CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

nfs-utils rpc.gssd privilege escalation

Unsafe PTR DNS record resoulution is used in a security related operation...

FreeBSD - SCTP Remote NULL Ptr Dereference Denial of Service

/ FreeBSD kernel SCTP latest release remote NULL ptr dereference DoS by Shaun Colley , 2 Aug 2012 The SCTP implementation used by FreeBSD "reference implementation" is vulnerable to a remote NULL pointer dereference in kernel due to a logic bug. When parsing ASCONF chunks, an attempt is made to...

PHP <= 5.4.3 wddx_serialize_* / stream_bucket_* Object Null Ptr Dereference

Exploit for php platform in category dos / poc 4.1.0 and PHP 5. For more details check : http://php.net/manual/en/class.variant.php PS2: After running this via webser...

PHP 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Dereference

4.1.0 and PHP 5. For more details check : http://php.net/manual/en/class.variant.php PS2: After running this via webserver my Apache wasn't able to handle requests anymore and I had to restart him : kthxbye /...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608)

This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes : - Added missing capability checks in sbniioctl. CVE-2008-3525 - On AMD64 some string operations could leak kernel information into userspace. CVE-2008-0598 - Added range checki...

kernel: security and bugfix update. (important)

The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-269...

MySQL 5.5.8 remote denial of service proof of concept exploit

No description provided by source. import socket, sys print "\n" print "----------------------------------------------------------------" print "| MySQL 5.5.8 Null Ptr windows |" print "| Level Smash the Stack |" print "----------------------------------------------------------------" print "\n"...

putty 0.60 Denial Of Service

Exploit for windows platform in category dos / poc print "\n" print "----------------------------------------------------------------" print "| putty 0.60 Null Ptr |" print "| Level Smash the Stack |" print "----------------------------------------------------------------" print "\n" import sys,...

RHEL 6 : subversion (RHSA-2011:0328)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0328 advisory. - subversion moddavsvn: DoS NULL ptr deref by a lock token sent from a not authenticated Subversion client CVE-2011-0715 Note that Nessus has not...

RHEL 5 : subversion (RHSA-2011:0327)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0327 advisory. Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of fil...

RHEL 6 : kernel (RHSA-2010:0842)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0842 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: Missi...

Design/Logic Flaw

Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...

CVE-2010-0500

The CVE-2010-0500 vulnerability affects Apple Mac OS X Event Monitor prior to 10.6.3. The issue arises from improper validation of SSH client hostnames, allowing a remote attacker to trigger a denial of service by crafting a DNS PTR record, with the attack tied to a plist injection handling path....

CVE-2010-0500

Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...

dns-zone-transfer NSE Script

Requests a zone transfer AXFR from a DNS server. The script sends an AXFR query to a DNS server. The domain to query is determined by examining the name given on the command line, the DNS server's hostname, or it can be specified with the dns-zone-transfer.domain script argument. If the query is...

Enlightenment - Linux Null PTR Dereference Exploit Framework

No description provided by source. / enlightenment 200909092307 To create your own exploit module for enlightenment, just name it expwhatever.c It will be auto-compiled by the runexploits.sh script and thrown into the list of loaded exploit modules Each module must have the following features: It...

Enlightenment - Linux Null PTR Dereference Framework

Enlightenment - Linux Null PTR Dereference Framework / enlightenment 200909092307 To create your own exploit module for enlightenment, just name it expwhatever.c It will be auto-compiled by the runexploits.sh script and thrown into the list of loaded exploit modules Each module must have the...

Enlightenment - Linux Null PTR Dereference Exploit Framework

Exploit for linux platform in category local exploits ============================================================ Enlightenment - Linux Null PTR Dereference Exploit Framework ============================================================ / enlightenment 200909092307 To create your own exploit modu...

Enlightenment - Linux Null PTR Dereference Framework

/ enlightenment 200909092307 To create your own exploit module for enlightenment, just name it expwhatever.c It will be auto-compiled by the runexploits.sh script and thrown into the list of loaded exploit modules Each module must have the following features: It must include this header file,...