Exploit Labs Security Advisory 2005.10

------------------------------------------------------------ - EXPL-A-2005-010 exploitlabs.com Advisory 039 - ------------------------------------------------------------ - Mac OSX Server weblog - AFFECTED PRODUCTS ================= Mac OSX 10.4.0 Weblog Server http://apple.com OVERVIEW ========...

[Full-disclosure] Apple Mac Tiger 10.4 weblog server

------------------------------------------------------------ - EXPL-A-2005-010 exploitlabs.com Advisory 039 - ------------------------------------------------------------ - Mac OSX Server weblog - AFFECTED PRODUCTS ================= Mac OSX 10.4.0 Weblog Server http://apple.com OVERVIEW ========...

HPRadiaManagement.txt

NGSSoftware Insight Security Research Advisory Name: HP OpenView Radia Management Agent remote command execution via directory traversal Systems Affected: HP OpenView Radia Management Portal versions 2.x and 1.x running Radia Management Agent Severity: High Vendor URL: http://www.hp.com/ Authors:...

[VulnWatch] Buffer overflow vulnerability in VERITAS Software Backup Exec Web Administration Console (BEWAC)

Mark Litchfield of NGSSoftware has discovered a high risk vulnerability in the in VERITAS Software Backup Exec Web Administration Console BEWAC which can allow for remote code execution. Affected Products include - Backup Exec 10.0 for Windows Servers rev. 5484 Backup Exec 9.1 for Windows Servers...

phpBBkbmod.txt

phpBB - Knowledge Base MOD SQL-Injection vulnerability and Full Path Disclosure Discovered by R and deluxe89 Discussion: The phpbb - Knowledge Base MOD has a relatively hard to exploit SQL-Injection vulnerability. However, an attacker can exploit this bug and receive informations from the databas...

Darryl Burgdorf Webhints Remote Command Execution Vulnerability

Description Darryl Burgdorf Webhints is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Technologies Affected Colored Scripts Easy Message Board Darryl Burgdorf Webhints 1.3.0 Recommendations Block...

Golden FTP Server Pro 2.52 - Remote Buffer Overflow (2)

Golden FTP Server Pro 2.52 - Remote Buffer Overflow 2 / Golden FTP Server Pro remote stack BOF exploit author : c0d3r "kaveh razavi" [email protected] [email protected] risk : highly critical vender status : no patch released , all targets are vuln package : golden-ftp-server-pro 2.5.0.0 and...

Tcpdump 3.8.x (ldp_print) Infinite Loop Denial of Service Exploit

Exploit for linux platform in category dos / poc ================================================================= Tcpdump 3.8.x ldpprint Infinite Loop Denial of Service Exploit ================================================================= / tcpdump3.8.x: LDP ldpprint infinite loop DOS. by:...

Squid fails to parse empty access control lists correctly

Overview The Squid web proxy cache may fail to handle empty Access Control Lists ACLs in the intended manner. Description Squid functions as a web proxy and cache application for a number of protocols. However, Squid Access Control List ACL routines may not parse an empty list as intended. An emp...

Gaim vulnerable to malformed SNAC packet infinite processing loop

Overview Gaim contains a flaw in the processing of certain packets that may cause a denial of service. Description From the Gaim project:Gaim is a multi-protocol instant messaging IM client for Linux, BSD, MacOS X, and Windows. It is compatible with AIM and ICQ Oscar protocol, MSN Messenger,...

[SA14131] Claroline Add Course Script Insertion Vulnerability

TITLE: Claroline Add Course Script Insertion Vulnerability SECUNIA ADVISORY ID: SA14131 VERIFY ADVISORY: http://secunia.com/advisories/14131/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Claroline 1.x http://secunia.com/product/4607/ DESCRIPTION: Yiannis Girod...

Squid fails to properly handle oversized reply headers

Overview The Squid web proxy cache may be vulnerable to oversized HTTP reply headers. Description Squid functions as a web proxy and cache application for a number of protocols, including the hypertext transfer protocol HTTP. A defect in the Squid HTTP handling prevents oversized reply headers...

AWStats 6.0 6.2 - configdir Remote Command Execution (C)

AWStats 6.0 6.2 - configdir Remote Command Execution C / AwStats exploit by Thunder, [email protected] This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the us...

AWStats 6.0 < 6.2 - 'configdir' Remote Command Execution

/ AwStats exploit by Thunder, [email protected] This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the user input for the configdir parameter. If the users send...

Adobe Acrobat Reader for UNIX contains a buffer overflow in mailListIsPdf()

Overview A buffer overflow in Adobe Acrobat Reader for UNIX could allow a remote attacker to execute arbitrary code. Description Adobe Acrobat Reader is an application that allows users to view PDF Portable Document Format files. Acrobat Reader for UNIX Linux, Sun Solaris SPARC, IBM AIX, or HP-UX...

ss11012005.txt

/ / / \ / / / / / \ \ \ \ / / / / / \ / / // / / / / / / / / / // // / / / // / / / / // , / // / /// // //// // ,/ // / // \ / / / // / / // / /// , / // Ref: SS11012005 SYSTEMSECURE.ORG - Advisory/Exploit PUBLIC ADVISORY Software: MPM Guestbook Pro 1.05 maybe all versions Link:...

IBM DB2 XML functions overflows (#NISR05012005H)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 XML functions overflows Systems Affected: DB2 8.1 Severity: High risk from remote Vendor URL: http://www.ibm.com/ Author: David Litchfield david at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-02.txt Date of Publi...

IBM DB2 to_char and to_date Denial Of Service (#NISR05012005G)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 tochar and todate Denial Of Service Systems Affected: DB2 8.1 Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: Chris Anley chris at ngssoftware.com Relates to: http://www.ngssoftware.com/advisories/db2-02.txt Date ...

IBM DB2 call buffer overflow (#NISR05012005C)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 call buffer overflow Systems Affected: DB2 8.1/7.x Severity: High risk from remote Vendor URL: http://www.ibm.com/ Author: David Litchfield david at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-02.txt Date of Publ...

Microsoft Windows - NetDDE Remote Buffer Overflow (MS04-031)

/ HOD-ms04031-netdde-expl.c: 2004-12-30: PUBLIC v.0.2 Copyright c 2004 houseofdabus. MS04-031 NetDDE buffer overflow vulnerability PoC .:: houseofdabus ::. special unstable version --------------------------------------------------------------------- Description: A remote code execution...