ProFTPD 1.3.3c - Compromised Source Remote Root Trojan

No description provided by source. == ProFTPD Compromise Report == On Sunday, the 28th of November 2010 around 20:00 UTC the main distribution server of the ProFTPD project was compromised. The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server a...

ZBServer Pro 1.5 - Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/889/info ZBSoft ZBServer Pro is an Internet and Intranet server that supports HTTP, Gopher, FTP and Chat Services. ZBServer is available for Microsoft Windows operating systems. ZBServer Pro 1.5 has an unchecked buffer in...

Linux kernel 2.0 Sendmail Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/363/info The 2.0.x kernels have a quirk in the TCP implementation that have to do with the accept call returning after only a syn has been recieved as opposed to the three way handshake having been completed. Sendmail,...

httpdx <= 1.4.6b source disclosure

No description provided by source. httpdx = 1.4.6b Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: httpdx.sourceforge.net/downloads/ - Description - httpdx Web Server = 1.4.6b is a Windows based HTTP server. This is the latest version of the application available. http...

SkaDate Online 5.0/6.0 - Remote File Disclosure Vulnerability

No description provided by source. SkaDate Online Dating Software Remote File Disclosure Vulnerability Author : SnIpEr-SA.CoM tested verson : 5.0 & 6.0 Homepage : http://www.skadate.com Price: 795.00 Exp : http://www.site.com/member/featuredlist.php?viewmode=../../../../file%00...

BEA Systems WebLogic Express 3.1.8/4/5 Source Code Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/1378/info Within WebLogic Server and WebLogic Express there are four main java servlets registered to serve different kind of files. A default servlet exists if a requested file does not have an assigned servlet. If an ht...

VisualSite CMS 1.3 - Multiple Vulnerabilities

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-25-visualsite-cms-multiple-vulnerabilities/ ''' Abysssec Inc Public Advisory Title : VisualSite CMS Multiple...

Merak Mail Server 7.4.5 settings.html Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

Microsoft IIS 5.0 CodeBrws.ASP Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4525/info Microsoft IIS 5.0 ships with a sample script that may be used to view the source code of other scripts in the sample scripts /IISSAMPLES directory. However, this script CodeBrws.asp does not adequately filter...

AN HTTPD 1.42 Arbitrary Log Content Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs may result in...

eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit

No description provided by source. / extremail-v6.c Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root exploit x86-lnx by mu-b - Wed Oct 18 2006 - Tested on: eXtremail 2.1.1 lnx eXtremail 2.1.0 lnx Stack overflow in ifParseAuthPlain - Private Source Code -DO NOT DISTRIBUTE -...

IBM HTTP Server 1.3.x Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3518/info Due to an input validation error in IBM HTTP Server for the AS/400, it is possible for a remote attacker to make a specially web crafted web request which will display script source code. If a '/' is appended to...

Kolibri+ Webserver 2 - Remote Source Code Disclosure Vulnerability

No description provided by source. Name : Kolibri+ Webserver 2 , Remote file disclousure exploit Author : Skull-HacKeR Download Page : http://download.cnet.com/Kolibri-WebServer/3000-102484-10896378.html?tag=mncol Attack type : Remote Exploitation Exploit: http://127.0.0.1/default.asp...

Fully Modded phpBB <= 2021.4.40 Multiple File Include Vulnerabilities

No description provided by source. Fully Modded phpBB 2 Remote File Include PHPBB Exploit 2 Source Code: http://phpbbfm.net/support/indexfm.php http://kent.dl.sourceforge.net/sourceforge/phpbbfm/FM2021-4-40.tar.gz Vulnerable Code: include'includes/common.php'; $phpbbrootpath = $foingrootpath...

Thatware <= 0.4.6 (root_path) Remote File Include Vulnerability

No description provided by source. Thatware 0.4.6 rootpath Remote File Inclusion CreW: ToXiC Bug Found by Drago84 Source Code: http://ufpr.dl.sourceforge.net/sourceforge/thatware/thatware0.4.6.tar.gz Page Affect config.php ExP:...

Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/5044/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. A buffer overflow has been discovered in the gdsdrop program packaged with Interbase. This...

Inktomi Search Software 3.0 Source Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2061/info A vulnerability exists in version 3.0 of Ultrseek server aka Inktomi Search. Due to a failure to properly validate user-supplied input, URLs submitted by a remote user of the form:...

WeBid <= 0.7.3 RC9 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. ----------------------------------------------------------------------------------------- ECHOADV104$2009 WeBid = 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities -----------------------------------------------------------------------------------------...

Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

PHP phar extension 1.1.1 Heap Overflow

No description provided by source. from: http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html version PHP: 5.3.6 version phar ext.: 1.1.1 site: http://php.net/ source code: http://windows.php.net/downloads/releases/php-5.3.6-src.zip An integer overflow vulnerability leading t...