274 matches found
Winamp v5.572 whatsnew.txt Stack Overflow Exploit
Exploit for unknown platform in category local exploits ================================================= Winamp v5.572 whatsnew.txt Stack Overflow Exploit ================================================= Tested on: Windows xp sp3 Code : !/usr/bin/perl Winamp v5.572 whatsnew.txt Stack Overflow...
Pegasus Mail Client 4.51 - Remote Buffer Overflow
Pegasus Mail Client 4.51 - Remote Buffer Overflow Application: Pegasus Mail Client Platforms: Windows XP Professional SP2 Exploitation: remote BoF Date: 2009-10-06 Author: Francis Provencher Protek Research Lab's 1 Introduction 2 Technical details 3 The Code Only DoS =============== 1 Introductio...
Pegasus Mail Client 4.51 PoC BoF
Exploit for unknown platform in category remote exploits ================================ Pegasus Mail Client 4.51 PoC BoF ================================ Title: Pegasus Mail Client 4.51 PoC BoF CVE-ID: OSVDB-ID: Author: Francis Provencher Published: 2009-10-23 Verified: yes view source print?...
Debian devscripts软件包uscan远程代码执行漏洞
BUGTRAQ ID: 36227 CVECAN ID: CVE-2009-2946 Debian是一个流行的Linux发行版本。 uscan是Debian的devscripts软件包中所提供的程序,用于检测是否有新的源码版本可用。uscan运行了从不可信任来源下载的Perl代码实现URL与版本的重整功能,如果源码的发布服务器使用了恶意的路径名就会导致注入并执行任意Perl代码。 Debian devscripts 2.9.26 Debian devscripts 2.9.25 Debian devscripts 2.10.35 厂商补丁: Debian ------...
[Backports-security-announce] Security update for devscripts
Adam D. Barratt uploaded new packages for devscripts which fixed the following security problem: CVE-2009-2946: When parsing watch files, uscan applied "mangle rules" by evaluating them as Perl code without any sanitisation. This could have lead to the execution of arbitrary code by users or...
Debian: Security Advisory (DSA-1878-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...
CVE-2009-2946
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...
CVE-2009-2946
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...
CVE-2009-2946
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...
CVE-2009-2946
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...
[Backports-security-announce] Security update for devscripts
Adam D. Barratt uploaded new packages for devscripts which fixed the following security problem: CVE-2009-2946: When parsing watch files, uscan applied "mangle rules" by evaluating them as Perl code without any sanitisation. This could have lead to the execution of arbitrary code by users or...
[Backports-security-announce] Security update for devscripts
Adam D. Barratt uploaded new packages for devscripts which fixed the following security problem: CVE-2009-2946: When parsing watch files, uscan applied "mangle rules" by evaluating them as Perl code without any sanitisation. This could have lead to the execution of arbitrary code by users or...
AJ Auction Pro OOPD 2.x (store.php id) SQL Injection Exploit
No description provided by source. !/usr/bin/perl o AJ Auction Pro OOPD 2.x SQL Injection Exploit Software : AJ Auction Pro OOPD 2.x Vendor : http://www.ajsquare.com/ Author : NoGe Contact : nogedotcodeatgmaildotcom Blog : http://evilc0de.blogspot.com o Usage root@noge: perl ajpro.pl www.target.c...
Icarus 2.0 (.ICP File) Local Stack Overflow PoC
No description provided by source. !/usr/bin/perl Icarus 2.0GUEST.ICP Local Stack Overflow PoC By ThE g0bL!N usage: After Clicking On Perl File Run The Program And Choose Continue Booom The Program Crashed : $Header="\x73\x65\x72\x76\x65\x72\x20\x3D" ; $junk="\x41" x 5000 ; openmyfile,'GUEST.ICP'...
Bypass getimagesize()function defect-vulnerability warning-the black bar safety net
By: the superhei A lot of php code using getimagesizeto determine if your Upload file is not image, a lot of people in the Black-Box testing will be used in the php code before adding a GIF89a to bypass such code: ifgetimagesize$file print yes; else print No.; But there are many cases there are...
Code injection
The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection...
CVE-2008-6474
The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection...
CVE-2008-6474
The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection...
Elecard AVC HD Player Overflow
!/usr/bin/perl Elecard AVC HD PLAYER m3u/xpl file Local Stack Overflow POC Found By AlpHaNiX From NullArea.Net proof of concept Stack Get Overflowed Starting from 2353 char EIP overitten ------------------ REGISTRES ------------------ EAX 00000000 ECX 41414141 EDX 775A104D ntdll.775A104D EBX...