Mercury/32 <= 4.01b - PH Server Module Buffer Overflow

No description provided by source. $Id: mercuryphonebook.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

AIX 6.1 TL 8 : xorg (IV52184)

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted ImageText request that triggers...

UBUNTU-CVE-2013-6123

Multiple array index errors in drivers/media/video/msm/server/msmcamserver.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node...

Amazon Linux AMI : subversion (ALAS-2013-269)

The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request. The getparentresource...

DEBIAN-CVE-2013-4558

The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...

CVE-2013-4396

Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted ImageText request that triggers...

CiscoWorks Common Services Arbitrary Code Execution (cisco-sa-20101027-cs)

The version of CiscoWorks Common Services installed on the remote Windows host is potentially affected by multiple buffer overflows in the Cisco developed authentication code of the web server module. By exploiting these flaws, a remote, unauthenticated attacker could execute arbitrary code subje...

CVE-2013-1847

The moddavsvn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an anonymous LOCK for a URL that does not exist...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

JBoss Enterprise Application Platform 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

DarkComet-RAT v4.2 fwb (Firewall bypass)

DarkComet-RAT v4.2 fwb Firewall bypass This version is firewall bypass it will inject to web browsers and bypass firewall rules. Targets are in this order : Firefox, Opera, Chrome, Safari, Internet Explorer and Explorer if all fails normally never then it runs normally. Notice now you can use...

subversion: security udpate (important)

Subversion was updated to version 1.6.17 to fix several security issues: - CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes al...

Debian DSA-2251-1 : subversion - several vulnerabilities

Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-1752 The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. ...

Buffer overflow

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port 1 443 or 2 1741, aka Bug ID CSCti41352...

Mercury/32 <= v4.01b PH Server Module Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Mercury/32 %...

Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability

Eggdrop Server Module is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected...

eggdrop -- denial of service vulnerability

Secunia reports: The vulnerability is caused due to an error in the processing of private messages within the server module /mod/server.mod/servrmsg.c. This can be exploited to cause a crash by sending a specially crafted message to the bot...

CVE-2009-0870

CVE-2009-0870 affects Sun Solaris 10 (and OpenSolaris before snv_111) where the NFSv4 Server kernel module can cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem shared via NFSv4, due to the rfs4_op_readdir path. Affected platforms include Solaris 10 SPARC a...

Eggdrop Server Module Message Handling - Remote Buffer Overflow

/ Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability https://www.securityfocus.com/bid/24070 discovered by Bow Sineath tested on eggdrop 1.6.18 / linux 2.4 -exploit is a fake ircd replace shellcode.. strip 0x00,0x0a and a few more probably. remember to add \n at end of...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Microsoft IIS ISAPI filter aka application server module in University of Washington Pubcookie 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vecto...

JanaServer < 2.4.5 Multiple Remote DoS

According to its banner, the version of JanaServer running on the remote host has the following denial of service vulnerabilities : - The 'http-server' module TCP port 2506 does not correctly process requests containing a lot of occurences of the '%' character, causing it to consume a large amoun...