability warning-the black bar safety net

ECshop payment methods 0day manual injection of the study The original EXP: respond. php? code=tenpay&attach=voucher&spbillno=1 andselect 1 fromselect count,concatselect select SELECT concat0x7e,0x27,count,0x27,0x7e FROM ecs. ecsadminuser from the informationschema. tables limit 0,1,floorrand02x...

CVE-2011-1720

The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service...

Memory corruption

The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service...

CVE-2011-1720

The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service...

openSUSE Security Update : OpenOffice_org (openSUSE-SU-2011:0337-1)

Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. The previous OpenOfficeorg packages are also renamed to libreoffice. LibreOffice is continuation of the OpenOffice.org project. This update replaces the...

RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control (InstallerDlg.dll v2.6.0.445) Multiple Remote Commands Execution Vulnerabilities

RealNetworks RealGames StubbyUtil.ProcessMgr.1 ActiveX Control InstallerDlg.dll v2.6.0.445 Multiple Remote Commands Execution Vulnerabilities tested against Internet Explorer 9, Vista sp2 download url: http://www.gamehouse.com/ background: When choosing to play with theese online games ex. the ga...

Mc.Graw Hill – Hacking Exposed 3rd Edition 2011

The latest Web app attacks and countermeasures from world-renowned practitioners. Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web...

CA Internet Security / CA Host-Based Intrusion Prevention System code execution

SetXml and Save methods of HIPSEngine component allows to save file to any location...

Authentication flaw

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562...

discuz 7.2 code execution vulnerability using the method of two-vulnerability and early warning-the black bar safety net

Use the exp while only the machine testing, and other purposes at your own risk! The first method: First register a user and then put form method="post" action=" http://www.xxx.com/bbs/misc.php" enctype="multipart/form-data" Post ID, specify the presence of a post:input type="text" name="tid"...

Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)

$Id: mssqlpayloadsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Shenzhen College of Information Technology V3. 0 injection vulnerability-vulnerability warning-the black bar safety net

Publishing author: xiaokis Affected version: V3. 0 Vulnerability type: SQL injection Vulnerability description: File: the newss. asp % on error resume next sql="update news set hits=hits+1 where id="&cstrrequest"id" conn. execute sql set rs=server. createobject"adodb. recordset" sql="select from...

Microsoft SQL Server Payload Execution via SQL Injection

This module will execute an arbitrary payload on a Microsoft SQL Server, using a SQL injection vulnerability. Once a vulnerability is identified this module will use xpcmdshell to upload and execute Metasploit payloads. It is necessary to specify the exact point where the SQL injection...