Novell iManager Multiple Vulnerabilities

Novell iManager Multiple Vulnerabilities 1. Advisory Information Title: Novell iManager Multiple Vulnerabilities Advisory Id: CORE-2010-0316 Advisory URL: http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities Date published: 2010-06-23 Date of last update:...

Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Windows)

This host is installed with Wireshark and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodwiresharksigcompdissectordosvulnwin.nasl 5401 2017-02-23 09:46:07Z teissa $ Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability Windows...

ftp-libopie NSE Script

Checks if an FTPd is prone to CVE-2010-1938 OPIE off-by-one stack overflow, a vulnerability discovered by Maksymilian Arciemowicz and Adam "pi3" Zabrocki. See the advisory at . Be advised that, if launched against a vulnerable host, this script will crash the FTPd. Script Arguments vulns.short,...

File Sharing Wizard 1.5.0 Remote Command Execution

!/usr/bin/python print "\n" print " Team Hackers Garage " print " www.garage4hackers.com " print " " print " File Sharing Wizard Version 1.5.0 " print " Remote Command Execution " print " Author: b0nd " print " [email protected] " print " " print " Greetz to: The Hackers Garage Family " print ...

Joomla! Component Answers 2.3beta - Multiple Vulnerabilities

Joomla! Component Answers 2.3beta - Multiple Vulnerabilities Exploit Title: Joomla Component Answers v2.3beta Multiple Vulnerabilities Date: 25 May 2010 Author: jdc Software Link: http://extensions.joomla.org/extensions/communication/forum/12652 Version: 2.3beta Tested on: PHP5, MySQL5 Blind SQL...

File Sharing Wizard 1.5.0 - Remote Overflow (SEH)

!/usr/bin/python print "\n" print " Team Hackers Garage " print " www.garage4hackers.com " print " " print " File Sharing Wizard Version 1.5.0 " print " Remote Command Execution " print " Author: b0nd " print " [email protected] " print " " print " Greetz to: The Hackers Garage Family " print ...

ArabPortal 2.2.x SQL Injection

Exploit Title: ArabPortal V2.2.x Remote SQL Injection Vulnerability Author: SwEET-DeViL Published: 10-6-2010 Software Link: http://www.arab-portal.info/download.php?action=download&fileid=127 Version: 2.2.x Tested on: Lunix Need : Magic Quotes Gpc = Off | |...

Command injection

Off-by-one error in the opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long username, as...

CVE-2010-1938

The CVE-2010-1938 issue affects OPIE’s library (libopie) used by OPIE up to version 2.4.1-test1, on FreeBSD 6.4–8.1-PRERELEASE and other platforms. The vulnerability is an off-by-one error in __opiereadrec/readrec.c that can be triggered by a long USER command to FTP servers linked against libopi...

FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)

No description provided by source. FreeBSD 8.0 ftpd off-by one PoC FreeBSD-SA-10:05 CVE-2010-1938 FreeBSD-SA-10:05 Credit: Maksymilian Arciemowicz and Adam Zabrocki http://securityreason.com/achievementsecurityalert/87 http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc...

FreeBSD 8.0 ftpd Off-By-One Proof Of Concept

libopie readrec off-by one FreeBSD ftpd remote PoC Authors: - Maksymilian Arciemowicz - Adam 'pi3' Zabrocki http://securityreason.com/achievementsecurityalert/87 http://site.pi3.com.pl/adv/libopie-adv.txt http://blog.pi3.com.pl/?p=111 Date: - Dis.: 04.05.2010 - Pub.: 27.05.2010 CVE: CVE-2010-1938...

FreeBSD 8.0 - ftpd (FreeBSD-SA-10:05) Off-By-One (PoC)

FreeBSD 8.0 - ftpd FreeBSD-SA-10:05 Off-By-One PoC FreeBSD 8.0 ftpd off-by one PoC FreeBSD-SA-10:05 CVE-2010-1938 FreeBSD-SA-10:05 Credit: Maksymilian Arciemowicz and Adam Zabrocki http://securityreason.com/achievementsecurityalert/87 http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.a...

FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)

Exploit for freebsd platform in category dos / poc ================================================== FreeBSD 8.0 ftpd off-by one PoC FreeBSD-SA-10:05 ================================================== PoC: Connected to localhost. Escape character is '^'. 220 127.cx FTP server Version 6.00LS read...

FreeBSD 8.0 - 'ftpd' (FreeBSD-SA-10:05) Off-By-One (PoC)

FreeBSD 8.0 ftpd off-by one PoC FreeBSD-SA-10:05 CVE-2010-1938 FreeBSD-SA-10:05 Credit: Maksymilian Arciemowicz and Adam Zabrocki http://securityreason.com/achievementsecurityalert/87 http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc http://blog.pi3.com.pl/?p=111 PoC: Connected to...

FreeBSD-SA-10:05.opie

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:05.opie Security Advisory The FreeBSD Project Topic: OPIE off-by-one stack overflow Category: contrib Module: contribopie Announced: 2010-05-27 Credits:...

CVE-2010-1640

Off-by-one error in the parseicon function in libclamav/peicons.c in ClamAV 0.96 allows remote attackers to cause a denial of service crash via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling...

CVE-2010-1640

CVE-2010-1640 is an off-by-one/read out-of-bounds vulnerability in ClamAV 0.96 (parseicon in libclamav/pe_icons.c) that can cause a remote denial of service via a crafted PE icon. Connected advisories and public feeds corroborate the issue as a remote DoS, tied to improper rounding during scaling...

PT-2010-3302 · Cisco · Clamav

Name of the Vulnerable Software and Affected Versions: ClamAV version 0.96 Description: The issue is related to an off-by-one error in the parseicon function, which can cause a denial of service crash when processing a crafted PE icon. This occurs due to an out-of-bounds read triggered by imprope...

CVE-2010-2012

SQL injection vulnerability in function.php in MigasCMS 1.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo action. NOTE: some of these details are obtained from third party information...

Online University - Authentication Bypass

'/ -.- --------------------oOO------OOo----------------------------- | Online University Auth Bypass SQL Injection Vulnerability | | works only with magicquotesgpc = off | ---------------------------------------------------------------- ! Discovered: cr4wl3r ! Homepage: http://h4ckb0x.org/ !...