1774 matches found
os-x/PPC create /tmp/suid 122 bytes
No description provided by source. / PPC OSX/Darwin Shellcode by B-r00t. 2003. Does open; write; close; exit; See ASM below. 122 Bytes. / char shellcode = "\x7c\xa5\x2a\x79\x40\x82\xff\xfd" "\x7f\xe8\x02\xa6\x39\x1f\x01\x71" "\x39\x08\xfe\xf4\x7c\xa8\x29\xae" "\x38\x7f\x01\x68\x38\x63\xfe\xf4"...
linux/x86 connect 120 bytes
No description provided by source. / Connecting shellcode written by lamagra [email protected] http://lamagra.seKure.de May 2000 .file "connect" .version "01.01" .text .align 4 start: socketAFINET,SOCKSTREAM,IPPROTOIP; movl %esp,%ebp xorl %edx,%edx movb $102,%edx movl %edx,%eax 102 = socketcall...
os-x/PPC setuid(0) + execve /bin/sh 88 bytes
No description provided by source. / PPC OSX/Darwin Shellcode by B-r00t. 2003. Does setuid0; execve/bin/sh; exit0; See ASM below. 88 Bytes. / char shellcode = "\x7c\x63\x1a\x79\x40\x82\xff\xfd" "\x7d\x68\x02\xa6\x3b\xeb\x01\x70" "\x39\x40\x01\x70\x39\x1f\xfe\xdf" "\x7c\x68\x19\xae\x38\x0a\xfe\xa7...
linux/x86 execve /bin/sh setreuid(12,12) 50 bytes
Exploit for linux/x86 platform in category shellcode ================================================= linux/x86 execve /bin/sh setreuid12,12 50 bytes ================================================= / Linux/x86 An example of setregid, execve /bin/sh I used this in practise, hence the setregid12...
SUSE-SA:2002:036: mod_php4
The remote host is missing the patch for the advisory SUSE-SA:2002:036 modphp4. PHP is a well known and widely used web programming language. If a PHP script runs in 'safe mode' several restrictions are applied to it including limits on execution of external programs. An attacker can pass shell...
PHP for Windows shell characters filtration protection bypass
escapeshellcmd/escapeshellarg do not work under Windows...
Microsoft Windows XP - explorer.exe Remote Denial of Service
Microsoft Windows XP - explorer.exe Remote Denial of Service source: https://www.securityfocus.com/bid/9924/info Microsoft Windows Explorer for Windows XP has been reported to be prone to a remote denial of service vulnerability. This issue is due to a failure of the application to properly...
CVE-2002-1393
Removed by vendor...
SCAN Associates Advisory: Molly 0.5 - Remote Command Execution
Molly 0.5 - Remote Command Execution Discovered By guejez of scan-associates.net About Molly: ------------------ quote from Molly homepage "Molly is a small, simple IRC bot that I use for intra-office communication. She will handle lunch menus, stock quotes, take polls and stuff like that." /quot...
Dispair 0.10.2 - Remote Command Execution
Dispair 0.10.2 - Remote Command Execution source: https://www.securityfocus.com/bid/5392/info Dispair fails to sufficiently validate user-supplied input before it is passed to the shell via the Perl open function. Remote attackers may potentially exploit this issue to execute arbitrary commands o...
Mewsoft Auction, PHP Classifieds and eFax.com - CrossSiteScripting issues
Advisory name: SSI & CSS execution in Mewsoft Auction, PHP Classifieds and eFax.com Application: Mewsoft Auction Perl script, PHP Classifieds PHP, eFax.com ASP Date: 14.6.2002 Impact: remote user can execute shell commands & cross site scripting =====================================...
Marcus S. Xenakis "directory.php" allows arbitrary code execution
------------------------------------------------------------ itcp advisory 3 [email protected] http://www.it-checkpoint.net/advisory/3.html March 10th, 2002 ------------------------------------------------------------ Marcus S. Xenakis "directory.php" allows arbitrary code execution...
MAGIC Enterprise Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 immutec Security Advisory ID: SA-MAGIC-001 Date: 2001/12/17 Version: 0.2 Magic Enterprise multiple vulnerabilities Affected Software/System: ========================= Vendor : Magic Software http://www.magicsoftware.com Product : Magic Enterprise...
QPopper 4.0.x - PopAuth Trace File Shell Command Execution
source: https://www.securityfocus.com/bid/3710/info Qpopper is a freely available, open source Post Office Protocol server. It is maintained and distributed by Qualcomm. When popauth is executed with the trace option, it does not correctly handle user-supplied input. A user can supply data to the...
QPopper 4.0.x - PopAuth Trace File Shell Command Execution
QPopper 4.0.x - PopAuth Trace File Shell Command Execution source: https://www.securityfocus.com/bid/3710/info Qpopper is a freely available, open source Post Office Protocol server. It is maintained and distributed by Qualcomm. When popauth is executed with the trace option, it does not correctl...
Mountain Network Systems WebCart 8.4 - Command Execution
Mountain Network Systems WebCart 8.4 - Command Execution source: https://www.securityfocus.com/bid/3453/info Mountain Network Systems WebCart is a cgi based online shopping suite. An error in the webcart.cgi script allows a remote user to pass an arbitrary shell command which will be executed by...
Mountain Network Systems WebCart 8.4 - Command Execution
source: https://www.securityfocus.com/bid/3453/info Mountain Network Systems WebCart is a cgi based online shopping suite. An error in the webcart.cgi script allows a remote user to pass an arbitrary shell command which will be executed by the script. WebCart exploit Spawn bash style Shell with...
CVE-2001-0572
The SSH protocols 1 and 2 aka SSH-2 as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: 1 password lengths or ranges of lengths, which simplifies brute force password guessing, 2 whether RSA or DS...
PT-2001-1770 · Openssh +1 · Openssh +1
Name of the Vulnerable Software and Affected Versions: OpenSSH affected versions not specified Description: The SSH protocols 1 and 2 as implemented in OpenSSH have various weaknesses that can allow a remote attacker to obtain sensitive information via sniffing. This includes password lengths or...
Leif M. Wright everythingform.cgi 2.0 - Arbitrary Command Execution
Leif M. Wright everythingform.cgi 2.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2101/info An input validation vulnerability exists in Leif M. Wright's everything.cgi, a Perl-based form design tool. The script fails to properly filter shell commands from user-supplied...