security flaw

The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the keylength variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befo...

Debian DSA-1258-1 : mozilla-thunderbird - several vulnerabilities

Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-6497 Several vulnerabilities in the layout engine allow remote attackers to cause ...

Debian DSA-1256-1 : gtk+2.0 - programming error

It was discovered that the image loading code in the GTK+ graphical user interface library performs insufficient error handling when loading malformed images, which may lead to denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

DTSA-32-1 bcfg2 - programming error

Bulletin has no description...

Skillfully crack open someone ASP Trojan password method-vulnerability warning-the black bar safety net

Crack the objective: to crack a encrypted Asp Trojan login password. Since the Trojan there is no version described, specific also don't know what this Trojan is called what name. Crack idea: the two, with the encrypted password replaces the ciphertext and use the ciphertext and the encryption...

[SECURITY] [DSA 1245-1] New proftpd packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1245-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 7th, 2006 http://www.debian.org/security/faq -...

Integer overflow:attack

Digital Scream January, 2003 Integer overflow: attack Hello! Recently, the number of people involved in IT security has grown significantly. Consequently, there was a breakthrough in the implementation of some attacks... And that is why this article is about a new type of Integer Overflow attack...

inetmedia.txt

Description: ============ Multiple XSS and SQL injection vulnerabilities were found in Inetmedia's web services cityinfo.pl and cityaz.de, which my be exploited by attackers to gain confidential information and/or modify datebase. These flaws are due to PHP programming mistakes in:...

Timesheet Login.PHP SQL注入漏洞

Timesheet是一款基于PHP的网络日记程序。 Timesheet不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击获得敏感信息。 问题是由于'Login.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 Timesheet PHP Timesheet 1.2.1 http://www.timesheetphp.com/...

Modicon Modbus/TCP Programming Function Code Access

Binary data scadamodbusmodiconprogram.nbin...

AT-TFTP Buffer Overflow (Long filename) Vulnerability Exploit

No description provided by source. !/usr/bin/python Buffer Overflow Long filename Vulnerability Exploit This is just a DoS exploiting code Tested on Windows xp SP2 Requires python and impacket Coded by Liu Qixu Of NCNIPC import socket import sys host = '192.168.1.11' port = 69 try: s =...

Debian DSA-1217-1 : linux-ftpd - programming error

Paul Szabo discovered that the netkit ftp server switches the user id too late, which may lead to the bypass of access restrictions when running on NFS. This update also adds return value checks to setuid calls, which may fail in some PAM configurations. %NASLMINLEVEL 70300 C Tenable Network...

Debian DSA-1202-1 : screen - programming error

'cstone' and Rich Felker discovered that specially crafted UTF-8 sequences may lead an out of bands memory write when displayed inside the screen terminal multiplexer, allowing denial of service and potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Debian DSA-1203-1 : libpam-ldap - programming error

Steve Rigler discovered that the PAM module for authentication against LDAP servers processes PasswordPolicyReponse control messages incorrectly, which might lead to an attacker being able to login into a suspended system account. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...

[SECURITY] [DSA 1203-1] New libpam-ldap packages fix access control bypass

-------------------------------------------------------------------------- Debian Security Advisory DSA 1203-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 2nd, 2006 http://www.debian.org/security/faq -...

expect (/usr/bin/expect) buffer overflow

No description provided by source. / hhp-expectsmash.c 12/11/00 expect /usr/bin/expect buffer overflow. Tested 5.31.8 and 5.28.1, slackware 7.x Maybe others. By: isox Site: www.hhp-programming.net Advisory: www.hhp-programming.net/ouradvisories/hhp-expectadv%2317.txt / include stdio.h include...

Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit (PoC)

No description provided by source. !/usr/bin/python Easy File Sharing FTP Server 2.0 PASS 0day PoC exploit Proof of Concept: execute calc.exe Bug found by h07 [email protected] Tested on XP SP2 polish Date: 28.07.2006 BUFFPASS + 0x20+0x2c+NOP 2571+0x41414141+\r\n EIP = 0x41414141 host = "127.0.0.1"...

A simple analysis of Linux kernel vulnerability issues-vulnerabilities and early warning-the black bar safety net

With Windows compared to Linux is considered to have better security and other extended properties. These features make the Linuxoperating systemfield meteoric rise, more and more attention. As the Linux application to increase the amount of its security has gradually been public, or even hacking...

Debian DSA-900-3 : fetchmail - programming error

Due to restrictive dependency definition for fetchmail-ssl the updated fetchmailconf package couldn't be installed on the old stable distribution woody together with fetchmail-ssl. Hence, this update loosens it, so that the update can be pulled in. For completeness we're including the original...

Debian DSA-1060-1 : kernel-patch-vserver - programming error

Jan Rekorajski discovered that the kernel patch for virtual private servers does not limit context capabilities to the root user within the virtual server, which might lead to privilege escalation for some virtual server specific operations. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...