313 matches found
SQL Injection
Moodle is vulnerable to SQL injection attacks. The attacks exist because the application does not filter null bytes \0 characters in query strings, leading to SQL statements failing and causing error to the Microsoft SQL driver. This can allow a malicious user to inject and execute SQL queries...
BSA-2017-293
Security Advisory ID : BSA-2017-293 Component : NTP Revision : 1.0: Interim The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. Affected Products Brocade is investigating i...
CVE-2017-6459
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...
Null pointer dereference
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...
CVE-2017-6459
The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...
NTP Local Denial of Service Vulnerability (CNVD-2017-04411)
NTP is Network Time Protocol NTP, which is a protocol used to synchronize the time of individual computers on a network. A local denial of service vulnerability exists in NTP, where the Windows installer of NTP enables a local user to cause a denial of service via a route related to a parameter...
Hostname Check Bypassing
pyOpenSSL is vulnerable to hostname check bypassing. This is because it does not properly handle hostnames in the certificate that contain null bytes.The string formatting of subjectAltName X509Extension instances incorrectly truncates fields of the name when encountering null bytes, allowing...
Citrix XenServer Multiple Vulnerabilities (CTX218775)
The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the sniffnetware function within file tools/pygrub/src/pygrub when handling string quotes and S-expressions in the bootloader whenev...
WhatsApp Web Username Bypass Vulnerability
Exploit for tricks platform in category remote exploits Title: Web WhatsApp Username Bypass Date: 31.10.2016 Author: Glumi Software Link: https://web.whatsapp.com/ Why this works: Web WhatsApp is filtering null bytes for all username inputs but this can be bypassed by using the"NOP"-character 0x9...
Telegram Web 0.5.5 Username Bypass
Exploit Title: Telegram Web Empty Username Bypass Date: 18/10/2016 Author: Ashiyane Digital Security Team Software Link: https://web.telegram.org version : Telegram Web 0.5.5 Tested on: Windows 7 Description: Telegram filters null bytes for username input but you can bypass this filter with "NOP"...
UBUNTU-CVE-2015-7695
The PDO adapters in Zend Framework before 1.12.16 do not filer null bytes in SQL statements, which allows remote attackers to execute arbitrary SQL commands via a crafted query...
Linux kernel information disclosure vulnerability (CNVD-2016-03867)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. An information disclosure vulnerability exists in the 'tipcnlcompatlinkdump' function in the net/tipc/netlinkcompat.c file of the Linux kernel, which stems from a program's...
HackerOne: Manipulate report timeline activity by using null byte.
Null bytes are not permitted in report body, or even in report title. But that can be used in the comment section of self-closing for reporter and change-status for team. When a null byte is used as a comment, that report timeline activity disappears! For example:...
Ubuntu 14.04 LTS : Kerberos vulnerabilities (USN-2810-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2810-1 advisory. It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause...
USN-2810-1 krb5 vulnerabilities
It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2002-2443 It was discovered that Kerberos...
Updated php-ZendFramework/php-ZendFramework2 packages fixe security vulnerabilities
Zend Framework contained several instances where it was using incorrect permissions masks, which could lead to local privilege escalation issues CVE-2015-5723. The PDO adapters of Zend Framework 1 do not filter null bytes values in SQL statements. A PDO adapter can treat null bytes in a query as ...
ZendFramework1 -- SQL injection vulnerability
Zend Framework developers report: The PDO adapters of Zend Framework 1 do not filter null bytes values in SQL statements. A PDO adapter can treat null bytes in a query as a string terminator, allowing an attacker to add arbitrary SQL following a null byte, and thus create a SQL injection...
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2658-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2658-1 advisory. Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. A remote attacker could possibly use this issue to bypass...
USN-2658-1: PHP vulnerabilities
Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. A remote attacker could possibly use this issue to bypass intended restrictions and create or obtain access to sensitive files. CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598...
php: missing null byte checks for paths in various PHP extensions
It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions...