Hydra: SOCKS5

This plugin runs Hydra to find SOCKS5 accounts and passwords by brute force. To use this plugin, enter the 'Logins file' and the 'Passwords file' under the 'Hydra NASL wrappers options' advanced settings block. TRUSTED...

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...

Microsoft Windows XP - Workstation Service Remote (MS03-049)

Microsoft Windows XP - Workstation Service Remote MS03-049 / To build new netapi32.lib pedump /exp netapi32.dll netapi32.exp buildlib netapi32.exe netapi32.exp netapi32.lib netapi32.dll d:\rpcwksbo.exe WKS service remote exploit MS03-049 by fiNis fiNisatbkdotru, ver:0.1.1...

Poster.Version:Two Setup Vulnerability

Author: DarkKnight My site: http://www.insecureonline.com Product: Poster.version:two Side Note: This is my first post ever on bugtraq, so bear with me. Vendors: Contacted A vulnerability exists within Poster.version:two that allows a remote attacker to add accounts to a Poster.version:two. The...

CVE-2003-0633

CVE-2003-0633 affects Oracle E-Business Suite 11.5.1–11.5.8, specifically the AOL/J Setup Test Suite component aoljtest.jsp. The vulnerabilities allow a remote attacker to obtain sensitive information without authentication, including the GUEST user password and the application server security ke...

CVE-2003-0426

The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator...

mnoGoSearch 3.1.20 - Remote Command Execution

!/usr/bin/perl reloaded Remote Exploit for mnoGoSearch 3.1.20 that performs remote command execution as the webserver user id for linux ix86 by pokleyzz use IO::Socket; $host = "127.0.0.1"; $cmd = "ls -la"; $searchpath = "/cgi-bin/search.cgi"; $rawret = 0xbfff105c; $ret = ""; $suffsize = 0; $port...

Snort <=1.9.1 Remote Root Exploit (p7snort191.sh)

No description provided by source. !/bin/sh p7snort191.sh by truff [email protected] Snort 1.9.1 and below remote exploit Tested on Slackware 8.0 with Snort 1.9.1 from sources Usage: 1/ Launch a listening netcat to listen for the shell nc -p 45295 -l 2/ p7snort119.sh yourIP RetAddr Where yourIP i...

MS Windows WebDAV (ntdll.dll) Remote Exploit

Exploit for unknown platform in category remote exploits ============================================ MS Windows WebDAV ntdll.dll Remote Exploit ============================================ // / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / /...

Multiple game servers DDoS attacks

Large UDP response is sent in reply to short request withous session setup...

Windows 2000 SMB signing protection bypass

During connectio nsetup it's possible to switch off SMB signing regardless of policy setting...

GLIBC locale - Format Strings

GLIBC locale - Format Strings / su.c by xp, modified by logikal@efnet - tested on redhat 5 - 7 / include include include include include include include include char shellcode = "\x31\xc0\x83\xc0\x17\x31\xdb\xcd\x80\xeb" "\x30\x5f\x31\xc9\x88\x4f\x17\x88\x4f\x1a"...

CVE-2002-1751

csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...

PT-2002-2474 · Cgiscript.Net · Cschat-R-Box

Name of the Vulnerable Software and Affected Versions: CGIScript.net csChat-R-Box affected versions not specified Description: The issue allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. This can be exploited through the...

PT-2002-2475 · Csnews · Csnewspro

Name of the Vulnerable Software and Affected Versions: csNews Professional csNewsPro affected versions not specified Description: The issue allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. This can be exploited through t...

PT-2002-2472 · Cgiscript.Net · Cgiscript.Net Csguestbook

Name of the Vulnerable Software and Affected Versions: CGISCRIPT.NET csGuestbook version 1.0 Description: The issue allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. This can be exploited through the /csGuestbook.cgi API...

Linksys router vulnerability

SUMMARY: Linksys products running affected firmware versions are susceptible to a bug that allows unauthenticated access to the management interface. This bug affects both local and remote management if enabled. AFFECTED PRODUCTS per Linksys support: BEFSR41, BEFSR11, BEFSRU31: firmware versions...

IBM AIX FC contains buffer overflow exploitable during session setup

Overview The FC client in IBM's AIX contains a buffer overflow that may cause a core dump in the client. Description The IBM AIX FC client allows a buffer overflow of a few bytes in the client process, which could cause intermittent core dumps during session setup. Overflowing the buffer is...

CVE-2002-0492

dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter...

CVE-2002-0492

DCShop 1.002 Beta is affected by CVE-2002-0492. The vulnerability lies in dcshop.cgi, allowing remote attackers to delete arbitrary setup files via a null character in the database parameter. Practical impact described in sources is the unauthorized deletion of setup files; no further exploit det...