7817 matches found
FreeBSD/x86 - execve(/bin/cat & /etc/master.passwd) - 65 bytes
No description provided by source. ; sm4x 2008 ; /bin/cat /etc/master.passwd ; 65 bytes ; FreeBSD 7.0-RELEASE global start start: xor eax, eax ; --- setuid0 push eax push eax mov al, 0x17 int 0x80 ; --- setup /etc/master.passwd jmp short loadfile ok: pop esi ; setup /bin/cat push eax push...
CVE-2009-0651
Unspecified vulnerability in the Veritas network daemon aka vnetd in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to "initial communications setup."...
Design/Logic Flaw
Unspecified vulnerability in the Veritas network daemon aka vnetd in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to "initial communications setup."...
Becky! Internet Mail Read Receipt请求缓冲区溢出漏洞
BUGTRAQ ID: 33756 Becky! Internet Mail是一个常用的Email客户端软件。 Becky! Internet Mail客户端没有正确地处理read receipt请求。如果用户查看了特制的邮件并允许发送read receipt请求的话,就可以触发缓冲区溢出,导致执行任意代码。 RimArts Becky! Internet Mail 2.48.02 厂商补丁: RimArts ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.rimarts.co.jp/index.html 在General...
JVN#29641290 Becky! Internet Mail buffer overflow vulnerability
Becky! Internet Mail is an email client software. Becky! Internet Mail contains a buffer overflow vulnerability as it does not properly handle read receipt requests. Impact If the user views a specially crafted email and allows a read receipt to be sent, arbitrary code may be executed. Solution...
CVE-2009-0416
The SSL certificate setup program genSslCert.sh in Standards Based Linux Instrumentation for Manageability SBLIM sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /var/tmp/key.pem, 2 /var/tmp/cert.pem, and 3 /var/tmp/ssl.cnf temporary files...
RealNetworks Helix Server < 11.1.8 / 12.0.1 Multiple Vulnerabilities
Binary data 4919.prm...
Sql injection
Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done GTD 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter...
CVE-2008-5963
Gravity GTD (Getting Things Done) up to version 0.4.5 is affected by an eval-injection vulnerability in library/setup/rpc.php that allows remote attackers to execute arbitrary PHP code via the objectname parameter. This CVE (CVE-2008-5963) is rated high by NVD (base score 10.0) with network attac...
Buffer overflow
Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to 1 cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via 2 an NTLM authentication request with malformed...
Simple Machines Forum - Destroyer 0.1
Exploit for unknown platform in category web applications ===================================== Simple Machines Forum - Destroyer 0.1 ===================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Std; use LWP::Simple; use HTTP::Request; Author: Xianur0 Uxmal666atgmail.com...
Simple Machines Forum (SMF) 1.0.13/1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass
!/usr/bin/perl use LWP::UserAgent; use Getopt::Std; use LWP::Simple; use HTTP::Request; Author: Xianur0 Uxmal666atgmail.com Cracks links Password Recovery Find Temporary Files executed by mods DB function Flood by Error Log File Path Disclosure List installed Mods Useful To Find Mods Vulnerable...
The times-the level of WEP crack full power slightly-vulnerability warning-the black bar safety net
With the rapid development of network technology and network applications, more and more, many users began to focus on network security. Believe the wired network to the wireless network in terms of security there is inherent, since the communication medium is a wireless signal, so the intruder c...
Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. ================================================================================================================= o Broadcast Machine 0.1 Multiple Remote File Inclusion Vulnerability Software : Broadcast Machine version 0.1 Vendor :...
Openfire Server 3.6.0a - Authentication Bypass / SQL Injection / Cross-Site Scripting
Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de Affected Software: Openfire Server = 3.6.0a Remotely Exploitable: Yes Risk:...
vicftp-dos.txt
include include include define z00roa memseta,0,sizeofa; //greetings : SiD.psycho //Smallest greetings : Gorion - lofamy cIem We want be like y0U : unsigned int setportconst char port ifatoiport==0 || atoiport0 return 21; return atoiport; int mainint argc,char argv...
eventscal-rfi.txt
Events Calendar 1.1 Remote File Inclusion Vulnerability ======================================================== Author: kevin mitnick tunisianblackhat team = = Home : http://tunisianblackhat.com = = email: kevinmitnickAlive.fr = = ========================================================= script ...
Gentoo Security Advisory GLSA 200412-06 (PHProjekt)
The remote host is missing updates announced in advisory GLSA 200412-06. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DSA-1641-1 phpmyadmin - several issues
Bulletin has no description...
Cross site scripting
Cross-site scripting XSS vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify...