5605 matches found
By the PHP imap function to bypass safe mode and open_basedir restrictions vulnerability thought-the vulnerability of early warning-the black bar safety net
Last night in the green League saw this vulnerability announcement, 2 on 2 8, released, is imapopen of the module exists on the vulnerability, a local attacker could use this vulnerability to unauthorized traversal of the mail directory, illegal create, delete, playback command file. The most...
Design/Logic Flaw
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how...
Turns into battle:Linux under find the vulnerability of the N kinds of weapons-a vulnerability warning-the black bar safety net
Before reading this article, we also need to Linux system basicsecuritycharacteristics have a certain understanding The Linux operating system is an open-source freeOS, it is not onlysecurity, stability, low cost, and are rarely found to have a virus spread, and therefore, the Linux operating...
mb_send_mail() PHP safe mode protection bypass
mbsendmail and imap unfctions allow to access system files...
PHP 4.x5.05.1 with Sendmail Mail Function - additional_param Arbitrary File Creation
PHP 4.x5.05.1 with Sendmail Mail Function - additionalparam Arbitrary File Creation source: https://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in...
PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_param' Arbitrary File Creation
source: https://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in the 'mbsendmail' function, the 'mail' function, and various PHP IMAP functions...
safari_safefiles_exec.pm.txt
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
Safari archive metadata command execution
Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...
Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit
Exploit for macOS platform in category remote exploits ================================================================= Mac OS X Safari Browser Safe File Remote Code Execution Exploit ================================================================= This file is part of the Metasploit Framework...
Apple Mac OSX Safari Browser - 'Safe File' Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
Microsoft“blocked”online update our“hack”to have surgery-vulnerability warning-the black bar safety net
The Microsoft Windows System vulnerability frequently, in order for the majority of users“responsible for”, Microsoft provide website, online patch update. Who want to make their computer more secure some? Thus are pleased to accept this“free lunch.” But recently found that the update is...
чтение произвольного файла в ODFaq 2.1.0
Программа: ODFaq 2.1.0 http://www.oodie.com/project/odfaq/ Описание: в интерактивной системе ODFaq 2.1.0 существует возможность обхода ограничения на чтение файлов с сервера. В файле config.inc.php в ассоциативном массиве $PAGE прописаны все страницы, доступные для выполнения через параметр P в...
Ubuntu 4.10 / 5.04 / 5.10 : php4, php5 vulnerabilities (USN-232-1)
Eric Romang discovered a local Denial of Service vulnerability in the handling of the 'session.savepath' parameter in PHP's Apache 2.0 module. By setting this parameter to an invalid value in an .htaccess file, a local user could crash the Apache server. CVE-2005-3319 A Denial of Service flaw was...
Ubuntu 4.10 : php4 vulnerabilities (USN-99-2)
USN-99-1 fixed a safe mode bypass which allowed malicious PHP scripts to circumvent path restrictions by creating a specially crafted directory whose length exceeded the capacity of the realpath function CAN-2004-1064. However, this caused severe regressions, some applications like SquirrelMail a...
Ubuntu 4.10 : php4 vulnerabilities (USN-99-1)
Stefano Di Paola discovered integer overflows in PHP's pack and unpack functions. A malicious PHP script could exploit these to break out of safe mode and execute arbitrary code with the privileges of the PHP interpreter. CAN-2004-1018 Note: The second part of CAN-2004-1018 buffer overflow in the...
Ubuntu 4.10 : php4 vulnerabilities (USN-66-1)
FraMe from kernelpanik.org reported that the cURL module does not respect openbasedir restrictions. As a result, scripts which used cURL to open files with an user-specified path could read arbitrary local files outside of the openbasedir directory. Stefano Di Paola discovered a vulnerability in...
Ubuntu 4.10 / 5.04 : ruby1.8 vulnerability (USN-195-1)
The object oriented scripting language Ruby supports safely executing untrusted code with two mechanisms: safe level and taint flag on objects. Dr. Yutaka Oiwa discovered a vulnerability that allows Ruby methods to bypass these mechanisms. In systems which use this feature, this could be exploite...
security flaw
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via 1 a negative offset value to the shmopwrite function, 2 an "integer overflow/underflow" in the pack function, or 3 an "integer...
phpMyAdmin remote command execution
The remote web server contains a PHP application that may allow arbitrary command execution. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...