UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit

No description provided by source. / Date : May 28th 2007. UltraISO = 8.6.2.2011 local buffer-over flow by n00b You might need to change the jmp esp% adress to your version. Tested on win xp service pack 2 eng executes calc.Don't forget you need to have the bin and cue file in the same Directory...

BSD mailx 8.1.1 -10 Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 On Slackware 7.x it can be found as /usr/bin/Mail. A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. The 'mail' program...

File 3.x Local Stack Overflow Code Execution Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/7008/info It has been reported that a stack overflow exists in the file program. Although details of this issue are currently unavailable, it is likely that this issue could be exploited to execute code as the user invoki...

WvTFTPd 0.9 - Remote Root Heap Overflow Exploit

No description provided by source. / wvtftp option name heap overflow remote root exploit infamous42md AT hotpop DOT com exploitation is not exactly straight forward. When we overflow our buffer, we overwrite a pointer that is freed before we get to trigger our overwrite. so we have to restore th...

openSUSE Security Update : sysconfig (openSUSE-SU-2012:0242-1)

This update for sysconfig contains the following fixes : - sysconfig hook script for NetworkManager did not properly quote shell meta characters when processing ESSIDs. Specially crafted network names could therefore lead to execution of shell code CVE-2011-4182. - Explicitly disabled posix mode ...

openSUSE Security Update : sysconfig (openSUSE-SU-2012:0242-1)

This update for sysconfig contains the following fixes : - sysconfig hook script for NetworkManager did not properly quote shell meta characters when processing ESSIDs. Specially crafted network names could therefore lead to execution of shell code CVE-2011-4182. - Explicitly disabled posix mode ...

openSUSE Security Update : poppler (openSUSE-SU-2013:1371-1)

poppler was updated to fix a security problem. PDF files could emit messages with terminal escape sequences which could be used to inject shell code if the user ran a PDF viewer from a terminal shell CVE-2012-2142. Also a bug was fixed to avoid division by zero when using origpagesizes option...

GLSA-201401-26 : Zabbix: Shell command injection

The remote host is affected by the vulnerability described in GLSA-201401-26 Zabbix: Shell command injection If a flexible user parameter is configured in Zabbix agent, including a newline in the parameters will execute newline section as a separate command even if UnsafeUserParameters are...

Zabbix: Shell command injection

Background Zabbix is software for monitoring applications, networks, and servers. Description If a flexible user parameter is configured in Zabbix agent, including a newline in the parameters will execute newline section as a separate command even if UnsafeUserParameters are disabled. Impact A...

Cacti: Multiple vulnerabilities

Background Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker...

GLSA-201309-21 : klibc: Command Injection

The remote host is affected by the vulnerability described in GLSA-201309-21 klibc: Command Injection The ipconfig utility in klibc writes DHCP options to /tmp/net-$DEVICE.conf, and this file is later sourced by other scripts to get defined variables. The options written to this file are not...

klibc: Command Injection

Background klibc is a minimalistic libc used for making an initramfs. Description The ipconfig utility in klibc writes DHCP options to /tmp/net-$DEVICE.conf, and this file is later sourced by other scripts to get defined variables. The options written to this file are not properly escaped. Impact...

MGASA-2013-0261 Updated xpdf packages fixes security vulnerability

PDF files could be used to inject shell code when xpdf was run from some terminal emulators, due to the use of escape sequences in error messages CVE-2012-2142...

Updated xpdf packages fixes security vulnerability

PDF files could be used to inject shell code when xpdf was run from some terminal emulators, due to the use of escape sequences in error messages CVE-2012-2142...

BlazeDVD Free Edition 6.1.1.6 Buffer Overflow

!/usr/bin/python Exploit Title:BlazeDVD Free Edition 6.1.1.6 Buffer Overflow Date: 27-03-2013 Exploit Author: metacom RST Vendor Homepage: http://www.blazevideo.com/dvd-player/ Download version 6.1.0.6: www.blazevideo.com/download.php?product=BlazeDVD Version: BlazeDVD Free Edition 6.1.1.6 Tested...

osCommerce 2.3.3 Cross Site Request Forgery

your shell should be here: catalog/includes/languages/english/download.php?cmd=id...

openshift-origin-node-util: restorer.php preg_match shell code injection

node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATHINFO...

MS11-046 Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (CVE-2011-1249)

No description provided by source. / MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with this exploit . I Rahul Sasifb1h2s just made the POC exploit available...

Waves of Attacks Target Adobe Reader Bug From 2010

Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a...

win32/xp sp3 (ENG) cmd.exe Sellcode 87 bytes

Title : windows/XP sp3 ENG cmd.exe Sellcode Author :TrOoN E-mail : email protected | www.facebook.com/fysl.fyslm Home : city 617 logts : Draria . algeria Web Site : www.1337day.com platform : winDows xp SP3 | tESTED IN WINDWOS XP SP 3 work Type : SHELL CODe WINDWOS WARNING : i teste in windows Xp...