kernel: rt_cache leak leads to lack of network connectivity

The icmpsend function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache aka DST in some situations involving transmission of an ICMP Host Unreachable message, which allows remo...

CVE-2009-1047

CVE-2009-1047 is a Drupal XSS vulnerability in the Send by e-mail module of the Printer, e-mail and PDF versions module. The issue affects Drupal 5.x before 5.x-4.4 and 6.x before 6.x-1.4, enabling remote attackers to inject arbitrary web script or HTML via outbound HTML e-mail. Impact is web ses...

CVE-2009-1047

Cross-site scripting XSS vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via vectors involving outbound HTML e-mail...

Design/Logic Flaw

Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API...

CVE-2009-1037

CVE-2009-1037 affects Drupal’s Send by e-mail module within the "Printer, e-mail and PDF versions" module. The vulnerability concerns the flood control API and allows remote attackers to cause unlimited spam messages via vectors related to flood control behavior. Affected versions are 5.x before ...

Wordpress 2.7.0 admin remote code execution vulnerability-vulnerability warning-the black bar safety net

by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com date: 2008-12-18 Analysis: This vulnerability out in the background: wp-admin/post.php if currentusercan'editpost', $postID if $last = wpcheckpostlock $post-ID $lastuser = getuserdata $last ; $lastusername = $lastuser ?...

CVE-2008-4311

The default configuration of system.conf in D-Bus aka DBus before 1.2.6 omits the sendtype attribute in certain rules, which allows local users to bypass intended access restrictions by 1 sending messages, related to sendrequestedreply; and possibly 2 receiving messages, related to...

DEBIAN-CVE-2008-4311

The default configuration of system.conf in D-Bus aka DBus before 1.2.6 omits the sendtype attribute in certain rules, which allows local users to bypass intended access restrictions by 1 sending messages, related to sendrequestedreply; and possibly 2 receiving messages, related to...

MyTopix 1.3.0 - SQL Injection

MyTopix 1.3.0 - SQL Injection evil = ''; $this - socket = socketcreateAFINET, SOCKSTREAM, SOLTCP; $this - inj = '-1+UNION+SELECT+concatmembersname,0x3a,memberspass+FROM+mymembers+WHERE+membersid=2--'; private function send$packet if!$this - socket $this - socket = socketcreateAFINET, SOCKSTREAM,...

absolutefilesend-cookie.txt

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure cookie handling script : Absloute File Send see script http://www.xigla.com/afilesend/demo.htm Greetz : Allah ,...

Absolute File Send 1.0 Remote Cookie Handling Vulnerability

No description provided by source. | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure cookie handling script : Absloute File Send see script...

Absolute File Send 1.0 Remote Cookie Handling Vulnerability

Exploit for unknown platform in category web applications =========================================================== Absolute File Send 1.0 Remote Cookie Handling Vulnerability =========================================================== | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | |...

Absolute File Send 1.0 - Remote Insecure Cookie Handling

| | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure cookie handling script : Absloute File Send see script http://www.xigla.com/afilesend/demo.htm Greetz : Allah ,...

Absolute File Send 1.0 - Remote Insecure Cookie Handling

Absolute File Send 1.0 - Remote Insecure Cookie Handling | | / | \ \ / / / | / | | | | \ | | | | \ V / | | | | | | | | | | | | | || | | | | | | | | | | | | | | || | / || | || \ | Author : Hakxer Home : Www.educ-up.com Type Gap : Insecure cookie handling script : Absloute File Send see script...

CVE-2008-3646

The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users...

freebsd/x86 - connect back.send.exit /etc/passwd 112 bytes

freebsd/x86 connect back.send.exit /etc/passwd 112 bytes. Shellcode exploit for freebsdx86 platform CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 connect back.send.exit /etc/passwd 112 bytes This is the FreeBSD version of 0in's shellcode http://milw0rm.com/shellcode/6263 really...

linux/x86 connect back.send.exit /etc/shadow 155 bytes

Exploit for linux/x86 platform in category shellcode ====================================================== linux/x86 connect back.send.exit /etc/shadow 155 bytes ====================================================== ; CoDed by 0in ; Dark-Coders Group Productions ; Linux x86 connect back&send&ex...

linux/x86 - connect back.send.exit /etc/shadow 155 bytes

linux/x86 connect back.send.exit /etc/shadow 155 bytes. Shellcode exploit for linx86 platform ; CoDed by 0in ; Dark-Coders Group Productions ; Linux x86 connect back&send&exit /etc/shadow 155 byte shellcode ; www.dark-coders.pl nc -v -l -p 8192 ; 2nd console ;Connection from 127.0.0.1:48820...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Send-A-Card srsendcard extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-3028

Multiple cross-site scripting XSS vulnerabilities in the Send-A-Card srsendcard extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...