CVE-2006-4250

Buffer overflow in man and mandb man-db 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag...

Denial of Service Vulnerabilities in TrueCrypt 4.3 Linux (re. bid 23180)

TrueCrypt 4.3 for Linux from http://www.truecrypt.org/ It seems to be possible to perform various denial of service attacks on a Linux computer running TrueCrypt in set-uid root mode, or possible introduce evil binaries into normally trusted locations. I tested this on the latest version, 4.3,...

PBlang 4.66z - Remote Code Execution

PBlang 4.66z - Remote Code Execution !/usr/bin/perl PBlang 4.66z Remote Command Execution Exploit this Exploit register a user with admin access - magicquotesgpc = Off - Only work on 4.66z Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use IO::Socket; use LWP::UserAgent; use HTTP::Cookie...

PBlang 4.66z - Remote Create Admin

PBlang 4.66z - Remote Create Admin !/usr/bin/perl PBlang 4.66z Create Admin Exploit this exploit register a user with admin access Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $uname = $ARGV1; $passwd = $ARGV2; $url...

CVE-2007-1589

TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service filesystem unavailability by dismounting a volume mounted by a different user...

PT-2007-2879 · Libftp +1 · Libftp +1

Name of the Vulnerable Software and Affected Versions: LIBFtp version 3.1-1 Description: A buffer overflow issue exists in the set umask function in QFTP, allowing local users to potentially execute arbitrary code via a long -m argument. However, it is noted that QFTP is not setuid, and it is...

CVE-2007-1221

The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows attackers with physical access to force execution of the hypervisor syscall with a certain register set, which bypasses intended code protection...

Mozilla Foundation Security Advisory 2007-02

Mozilla Foundation Security Advisory 2007-02 Title: Improvements to help protect against Cross-Site Scripting attacks Impact: Low Announced: February 23, 2007 Reporter: various Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.2 Firefox 1.5.0.10 SeaMonkey 1.0.8 Firefox 2.0.0.2 and 1.5.0.10...

Improvements to help protect against Cross-Site Scripting attacks — Mozilla

Firefox 2.0.0.2 and 1.5.0.10 contain several small changes that will make it easier for sites to protect their visitors against Cross-Site Scripting XSS attacks. Invalid trailing characters in HTML tag attributes The Mozilla parser formerly ignored invalid trailing characters in HTML tag attribut...

DEBIAN-CVE-2006-5973

Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmapdisable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service crash via unspecified vectors involving the cache file...

linux/x86 set system time to 0 and exit 15 bytes

No description provided by source. / By Kris Katterjohn 11/14/2006 15 byte shellcode to set system time to 0 and exit. No real damage : exit code is the last 5 bytes 0x6a - 0x80 for Linux/x86 section .text global start start: ; stime0 push byte 25 pop eax xor ecx, ecx push ecx mov ebx, esp int 0x...

linux/x86 - set system time to 0 and exit 12 bytes

linux/x86 set system time to 0 and exit 12 bytes. Shellcode exploit for linx86 platform / By Kris Katterjohn 11/18/2006 12 byte shellcode to set system time to 0 and exit. No real damage : exit code is the last 5 bytes 0x6a - 0x80 for Linux/x86 section .text global start start: ; stime0 push byte...

VulnCheck KEV: CVE-2006-5745

Unspecified vulnerability in the setRequestHeader method in the XMLHTTP XML HTTP ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a...

Flatnuke 2.5.8 - file() Privilege Escalation Code Execution

Flatnuke 2.5.8 - file Privilege Escalation Code Execution !/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexo...

security flaw

Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service crash via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set "\", which leads to a buffer over-read...

security flaw

Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service crash via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set "\", which leads to a buffer over-read...

CVE-2006-4433

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...

CVE-2006-4433

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...

CVE-2006-4425

Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the CCFGPKGPATHINCL parameter in coinincludes scripts including 1 api.php, 2 common.php, 3 core.php, 4 custom.php, 5 db.php, 6 redirect.php or 7 sessionset.php. NOTE: the...

CVE-2006-4433

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...