2230 matches found
PostNuke 0.764 - Blind SQL Injection
!/usr/bin/python ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This was a priv8 Exploit...
linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes
No description provided by source. / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik [email protected] / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push $0x6d6f646e "\x68\x2f\x75\x72\x61" // push $0x6172752f...
Microsoft Windows Mobile短信处理器来源迷惑漏洞
BUGTRAQ ID: 26091 CVECAN ID: CVE-2007-5493 Windows Mobile是微软开发的用于手机的操作系统。 Windows Mobile的短信处理器中存在安全漏洞,如果发送了特制的WAP PUSH消息的话,就可能在接收者的手机上隐藏原始短信的发送者。 原始PDU如1所示,以下PDU会导致Pocket PC电话版本的SMS处理器错误的解码PDU,这样发送者的手机号码和发送时间都是错误的。 1 PDU(自动换行) 079144775810065051220C914477619269060004A7600605040B8423F025060803AE81...
Design/Logic Flaw
The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows attackers to hide the sender field of an SMS message via a malformed WAP PUSH message that causes the PDU to be incorrectly decoded...
CVE-2007-5493
The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows attackers to hide the sender field of an SMS message via a malformed WAP PUSH message that causes the PDU to be incorrectly decoded...
CVE-2007-5493
CVE-2007-5493 affects Microsoft Windows Mobile 2005 Pocket PC Phone Edition. The vulnerability exists in the SMS handler where a specially crafted WAP PUSH can cause the PDU to be decoded incorrectly, allowing an attacker to hide the original sender field of an SMS without user interaction. The c...
CVE-2007-5493
The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows attackers to hide the sender field of an SMS message via a malformed WAP PUSH message that causes the PDU to be incorrectly decoded...
Code injection
The Nokia N70 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0523
The Nokia N70 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0521
The Sony Ericsson K700i and W810i phones allow remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
Code injection
The LG Chocolate KG800 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0522
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
Code injection
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0523
The CVE-2007-0523 entry concerns the Nokia N70 and a DoS caused by repeatedly OBEX pushing a file over Bluetooth, leading to continual modal dialogs and UI unavailability. Affected component is the Bluetooth OBEX push handling; root cause is not explicitly detailed in the provided documents beyon...
CVE-2007-0522
CVE-2007-0522 affects the Motorola MOTORAZR V3 via a flaw in OBEX push over Bluetooth that can trigger repeated file transfers (ussp-push) and cause denial of service through continual modal dialogs and UI unavailability. Impact is UI blocking; CVSS metrics indicate low base score (3.3) with adja...
CVE-2007-0522
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service continual modal dialogs and UI unavailability by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push...
CVE-2007-0521
The CVE-2007-0521 entry concerns Sony Ericsson K700i and W810i phones. Affected component: Bluetooth OBEX push functionality. Root cause: repeated OBEX push attempts (as demonstrated by ussp-push) trigger continual modal dialogs, rendering the UI unavailable and causing a denial of service. Impac...
Bluetooth DoS by obex push
Hello, during a course project studying security and privacy related to Bluetooth, we discovered a simple but effective DoS attack using OBEX push. Using ussp-push 1, it is possible to send out files very quickly. By continuously trying to push a ?le, the target is ?ooded with prompts whether to...
linux/x86 - execve/bin/sh 22 bytes
linux/x86 execve/bin/sh 22 bytes. Shellcode exploit for linx86 platform / revenge-execve.c, v1.0 2006/10/14 16:32 Yet another linux execve shellcode.. linux/x86 execve"/bin//sh/","/bin//sh",NULL shellcode http://www.0xcafebabe.it But this time it's 22 bytes We could start the shellcode with a mov...
FreeBSD : hashcash -- heap overflow vulnerability (2be7c122-0614-11db-9156-000e0c2e438a)
Andreas Seltenreich reports that hashcash is prone to a heap overflow vulnerability. This vulnerability is caused by improper checking of memory allocations within the 'arraypush' function. An attacker could trigger this vulnerability by passing a lot of '-r' or '-j' flags from the command line,...