DEBIAN-CVE-2006-3251

Heap-based buffer overflow in the arraypush function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries...

linux/x86 execve(/bin/sh) + RIFF Header 28 bytes

No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RIFF Header - 28 bytes root@magicbox: file linux-sh-riffhdr.bin linux-sh-riffhdr.bin: RIFF little-endian data - izik [email protected] / char shellcode = // // RIFF Header 5 bytes // "\x52" // push %edx "\x49" // dec...

Design/Logic Flaw

The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...

CVE-2006-1365

The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...

CVE-2006-1365

The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices aka Device History, and possibly obtain AT level access to the target device, by...

linux/x86 execve(/bin/sh) / PUSH - 23 bytes

No description provided by source. / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik [email protected] / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x2f\x2f\x73\x68" // push $0x68732f2f "\x68\x2f\x62\x69\x6e" // push...

linux/x86 execve(/bin/sh) / PUSH - 23 bytes

Exploit for linux/x86 platform in category shellcode =========================================== linux/x86 execve/bin/sh / PUSH - 23 bytes =========================================== / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik / char shellcode = "\x6a\x0b" // push $0xb...

linux/x86 execve/bin/sh / PUSH - 23 bytes

linux/x86 execve/bin/sh / PUSH - 23 bytes. Shellcode exploit for linx86 platform / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x2f\x2f\x73\x68" // push $0x68732f2f...

security flaw

Memory leak in the icmppushreply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service memory consumption via a large number of crafted packets that cause the ipappenddata function to fail, aka "DST leak in icmppushreply."...

CVE-2006-0253

CVE-2006-0253 describes a buffer overflow in the Bluetooth OBEX Object Push service of AmbiCom Blue Neighbors, specifically in the Blue Neighbors.EXE client. The vulnerability arises from processing a long file name (RFILE argument to ussp-push), enabling a remote attacker to potentially execute ...

CVE-2006-0253

Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Neighbors 2.50 Build 2500 and earlier allows remote attackers to execute arbitrary code via a long file name, as demonstrated via a long RFILE argument to ussp-push...

security flaw

Memory leak in the icmppushreply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service memory consumption via a large number of crafted packets that cause the ipappenddata function to fail, aka "DST leak in icmppushreply."...

AmbiCom Blue Neighbors 2.50 build 2500 - BlueTooth Stack Object Push Buffer Overflow

source: https://www.securityfocus.com/bid/16258/info AmbiCom Blue Neighbors Bluetooth stack is prone to a buffer overflow vulnerability. The issue exists in the Object Push Service. This issue allows remote attackers to execute arbitrary code in the context of the vulnerable application. Failed...

AmbiCom Blue Neighbors 2.50 build 2500 - BlueTooth Stack Object Push Buffer Overflow

AmbiCom Blue Neighbors 2.50 build 2500 - BlueTooth Stack Object Push Buffer Overflow source: https://www.securityfocus.com/bid/16258/info AmbiCom Blue Neighbors Bluetooth stack is prone to a buffer overflow vulnerability. The issue exists in the Object Push Service. This issue allows remote...

AmbiCom bluetooth stack / module buffer overflow

Buffer overflow on oversized filename in PUSH oparation...

CVE-2006-0212

CVE-2006-0212 concerns the OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier. The vulnerability is a directory traversal that lets remote attackers upload arbitrary files to arbitrary remote locations by exploiting .. (dot dot) sequences, as demonstrated by ..\ sequences in the...

[Full-disclosure] DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'

DMA2006-0112a - 'Toshiba Bluetooth Stack Directory Transversal' Author: Kevin Finisterre Vendor: http://www.toshiba-tro.de/ Product: 'Toshiba Bluetooth Stack =v4.00.23T' References: http://www.digitalmunition.com/DMA2006-0112a.txt Description: Toshiba was one of the first companies to provide a...

CVE-2005-3848

Memory leak in the icmppushreply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service memory consumption via a large number of crafted packets that cause the ipappenddata function to fail, aka "DST leak in icmppushreply."...

OpenVPN[v2.0.x]: foreign_option() formart string vulnerability.

[email protected]: OpenVPNv2.0.x: foreignoption format string vulnerability. 1. BACKGROUND OpenVPN is a robust and highly configurable VPN Virtual Private Network daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal...

linux/x86 /bin/sh sysenter Opcode Array Payload 45 bytes

Exploit for linux/x86 platform in category shellcode ======================================================== linux/x86 /bin/sh sysenter Opcode Array Payload 45 bytes ======================================================== / lnxbinsh2.c - v1 - 45 Byte /bin/sh sysenter Opcode Array Payload...