DEBIAN-CVE-2013-2005

X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the 1 ReqCleanup, 2 HandleSelectionEvents, 3 ReqTimedOut, 4 HandleNormal, and 5...

[SECURITY] Fedora 18 Update: pmount-0.9.23-4.fc18

pmount "policy mount" is a wrapper around the standard mount program which permits normal users to mount removable devices without a matching /etc/fstab entry. Be warned that pmount is installed setuid root...

[DroidSQLi] MySQL Injection tool for Android

DroidSQLi is the first automated MySQL Injection tool for Android. It allows you to test your MySQL-based web application against SQL injection attacks. DroidSQLi supports the following injection techniques: - Time based injection - Blind injection - Error based injection - Normal injection...

rdtax.myeg.com.my Cross Site Scripting

Exploit Title: rdtax.myeg.com.my XSS Vulnerability Date: 27/07/2012 Author: Ryuzaki Lawlet Web/Blog: http://justryuz.blogspot.com Category: webapps Security:RISK: normal Vendor or Software Link: Google dork: - Tested on: Linux Exploit/p0c : http://localhost:80/path/path/chooseIns.jsp?agent= Proof...

Radius Manager V3.0.0=>4.0 CSRF Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Yealink VOIP Phone Cross Site Scripting

============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product: Yealink Easy VOIP Phone Homepage:...

Mandriva Update for kolab-webadmin MDVA-2010:230 (kolab-webadmin)

Check for the Version of kolab-webadmin OpenVAS Vulnerability Test Mandriva Update for kolab-webadmin MDVA-2010:230 kolab-webadmin Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

php168 buy get administrator privileges 0day-vulnerability warning-the black bar safety net

The exploit: the 1. Registered normal user 2. By http://site/buygroup.php?job=buy&gid=3purchase administrator privileges. 3. The background that 2webshell...

Microsoft IIS FTPd Denial Of Service

MS IIS FTPD DoS ZER0DAY There is a DoS vulnerability in the globbing functionality of IIS FTPD. Anonymous users can exploit this if they have read access to a directory!!! Normal users can exploit this too if they can read a directory. Example session where the anonymous user has read access to t...

Microsoft IIS 5.06.0 FTP Server - Stack Exhaustion Denial of Service

Microsoft IIS 5.06.0 FTP Server - Stack Exhaustion Denial of Service MS IIS FTPD DoS ZER0DAY There is a DoS vulnerability in the globbing functionality of IIS FTPD. Anonymous users can exploit this if they have read access to a directory!!! Normal users can exploit this too if they can read a...

Microsoft IIS 5.0/6.0 FTP Server - Stack Exhaustion Denial of Service

MS IIS FTPD DoS ZER0DAY There is a DoS vulnerability in the globbing functionality of IIS FTPD. Anonymous users can exploit this if they have read access to a directory!!! Normal users can exploit this too if they can read a directory. Example session where the anonymous user has read access to t...

alstrasoft-sql.txt

-+================================================================================+- -+ AlstraSoft AskMe Pro = 2.1 SQL Injection Vulnerabilitys +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On: 10 JUNE 2008 Script...

Catch broilers simple method-vulnerability warning-the black bar safety net

Now you hands should have their own horsepcshare generate room endof the bar,if the test horse??? This test would not have said,We have to really go catch a chicken before. Want to catch the chicken,must be to let someone else computer running your own horse. The issue came out,everyone is new...

A simple analysis of Linux kernel vulnerability issues-vulnerabilities and early warning-the black bar safety net

With Windows compared to Linux is considered to have better security and other extended properties. These features make the Linuxoperating systemfield meteoric rise, more and more attention. As the Linux application to increase the amount of its security has gradually been public, or even hacking...

linux/x86 normal exit w/ random (so to speak) return value 5 bytes

No description provided by source. / linux/x86 normal exit w/ random so to speak return value - 5 bytes - izik [email protected] / char shellcode = "\x31\xc0" // xor %eax,%eax "\x40" // inc %eax "\xcd\x80"; // int $0x80 int mainint argc, char argv int ret; ret = int &ret + 2; ret = int shellcode; //...

linux/x86 normal exit w/ random (so to speak) return value 5 bytes

Exploit for linux/x86 platform in category shellcode ================================================================== linux/x86 normal exit w/ random so to speak return value 5 bytes ================================================================== / linux/x86 normal exit w/ random so to speak...

CVE-2004-1652

phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges...

insecure temporary file creation in xine-check, xine-bugreport

Some scripts installed with xine create temporary files insecurely. It is recommended that these scripts xine-check, xine-bugreport not be used. They are not needed for normal operation...

Virginity Security Advisory 2003-002 : Tritanium Bulletin Board - Read and write from/to internal (protected) Threads

-------------------------------------------------------------------- Virginity Security Advisory 2003-002 - - - -------------------------------------------------------------------- DATE : 2003-10-31 22:59 GMT TYPE : remote VERSIONS AFFECTED : == Tritanium Bulletin Board 1.2.3...

consroot.exp

Hi there, here is a fully automated script for getting a root shell using a normal user account and remote-console acces. The Script was written by me based on an article from phrack.com article 53 - hacking forth by mudge ---snip--- --- consroot.exp " puts "\twhere MODE is one of:" puts "\t\tT =...