SCO Unixware 7.0/7.0.1/7.1/7.1.1 'coredump' Symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/851/info Under certain versions of SCO UnixWare if a user can force a program with SGID Set Group ID to dump core they may launch a symlink attack by guessing the PID Process ID of the SGID process which they are calling...

IBM Business Process Manager - User Account Reconfiguration

No description provided by source. Exploit Title: IBM BMPS BPM User account reconfiguration/Privilege Escalation/Information Disclosure Date: 31.01.14 Exploit Author: 0in Software link: http://www-03.ibm.com/software/products/en/business-process-manager-family/ Version: 8.0.1.1 newest versions ca...

Mozilla Firefox <= 1.0.4 "Set As Wallpaper" Code Execution Exploit

No description provided by source. // Exploit by Michael Krax !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN html head titleFirewalling - Proof-of-Concept/title script function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the rea...

OpenBSD 3.3/3.4 semctl/semop Local Unexpected Array Indexing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9086/info A local OpenBSD kernel vulnerability has been discovered when handling the semctl and semop system calls. The problem specifically occurs due to improper sanity checking before handling a user-supplied semaphore...

Enigma2 Webinterface 1.7.x 1.6.x 1.5.x (linux) Remote File Disclosure

No description provided by source. !/usr/bin/perl Enigma2 Webinterface 1.7.x 1.6.x 1.5.x remote root file disclosure exploit Author: Todor Donev Email me: todor.donev@@gmail.com Platform: Linux Type: remote Gewgle Dork: Enigma2 movielist filetype:rss Enigma2 is a framebuffer-based zapping...

DreamBox DM800 Arbitrary File Download Vulnerability

No description provided by source. Exploit Title: title Date: date Author: ShellVision Version: dm800 = 1.6rc3 Tested on: dm800 Release 4.6.0 2009-12-24 DreamBox DM800 Arbitrary File Download Vulnerability Vendor: Dream Multimedia GmbH Product web page: http://www.dream-multimedia-tv.de Affected...

Centrinity FirstClass HTTP Server 5/7 TargetName Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9950/info It has been reported that FirstClass HTTP Server may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. The issue...

WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1st)

No description provided by source. !/usr/bin/perl T r a p - S e t U n d e r G r o u n D H a c k i n g T e a m Remote C0mmand Executing Expl0it - For WebAPP CGI Exploit By : A l p h a P r o g r a m m e r Sirus-v ; E-Mail : [email protected] [email protected] This xpl Open a Backdoor in...

ASPNuke <= 0.80 (article.asp) SQL Injection Exploit

No description provided by source. !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR: ASPNuke ASP Portal Expl0it By: [email protected] Discovered By: Trap-Set Underground Hacking Team oilKarchacK GR33tz T0 == Alphaprogrammer -- oilKarchack -- theCephaleX --...

PHPnuke 8.2 - Remote Upload File Exploit

Title : PHPnuke 8.2 Remote Upload File Exploit Author : Net.Edit0r Location : Iran Dork : "POWERED BY PHPNUKE.IR" Category : Remote Email : [email protected] [email protected] Special Thanks To :NetQurd For help in finding bugs Email :[email protected] InformatioN 1.Save code html format ...

Podcast Generator <= 1.2 unauthorized Re-Installation Remote Exploit

No description provided by source. ?php Podcast Generator = 1.2 unauthorized CMS Re-Installation Remote Exploit by staker -------------------------------------- mail: stakerathotmaildotit url: http://podcastgen.sourceforge.net -------------------------------------- it works with registerglobals=o...

Memory corruption

The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...

CVE-2014-3493

The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...

openSUSE Security Update : vte (openSUSE-SU-2010:0404-1)

VTE was vulnerable to an old title set+query attack which could be used by remote attackers to execute arbitrary code CVE-2010-2713. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update vte-2729. T...

OpenJDK: Prevent SIGNATURE_PRIMITIVE_SET from being modified (Security, 8029745)

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security...

OpenJDK: Prevent SIGNATURE_PRIMITIVE_SET from being modified (Security, 8029745)

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security...

[SECURITY] Fedora 20 Update: mingw-icu-50.1.2-3.fc20

ICU is a set of C and C++ libraries that provides robust and full-featured Unicode and locale support. The library provides calendar support, conversions for many character sets, language sensitive collation, date and time formatting, support for many locales, message catalogs and resources,...

CVE-2013-4724

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to...

CVE-2013-4724

CVE-2013-4724 affects DDSN Interactive cm3 Acora CMS versions including 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1 (and possibly others). The issue is failure to set the HTTPOnly flag on a Set-Cookie header for an unspecified cookie, potentially allowing remote attackers to access sensitive cooki...

CVE-2013-4724

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to...