WFTPD Pro Server 3.30.0.1 Denial Of Service

/\ Title: WFTPD Pro Server 3.30.0.1 pre auth Multiple Remote Denial of Service Vulnerabilities Summary: Professional FTP server for Windows NT / 2000 / XP / 2003 Desc: WFTPD Pro Server 3.30.0.1 suffers from multiple remote vulnerabilities which resolves in denial of service. Several commands are...

CVE-2008-0884

The Replace function in the capp-lspp-config script in the 1 lspp-eal4-config-ibm and 2 capp-lspp-eal4-config-hp packages before 0.65-2 in Red Hat Enterprise Linux RHEL 5 uses lstat instead of stat to determine the /etc/pam.d/system-auth file permissions, leading to a change to world-writable...

CVE-2002-2245

ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session...

CVE-2002-2245

NetBSD ftpd is affected on versions 1.5 through 1.5.3 and 1.6. The issue arises because the FTP server does not properly quote a digit in the response to a STAT command for a filename containing a carriage return followed by a digit, which can cause firewalls and other intermediary devices to los...

Linux Omnikey Cardman 4040 driver Local Buffer Overflow Exploit PoC

No description provided by source. / Linux Omnikey Cardman 4040 driver buffer overflow CVE-2007-0005 Copyright C Daniel Roethlisberger [email protected] Compass Security Network Computing AG, Rapperswil, Switzerland. All rights reserved. http://www.csnc.ch/ / includesys/stat.h...

TinyPHP Forum 3.6 - 'makeAdmin' Remote Admin Maker

TinyPHPForum 3.6 Admin Maker By SirDarckCat from elhacker.net Existing User: document.forms0.action=prompt"Path to forum","http://www.server.com/tpf/"+"updatepf.php"; milw0rm.com 2006-08-02...

Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Inclusion

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ Minerva phpbbrootpath = 2.0.8a Build 237 Remote File Include Vulnerability $$ script site: http://sourceforge.net/projects/minerva/ $$ dork: Powered by Minerva 237 $$...

CVE-2006-0705

Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...

Format string

Format string vulnerability in a logging function as used by various SFTP servers, including 1 AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, 2 Reflection for Secure IT Windows Server before 6.0 build 38, 3 F-Secure SSH Server for Windows before 5.3 build 35, 4 F-Secure SSH...

CVE-2006-0705

CVE-2006-0705 is a format-string vulnerability in SFTP/SSH logging code across multiple servers (e.g., SSH Secure Shell Server variants, and related SFTP servers). The flaw affects the handling of filenames in logs, enabling a remote authenticated user to potentially execute arbitrary commands vi...

HP-UX ftpd glob() Expansion STAT Buffer Overflow

Buffer overflow in FTP server in HPUX 11 and previous allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. OpenVAS Vulnerability Test $Id: hpftpglobstat.nasl 6522 2017-07-04 15:22:28Z cfischer $...

HP-UX ftpd glob() Expansion STAT Buffer Overflow

Buffer overflow in FTP server in HPUX 11 and previous allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. SPDX-FileCopyrightText: 2003 Xue Yong Zhi Some text descriptions might be excerpted from ...

sbphpstatpoc.txt

? / PHP Stat Administrative User Authentication Bypass POC Exploit Code by Nikyt0x - Soulblack Security Research Advisory: http://www.soulblack.com.ar/repo/papers/phpstatadvisory.txt Saludos: Soulblack Staff, Status-x, NeosecurityTeam, KingMetal, SWP, Trespasser... [email protected]...

CVE-2002-2044

Cross-site scripting XSS vulnerability in xstatadmin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action...

CVE-2002-2044

CVE-2002-2044 describes a cross-site scripting (XSS) vulnerability in x-stat (version 2.3 and earlier) affecting the file x_stat_admin.php . The issue arises when a parameter to the phpinfo action is not properly sanitized, allowing remote attackers to inject arbitrary web script or HTML. Affecte...

CVE-2002-2045

CVE-2002-2045 affects x-stat 2.3 and earlier, via x_stat_admin.php. The flaw allows remote attackers to (1) execute PHP commands (e.g., phpinfo) or (2) reveal the web server’s full path through an invalid action parameter that leaks the pathname in an error message. The NVD CVSS v2 score is 6.4 (...

phpStat 1.5 - setup.php Authentication Bypass (PHP) (2)

phpStat 1.5 - setup.php Authentication Bypass PHP 2 ? / PHP Stat Administrative User Authentication Bypass POC Exploit Code by Nikyt0x - Soulblack Security Research Advisory: http://www.soulblack.com.ar/repo/papers/phpstatadvisory.txt Saludos: Soulblack Staff, Status-x, NeosecurityTeam, KingMetal...

phpStat 1.5 - 'setup.php' Authentication Bypass (PHP) (1)

"; print ""; print "Username : "; print "Password : "; print " \n"; print ""; //------------------------------------------------------End. ? milw0rm.com 2005-05-30...

phpStat 1.5 - 'setup.php' Authentication Bypass (PHP) (2)

? / PHP Stat Administrative User Authentication Bypass POC Exploit Code by Nikyt0x - Soulblack Security Research Advisory: http://www.soulblack.com.ar/repo/papers/phpstatadvisory.txt Saludos: Soulblack Staff, Status-x, NeosecurityTeam, KingMetal, SWP, Trespasser... [email protected]...

PHP Stat Administrative User Authentication Bypass

=========================================================== ============================================================ Title: PHP Stat Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 25/05/2005 Severity: Medium. PHP Stat Administrative User Authentication...