CVE-2005-3652

Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response...

MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:220 http://www.mandriva.com/security/ Package : kernel Date : November 30, 2005 Affected: 10.2 Problem Description: Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this...

CVSTrac history.c history_update function overflow

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the historyupdate function in history.c that may allow an attacker to cause a buffer overflow and execute arbitrary code on the remote system. OpenVAS has...

CVSTrac history.c history_update function overflow

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the historyupdate function in history.c that may allow an attacker to cause a buffer overflow and execute arbitrary code on the remote system...

CVSTrac ticket title arbitrary command execution

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to ticket titles containing a semi-colon ';' that may allow an attacker to execute arbitrary commands on the system. OpenVAS has determined the vulnerability...

CVSTrac invalid ticket DoS

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to invalid tickets that may allow an attacker to cause the application to crash. An attacker, exploiting this flaw, would be able to remotely shut down the...

Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)

Exploit for linux platform in category local exploits =========================================================================== Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit update =========================================================================== / Due to many...

security flaw

Format string vulnerability in the protoitemsettext function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet...

Sql injection and global variables poisoning in XMB Forum 1.9.1

Vendor notified at and partial patch: http://forums.xmbforum.com/viewthread.php?tid=754523 firstly the input validation at xmb.php: foreach $global as $num = $array if isarray$array extract$array, EXTROVERWRITE; this should put to not overwrite any variables cause it overwrite server set variable...

Squid Set-Cookie Header Cross-session Information Disclosure

The remote Squid caching proxy, according to its banner, is prone to an information disclosure vulnerability. Due to a race condition, Set-Cookie headers may leak to other users if the requested server employs the deprecated Netscape Set-Cookie specifications with regards to how cacheable content...

FreeBSD : perl -- vulnerabilities in PERLIO_DEBUG handling (a5eb760a-753c-11d9-a36f-000a95bc6fae)

Kevin Finisterre discovered bugs in perl's I/O debug support : - The environmental variable PERLIODEBUG is honored even by the set-user-ID perl command usually named sperl or suidperl. As a result, a local attacker may be able to gain elevated privileges. CVE-2005-0155 - A buffer overflow may occ...

Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution

// Exploit by Michael Krax Firewalling - Proof-of-Concept function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the real image got loaded window.setTimeout"window.stop",1000; Firewalling - Proof-of-Concept The "Set As Wallpaper" dialog takes...

Mozilla Firefox <= 1.0.4 "Set As Wallpaper" Code Execution Exploit

Exploit for unknown platform in category remote exploits ================================================================== Mozilla Firefox Firewalling - Proof-of-Concept function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the real image go...

Mozilla Firefox &lt;= 1.0.4 &quot;&quot;Set As Wallpaper&quot;&quot; Code Execution Exploit

No description provided by source. // Exploit by Michael Krax !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" html head titleFirewalling - Proof-of-Concept/title script function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the...

FreeBSD : kstars -- exploitable set-user-ID application fliccd (0512b761-70fb-40d3-9954-aa4565528fa8)

A KDE Security Advisory explains : Overview KStars includes support for the Instrument Neutral Distributed Interface INDI. The build system of this extra 3rd party software contained an installation hook to install fliccd part of INDI as SUID root application. Erik Sjolund discovered that the cod...

Code execution via "Set as Wallpaper" — Mozilla

If an attacker can convince a victim to use the "Set As Wallpaper" context menu item on a specially crafted image then they can run arbitrary code on the user's computer. The image "source" must be a javascript: url containing an eval statement and such an image would get the "broken image" icon,...

ASPNuke 0.80 - article.asp SQL Injection

ASPNuke 0.80 - article.asp SQL Injection !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR: ASPNuke ASP Portal Expl0it By: [email protected] Discovered By: Trap-Set Underground Hacking Team oilKarchacK GR33tz T0 == Alphaprogrammer -- oilKarchack -- theCephale...

ASPNuke <= 0.80 (article.asp) SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================== ASPNuke Alphaprogrammer -- oilKarchack -- theCephaleX -- Str0ke And Iranian Security & Technical Sites: IHS TeaM , alphaST , Shabgard Security Team , Emperor Hacking Team , Crouz Security...

ASPNuke 0.80 - &#039;article.asp&#039; SQL Injection

!/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR: ASPNuke ASP Portal Expl0it By: [email protected] Discovered By: Trap-Set Underground Hacking Team oilKarchacK GR33tz T0 == Alphaprogrammer -- oilKarchack -- theCephaleX -- Str0ke And Iranian Security &...

Unpassworded 'mpi' Account

The account 'mpi' on the remote host does not have a password set. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "mpi"; password = ""; include'deprecatednasllevel.inc'; include'compat.inc'; if description...