4972 matches found
Debian DSA-1555-1 : iceweasel - programming error
It was discovered that crashes in the JavaScript engine of Iceweasel, an unbranded version of the Firefox browser, could potentially lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1558-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 24, 2008 http://www.debian.org/security/faq -...
Debian DSA-1550-1 : suphp - programming error
It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Debian: Security Advisory (DSA-1551-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1541-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
XM Easy Personal FTP Server 5.4.0 - XCWD Denial of Service
XM Easy Personal FTP Server 5.4.0 - XCWD Denial of Service !/usr/bin/python XM Easy Personal FTP Server 5.4.0 XCWD DoS When admin looks at the server log, application crashes : Elhamdulillahi Rabbil-alemin! bt ./sploit.py + Saljemo zli bafer : + Now wait until the admin looks at server log : +...
Prediction Football 1.x - 'matchid' SQL Injection
/ Prediction Football v 1.x Remote SQL INJECTION Discovered by 0in from Dark-Coders Programming & Security Group. !!!!!! http://dark-coders.4rh.eu !!!!!! Contact: 0indotemailatgmaildotcom Greetz to all Dark-Coders Group Members: DieAngel, Sun8hclf, M4r1usz, Djlinux, Aristo89 Script homepage:...
Novel eDirectory HTTP - Denial of Service
!/usr/bin/python Novel eDirectory HTTP DOS Discovered and coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/novel-edir.py.txt import socket import os import sys from time import sleep biff=""2048 print " Payload sent "+ strlenbuff expl = socket.socket...
Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service
!/usr/bin/python Mcafee EPO 4.0 and others FrameworkService.exe DOS More than meets the eye Discovered and coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/mcafeeagain.py.txt EAX 00840C30 ECX 00837830 EDX 01EACF18 EBX 00004000 ESP 01EAFF04 EBP 01EAFF38...
PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit
No description provided by source. !/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port = 69 try:...
TFTP Server 1.4 - ST Buffer Overflow
TFTP Server 1.4 - ST Buffer Overflow !/usr/bin/python TFTP Server for Windows V1.4 ST 0day http://sourceforge.net/projects/tftp-server/ Tested on Windows Vista SP0. Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/sourceforge-tftpd.py.txt bt...
PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service
!/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port = 69 try: s = socket.socketsocket.AFINET, socket.SOCKDGRAM except:...
PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service
PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service !/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port ...
Debian DSA-1522-1 : unzip - programming error
Tavis Ormandy discovered that unzip, when processing specially crafted ZIP archives, could pass invalid pointers to the C library's free routine, potentially leading to arbitrary code execution CVE-2008-0888 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Home FTP Server 1.4.5 Remote Denial of Service Exploit
No description provided by source. Discovered by 0in from DaRk-CodeRs Programming & Security Group Contact: 0indotemailatgmaildotcom Thats a very funny bug, and nobody understand how it works; When we send a python FTP retrlines function bad command and create a new connection server got DoS... o...
Debian DSA-1518-1 : backup-manager - programming error
Micha Lenk discovered that backup-manager, a command-line backup tool, sends the password as a command line argument when calling a FTP client, which may allow a local attacker to read this password which provides access to all backed-up files from the process listing. %NASLMINLEVEL 70300 C Tenab...
php5. 2. 3 remote CGI buffer overflow vulnerability-vulnerability warning-the black bar safety net
yuange Affected versions: php5. 2. 3 Does not affect the version: other version php5. 2. 3 in processing the CGI of the time, due to a programming error, missing parentheses, and wrong calculation of string length, resulting in a heap buffer overflow and possible remote execution of arbitrary cod...
[SECURITY] [DSA 1507-1] New turba2 packages fix permission testing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1507-1 [email protected] http://www.debian.org/security/ Steve Kemp February 24, 2008 http://www.debian.org/security/faq -...
Debian DSA-1507-1 : turba2 - programming error
Peter Paul Elfferich discovered that turba2, a contact management component for horde framework, did not correctly check access rights before allowing users to edit addresses. This could result in valid users being able to alter private address records. %NASLMINLEVEL 70300 C Tenable Network...
Debian DSA-1501-1 : dspam - programming error
Tobias Grutzmacher discovered that a Debian-provided CRON script in dspam, a statistical spam filter, included a database password on the command line. This allowed a local attacker to read the contents of the dspam database, such as emails. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...