Lucene search
+L

90 matches found

securityvulns
securityvulns
added 2004/12/22 12:0 a.m.54 views

[Full-Disclosure] iDEFENSE Security Advisory 12.20.04: IBM AIX invscout Local Command Execution Vulnerability

IBM AIX invscout Local Command Execution Vulnerability iDEFENSE Security Advisory 12.20.04 www.idefense.com/application/poi/display?id=171&type=vulnerabilities December 20, 2004 I. BACKGROUND The invscout program is a setuid root application, installed by default under newer versions of IBM AIX,...

7.2CVSS1.4AI score0.00952EPSS
Exploits1
Exploit DB
Exploit DB
added 2004/08/04 12:0 a.m.39 views

OpenFTPd 0.30.1 - message system Remote Shell

/ shouts to mitakeet :D exploit for openftpd format string bug. tested on most current version only. -infamous42md AT hotpop DOT com is real email only tricky part is find a place to stick the shell, as there isn't enough room to send it with the format string. thankfully when using the 'site msg...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2004/06/30 4:0 a.m.27 views

CVE-2004-0622

Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login aka Loginwindow.app, Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory...

5.7AI score0.00356EPSS
Exploits0References5
securityvulns
securityvulns
added 2003/08/04 12:0 a.m.33 views

SRT2003-08-01-0126 - cdrtools local root exploit

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/30 12:0 a.m.36 views

AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (1)

source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory. Data that exceeds the size of the reserved buffer will overflow i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/15 12:0 a.m.44 views

GLIBC locale - Format Strings

/ su.c by xp, modified by logikal@efnet - tested on redhat 5 - 7 / include include include include include include include include char shellcode = "\x31\xc0\x83\xc0\x17\x31\xdb\xcd\x80\xeb" "\x30\x5f\x31\xc9\x88\x4f\x17\x88\x4f\x1a" "\x8d\x5f\x10\x89\x1f\x8d\x47\x18\x89\x47"...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.29 views

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration (1)

MySQL 3.20.323.22.x3.23.x - Null Root Password Weak Default Configuration 1 / source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2002/01/25 12:0 a.m.32 views

rsync 2.3/2.4/2.5 - Signed Array Index Remote Code Execution

// source: https://www.securityfocus.com/bid/3958/info A vulnerability exists within some versions of rsync. Under some circumstances, a remotely supplied signed value is used as an array index, allowing NULL bytes to be written to arbitrary memory locations. Exploitation of this vulnerability...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2002/01/18 12:0 a.m.129 views

Solaris in.telnetd TTYPROMPT Buffer Overflow

漏洞描述:Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris 10的TELNET服务在处理畸形的认证数据时存在漏洞,远程攻击者可能利用此漏洞绕过认证获得访问。 Solaris...

10CVSS6.3AI score0.97848EPSS
Exploits39
securityvulns
securityvulns
added 2001/09/12 12:0 a.m.27 views

security alert: speechd from speechio.org

this is my first post in this kin of thing so bare with me. there is a vulnerability in speechd that alllows you to run arbetrary code as the root user or whoever is running speechd hopefully not root!. it will only work if you are using rsynth, that is all i have tested, it may work on festival...

2AI score
Exploits0
Rows per page
Query Builder