1154 matches found
Design/Logic Flaw
Off-by-one error in the fspreaddirr function in fsplib.c in fsplib before 0.9 allows remote attackers to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which prevents a terminating null byte from being added...
webspell-lfi.txt
muH - $Title: Webspell 4.x Local File Inclusion Win $Damage Factor: Medium - High $Requires: Win Box & Php Supporting %00 $Discovered by muH $Usage: http://server.com/index.php?site=c:\windows\repair\sam%00...
Multiple .NET Null Byte Injection Vulnerabilities
======================================================================== = Multiple .NET Null Byte Injection Vulnerabilities = = Vendor Website: = http://www.microsoft.com = = Affected Version: = .NET FrameWork v1.1 SP1 = .NET FrameWork v2.0.50727 = = Vendor Notified - October, 2006 = Public...
dotnet-nullbyte.txt
======================================================================== = Multiple .NET Null Byte Injection Vulnerabilities = = Vendor Website: = http://www.microsoft.com = = Affected Version: = .NET FrameWork v1.1 SP1 = .NET FrameWork v2.0.50727 = = Vendor Notified - October, 2006 = Public...
MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) (uncredentialed check)
The remote web server is running a version of the ASP.NET framework that contains multiple vulnerabilities : - A PE Loader vulnerability could allow an attacker to execute arbitrary code with the privilege of the logged-on user. - A ASP.NET NULL byte termination vulnerability could allow an...
Design/Logic Flaw
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring o...
CVE-2007-0042
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring o...
CVE-2007-0042
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrain the final substring o...
MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)
The remote host is running a version of the ASP.NET framework that contains multiple vulnerabilities : - A PE Loader vulnerability could allow an attacker to execute arbitrary code with the privileges of the logged-on user. - An ASP.NET NULL byte termination vulnerability could allow an attacker ...
Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities
Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities source: https://www.securityfocus.com/bid/24791/info Microsoft .NET Framework is prone to multiple NULL-byte injection vulnerabilities because it fails to adequately sanitize user-supplied data. An attacker can exploit...
Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities
source: https://www.securityfocus.com/bid/24791/info Microsoft .NET Framework is prone to multiple NULL-byte injection vulnerabilities because it fails to adequately sanitize user-supplied data. An attacker can exploit these issues to access sensitive information that may aid in further attacks;...
CVE-2007-3285
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a 1 file:/// or 2 resource: URI with a dangerous extension, followed by a NULL byte %00 and a safer extension, which causes Firefox to treat the requested file...
Type confusion
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a 1 file:/// or 2 resource: URI with a dangerous extension, followed by a NULL byte %00 and a safer extension, which causes Firefox to treat the requested file...
CVE-2007-3285
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a 1 file:/// or 2 resource: URI with a dangerous extension, followed by a NULL byte %00 and a safer extension, which causes Firefox to treat the requested file...
webdesproxy 0.0.1 - exec-shield GET Remote Code Execution
webdesproxy 0.0.1 - exec-shield GET Remote Code Execution / Fedora Core 6 exec-shield based Webdesproxy webdesproxy-0.0.1.tgz remote root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...
: seamonkey cookie setting / same-domain bypass vulnerability
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
: seamonkey cookie setting / same-domain bypass vulnerability
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
mod_security protection bypass
Invalid handling of NULL byte in POST form data opens possibility to traverse checks...
: seamonkey cookie setting / same-domain bypass vulnerability
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
: seamonkey cookie setting / same-domain bypass vulnerability
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...