Обратный путь в директориях Comprehensive Web Programming API (directory traversal)

Метод GetRelativePath не проверяет относительные пути...

Aktivate 1.0 3 - Shopping Cart Cross-Site Scripting

source: https://www.securityfocus.com/bid/3714/info Aktivate is a shopping cart system which is geared towards Unix and Linux users, uses MySQL as a backend, and is written in Perl. Aktivate is prone to cross-site scripting attacks. It is possible to construct a link containing arbitrary script...

insecure signal handler design

"Delivering Signals for Fun and Profit" Understanding, exploiting and preventing signal-handling related vulnerabilities. Michal Zalewski [email protected] C Copyright 2001 BindView Corporation 0 Introduction --------------- According to a popular belief, writing signal handlers has litt...

IMAP4rev1 12.26112.2642000.284 - lsub Remote Overflow

IMAP4rev1 12.26112.2642000.284 - lsub Remote Overflow / !!! Private !!! imapd IMAP4rev1 v12.261, v12.264 and 2000.284 Remote Exploit. Others? Yes! By: SkyLaZarT [email protected] .aka. Felipe Cerqueira Homepage: www.BufferOverflow.Org Thankz: cync, oldm and Jans. BufferOverflow.org Te...

Дырка в CGI Ikonboard

Классические ошибки perl CGI...

BSD Passive Connection Shellcode

Exploit for bsd platform in category shellcode ================================ BSD Passive Connection Shellcode ================================ ; Passive Connection Shellcode ; ; Coded by Scrippie - email protected - http://b0f.freebsd.lublin.pl ; Buffer0verfl0w Security ; Why? This evades...

BSD Passive Connection Shellcode

BSD Passive Connection Shellcode. Shellcode exploit for bsd platform ; Passive Connection Shellcode ; ; Coded by Scrippie - [email protected] - http://b0f.freebsd.lublin.pl ; Buffer0verfl0w Security ; Why? This evades firewalls... ; ; YES, this is for NASM, I detest AT&T syntaxis - it's gross and...

UtilMind Mail List 1.7 - Users Can Execute Commands

UtilMind Mail List 1.7 - Users Can Execute Commands !/usr/bin/perl -w Mailing List & News Version 1.7 / PoC Exploit. UtilMind Solutions / http://www.utilmind.com/ Actually a pretty amusing exploit to write! The 'openMAIL, "|$mailprog $address"' ... code sends e-mail to those who are on the mailin...

@stake Advisory: Multiple Vulnerabilities in iCal 2.1 (A100900-1)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Multiple Vulnerabilities in iCal 2.1 Release Date: 10/09/2000 Application: iPlanet's iCal version 2.1 Patch 2 Platform: Solaris 2.6 Severity: Local attacker can obtain root access Author:...

Redhat Linux 6.x remote root exploit

Hi, Included below is an exploit for the recently exposed linux rpc.statd format string vulnerability0. I have tailored it towards current Redhat Linux 6.x installations. It can easily be incorporated into attacks against the other vulnerable Linux distributions. I am not a security expert, but...

BitchX /ignore bug

I don't know whether this is the right place to put it, but i'm going to anyway : Because of a simple /invite nickname sssssssss, BitchX will segfault and coredump. This is a small programming error, you can find a patch at this location: http://root66.org/karin/BitchX-bug-patch-3-juli-2000.tar.g...

antisniff x86/linux remote root exploit, including "fixed" 1.02 version

/ l0phtl0phe.c - antisniff exploit 1.02 included -sc/teso gcc -o l0phtl0phe l0phtl0phe.c -Wall -lnet libnet-config --defines description: l0pht messed up the fix for their problem in antisniff by not regarding the type signedness properties of the char and int values used. this results in a cool...

Back Door in Commercial Shopping Cart

Trojanized Commercial Shopping Cart =============================================================== Dansie Shopping Cart Version : 3.04 presumably earlier versions as well Author : Craig Dansie URL : http://www.dansie.net/ Language : Perl both NT and Unix platforms are vulnerable License :...

unixware7.dtappgather.txt

Date: Wed, 3 Nov 1999 10:51:52 -0800 PST From: Sangfroid Subject: bugtraq post Introduction to w00giving '99 RFP's most excellent 0kt0berfest commitment to working for everyman to make the world more secure, caused w00w00 to stop and give thought to our collective contribution to the world of...

proftpd_exploiting_toolkit.txt

Subject: proftpd To: [email protected] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 / babcia padlina ltd. poland, 17/08/99 your ultimate proftpd pre0-3 exploiting toolkit based on: - adm-wuftpd by duke - kombajn do czere¶ni by Lam3rZ thx for shellcode! thx and greetz. / include include...

bsd_flags.txt

Subject: [email protected]: FreeBSD-SA-99:01: BSD File Flags and Programming Techniques To: [email protected] [email protected] 1.ems Content-Type: text/plain; charset=us-ascii PGP Signature Status: unknown Signer: Unknown, Key ID xBE7497F1 Signed: 9/3/99 11:38:10 PM...

InfernoJJF.txt

J.J.F. / Hackers Team - Security Advisory =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Fecha: 18/1/1999 Autor: Conde Vampiro URL: http://www.jjf.org Aplicacion: Sistema Operativo: Inferno 2.0 en plataforma Windows. Posiblemente tambien estan afectadas todas las plataformas que corran Inferno...

WinWebserver-exploit.txt

http://www.sddt.com/files/library/98/06/25/tbc.html Source Programmers Discover Internet Server Bug Daily Transcript Business Report June 25, 1998 Programmers at San Diego Source, the online news service of the San Diego Daily Transcript, have discovered a security hole affecting Web server...

DataLynx suGuard 1.0 - Local Privilege Escalation

DataLynx suGuard 1.0 - Local Privilege Escalation source: https://www.securityfocus.com/bid/186/info A vulnerability exists within the DataLynx's suGuard program which allows a local attacker to gain administrative privilege by exploiting poor use of the /tmp directory and poor programming...

AIX lquerylv - Local Buffer Overflow Local Privilege Escalation

AIX lquerylv - Local Buffer Overflow Local Privilege Escalation include include include char prog100="/usr/sbin/lquerylv"; char prog230="lquerylv"; extern int execv; char createvarchar name,char value char c; int l; l=strlenname+strlenvalue+4; if ! c=mallocl perror"error allocating";exit2;;...