CVE-2010-2542

Stack-based buffer overflow in the isgitdirectory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy...

Microsoft - SMB Server Trans2 Zero Size Pool Alloc (MS10-054)

!/usr/bin/env python import sys,struct,socket from socket import if lensys.argv=2: print '' print ' MS10-054 Proof Of Concept by Laurent Gaffie' print ' Usage: python '+sys.argv0+' TARGET SHARE-NAME No backslash' print ' Example: python '+sys.argv0+' 192.168.8.101 users' print '...

PYSEC-2010-18

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/SlideShow.py, 2 action/anywikidraw.py, and 3 action/languagesetup.py, a similar issue to CVE-2010-2487...

redhat-ds: setup script insecure .inf file permissions

The 1 setup-ds.pl and 2 setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sensitive information including passwords for Directory and Administration Server administrative accounts...

Discuz7. 2 of my vest plug-injection vulnerability-a vulnerability warning-the black bar safety net

Discuz! A common set of community forums software system, the user can not require any programming on the basis of, through the simple setup and installation, on the Internet build up with perfect function, strong load capacity, and highly customizable Forum service Vulnerability plug-in:...

CVE-2009-4939

Multiple cross-site scripting XSS vulnerabilities in index.php in AdPeeps 8.5d1 allow remote attackers to inject arbitrary web script or HTML via the 1 uid parameter, 2 uid parameter in a loginlookup action, 3 uid parameter in an adminlogin action, 4 campaignid parameter in a createcampaign actio...

KMSoft GB SQL Injection Vulnerabilty

Exploit for asp platform in category web applications ==================================== KMSoft GB SQl injection Vulnerabilty ==================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1...

Ananda Image Gallery SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

DEBIAN-CVE-2010-1635

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...

CVE-2010-1379

Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service printing failure by deploying a printing device that has a Unicode character in its printing-service name...

CVE-2010-1642

The replysesssetupandXspnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service process crash, via a \xff\xff security blob length in a Session Setup AndX request...

DEBIAN-CVE-2010-1642

The replysesssetupandXspnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service process crash, via a \xff\xff security blob length in a Session Setup AndX request...

Code injection

Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service printing failure by deploying a printing device that has a Unicode character in its printing-service name...

CVE-2010-1635

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...

Null pointer dereference

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...

CVE-2010-1379

Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service printing failure by deploying a printing device that has a Unicode character in its printing-service name...

CVE-2010-1642

The replysesssetupandXspnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service process crash, via a \xff\xff security blob length in a Session Setup AndX request...

CVE-2010-1642

The replysesssetupandXspnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service process crash, via a \xff\xff security blob length in a Session Setup AndX request...

CVE-2010-1379

CVE-2010-1379 affects Apple Mac OS X 10.6 prior to 10.6.4. The vulnerability is in Printer Setup where improper interpretation of character encoding can be exploited by a printer device whose printing-service name contains a Unicode character, allowing a remote attacker to cause a denial of servi...

CVE-2010-1635

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...