500 matches found
sipXtapi.txt
!/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09 0x0a 0x0d 0x20 use IO::Socket; use strict; print "\n\n"; print "sipXtapi original Exploit by Michael Thumann added a real shellcode by acaro\n\n"; print "tested on sipXphone 2.6.0.27 read the code for ret address\n\n"; if not...
Multiple vulnerabilities in TK8 Safe v.3.0.5
Multiple vulnerabilities in TK8 Safe v.3.0.5 July 3, 2006 ---- Summary: TK8 Safe www.tk8.com is a password management application, which stores authentication details and other sensitive data in encrypted local folders. A number of issues have been discovered in version 3.0.5 of the application...
[SA19638] Sun Solaris LDAP2 Client Commands Security Issue
TITLE: Sun Solaris LDAP2 Client Commands Security Issue SECUNIA ADVISORY ID: SA19638 VERIFY ADVISORY: http://secunia.com/advisories/19638/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: Local system OPERATING SYSTEM: Sun Solaris 8 http://secunia.com/product/94/ Sun Solar...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Michael Salzer Guestbox 0.6, and other versions before 0.8, allow remote attackers to inject arbitrary web script or HTML via 1 HTML tags that follow a "http://" string, which bypasses a regular expression check, and 2 other unspecified attack...
Design/Logic Flaw
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the source IP addresses of guestbook entries via a direct request to /gb/gblog...
CVE-2006-0859
CVE-2006-0859 affects Michael Salzer Guestbox 0.6 and earlier versions up to 0.7/0.8 pre-release? It describes a vulnerability where remote attackers can post an admin comment to a guestbook entry via a modified form, possibly related to the nummer parameter. The connected sources corroborate the...
CVE-2006-0860
CVE-2006-0860 affects Michael Salzer Guestbox 0.6 and other versions before 0.8, where multiple XSS vulnerabilities exist. The underlying issue is that HTML tags following a "http://" string bypass a regex check, enabling remote injection of script/HTML; other attack vectors are also noted. No pu...
CVE-2006-0861
The CVE-2006-0861 entry concerns Michael Salzer Guestbox 0.6 and earlier than 0.8, where a direct request to /gb/gblog can disclose the source IP addresses of guestbook entries. The NVD summary notes a network-accessible issue with low attack complexity and no authentication, yielding partial con...
[SA18963] Mac OS X "__MACOSX" ZIP Archive Shell Script Execution
TITLE: Mac OS X "MACOSX" ZIP Archive Shell Script Execution SECUNIA ADVISORY ID: SA18963 VERIFY ADVISORY: http://secunia.com/advisories/18963/ CRITICAL: Extremely critical IMPACT: System access WHERE: From remote OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/ DESCRIPTION:...
CVE-2005-4327
CVE-2005-4327 describes multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt WebCal 1.11-3.04. The issue allows remote attackers to inject arbitrary scripting/HTML via (1) function, (2) year, and (3) date parameters to webcal.cgi, (4) new calendar entries, and (5) notes for entrie...
[SA16291] jabberd "jid.c" Buffer Overflow Vulnerabilities
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Mozilla Firefox <= 1.0.4 "Set As Wallpaper" Code Execution Exploit
Exploit for unknown platform in category remote exploits ================================================================== Mozilla Firefox Firewalling - Proof-of-Concept function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the real image go...
FreeBSD : mozilla -- arbitrary code execution vulnerability (cbfde1cd-87eb-11d9-aa18-0001020eed82)
A Mozilla Foundation Security Advisory reports : Plugins such as flash can be used to load privileged content into a frame. Once loaded various spoofs can be applied to get the user to interact with the privileged content. Michael Krax's 'Fireflashing' example demonstrates that an attacker can op...
Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution
// Exploit by Michael Krax Firewalling - Proof-of-Concept function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the real image got loaded window.setTimeout"window.stop",1000; Firewalling - Proof-of-Concept The "Set As Wallpaper" dialog takes...
"Wrapped" javascript: urls bypass security checks — Mozilla
Some security checks intended to prevent script injection were incorrect and could be bypassed by wrapping a javascript: url in the view-source: pseudo-protocol. Michael Krax demonstrated that a variant of his favicon exploit could still execute arbitrary code, and the same technique could also b...
Mandrake Linux Security Advisory : htdig (MDKSA-2005:063)
A cross-site scripting vulnerability in ht://dig was discovered by Michael Krax. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake Linux Security...
[SA14367] Verity Ultraseek Search Request Cross-Site Scripting
TITLE: Verity Ultraseek Search Request Cross-Site Scripting SECUNIA ADVISORY ID: SA14367 VERIFY ADVISORY: http://secunia.com/advisories/14367/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Verity Ultraseek 5.x http://secunia.com/product/3457/ DESCRIPTION: Micha...
[SA13701] Bugzilla Internal Error Response Cross-Site Scripting
TITLE: Bugzilla Internal Error Response Cross-Site Scripting SECUNIA ADVISORY ID: SA13701 VERIFY ADVISORY: http://secunia.com/advisories/13701/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Bugzilla 2.x http://secunia.com/product/396/ DESCRIPTION: Michael Krax...
Michael Lamont Savant Web Server 3.0 - Denial of Service
Michael Lamont Savant Web Server 3.0 - Denial of Service source: https://www.securityfocus.com/bid/2468/info A denial of service condition exists in Michael Lamont Savant web server. Requesting a specially crafted URL composed of '%' characters could cause the server to stop responding...
Michael Lamont Savant Web Server 3.0 - Denial of Service
source: https://www.securityfocus.com/bid/2468/info A denial of service condition exists in Michael Lamont Savant web server. Requesting a specially crafted URL composed of '%' characters could cause the server to stop responding. www.target/%%%...