mnoGoSearch 3.1.20 - Remote Command Execution

!/usr/bin/perl reloaded Remote Exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id for linux ix86 by pokleyzz use IO::Socket; $host = "127.0.0.1"; $cmd = "ls -la"; $searchpath = "/cgi-bin/search.cgi"; $rawret = 0xbfff105c; $ret = ""; $suffsize = 0; $port...

Snort <=1.9.1 Remote Root Exploit (p7snort191.sh)

No description provided by source. !/bin/sh p7snort191.sh by truff [email protected] Snort 1.9.1 and below remote exploit Tested on Slackware 8.0 with Snort 1.9.1 from sources Usage: 1/ Launch a listening netcat to listen for the shell nc -p 45295 -l 2/ p7snort119.sh yourIP RetAddr Where yourIP i...

MS Windows WebDAV (ntdll.dll) Remote Exploit

Exploit for unknown platform in category remote exploits ============================================ MS Windows WebDAV ntdll.dll Remote Exploit ============================================ // / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / /...

Multiple game servers DDoS attacks

Large UDP response is sent in reply to short request withous session setup...

Windows 2000 SMB signing protection bypass

During connectio nsetup it's possible to switch off SMB signing regardless of policy setting...

GLIBC locale - Format Strings

GLIBC locale - Format Strings / su.c by xp, modified by logikal@efnet - tested on redhat 5 - 7 / include include include include include include include include char shellcode = "\x31\xc0\x83\xc0\x17\x31\xdb\xcd\x80\xeb" "\x30\x5f\x31\xc9\x88\x4f\x17\x88\x4f\x1a"...

CVE-2002-1751

csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...

PT-2002-2472 · Cgiscript.Net · Cgiscript.Net Csguestbook

Name of the Vulnerable Software and Affected Versions: CGISCRIPT.NET csGuestbook version 1.0 Description: The issue allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. This can be exploited through the /csGuestbook.cgi API...

PT-2002-2475 · Csnews · Csnewspro

Name of the Vulnerable Software and Affected Versions: csNews Professional csNewsPro affected versions not specified Description: The issue allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. This can be exploited through t...

PT-2002-2474 · Cgiscript.Net · Cschat-R-Box

Name of the Vulnerable Software and Affected Versions: CGIScript.net csChat-R-Box affected versions not specified Description: The issue allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. This can be exploited through the...

Linksys router vulnerability

SUMMARY: Linksys products running affected firmware versions are susceptible to a bug that allows unauthenticated access to the management interface. This bug affects both local and remote management if enabled. AFFECTED PRODUCTS per Linksys support: BEFSR41, BEFSR11, BEFSRU31: firmware versions...

IBM AIX FC contains buffer overflow exploitable during session setup

Overview The FC client in IBM's AIX contains a buffer overflow that may cause a core dump in the client. Description The IBM AIX FC client allows a buffer overflow of a few bytes in the client process, which could cause intermittent core dumps during session setup. Overflowing the buffer is...

CVE-2002-0492

DCShop 1.002 Beta is affected by CVE-2002-0492. The vulnerability lies in dcshop.cgi, allowing remote attackers to delete arbitrary setup files via a null character in the database parameter. Practical impact described in sources is the unauthorized deletion of setup files; no further exploit det...

CVE-2002-0492

dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter...

DCShop Beta 1.0 - Form Manipulation

source: https://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setup by submitting attacker-supplied...

netgear.txt

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ =+ NetGear RO318 HTTP Filter Advisory =+ =+ Null Byte Security =+ =+ http://home.tampabay.rr.com/nbs/ =+ =+ don't call it a come back =+ =+ [email protected] =+...

Cisco PIX Security Notes

Cisco PIX Notes -- Introduction This is a simples paper on which i wrote down some note about "Cisco PIX Firewall" so it isn't well organized or talk specifically about a vulnerability . All test it's about THE latest pix release on this pix: Cisco Secure PIX Firewall Version 5.31 Hardware: SE442...

Дырка в ascsc (buffer overflow)

переполнение буфера при разборе аргументов командной строки. Программа не-suid в установке по-умолчанию...

CVE-2000-0381

CVE-2000-0381 affects the Gossamer Threads DBMan DBMan CGI script (db.cgi). The vulnerability arises when a non-existent database is referenced via the db parameter, allowing remote attackers to view environment variables and setup information (server information leakage). The OpenVAS NASL entrie...

Security Bulletin (MS00-042)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Patch Available for "Active Setup Download" Vulnerability Originally Posted: June 29,...