CVE-2011-0776

The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat system call...

CVE-2011-0776

The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat system call...

CVE-2011-0776

Removed by vendor...

CVE-2011-0754

The SplFileInfo::getType function in the Standard PHP Library SPL extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack...

CVE-2011-0754

The SplFileInfo::getType function in the Standard PHP Library SPL extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack...

Cross site scripting

The SplFileInfo::getType function in the Standard PHP Library SPL extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack...

stat(2)-based Context Keyed Payload Encoder

This is a Context-Keyed Payload Encoder based on stat2 and Shikata Ga Nai. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/poly' class MetasploitModule 'stat2-based Context Keyed Payload Encoder',...

sudo -- Privilege escalation with sudoedit

Todd Miller reports: When sudo performs its command matching, there is a special case for pseudo-commands in the sudoers file currently, the only pseudo-command is sudoedit. Unlike a regular command, pseudo-commands do not begin with a slash '/'. The flaw is that sudo's the matching code would on...

WS_FTP FTPD "STAT"command overflow parsing-vulnerability warning-the black bar safety net

The following analysis is based on the WSFTP Server 4.0.1. EVAL 4 7 1 5 6 3 1 4version, only the analysis of the“STAT”command overflow . In fact, WSFTP in processing STAT command, many places are length of the judgment, however, there is a place he has been missed, Well, our chance came.:...

X-Stat存在跨站脚本执行(CSS/XSS)漏洞

X-Stat在脚本过滤实现上不充分，存在跨站脚本可执行而导致目标用户泄露基于COOKIE认证的敏感信息。 X-Stat中的xstatadmin.php脚本对URL参数没有充分过滤，可导致恶意用户建立包含恶意脚本代码的连接，当此连接被WEB用户点击浏览时，脚本代码在WEB用户的浏览器中执行。 成功利用此漏洞可以导致攻击者获得WEB用户的基于COOKIE认证的敏感信息 Xqus X-Stat 2.3 Xqus X-Stat 2.2 临时解决方法： 如果您不能立刻安装补丁或者升级，建议您采取以下措施以降低威胁： 对xstatadmin.php脚本进行javascript脚本代码过滤。 厂商补丁...

X-Stat路径信息泄露漏洞

BUGTRAQ: 4279 X-Stat由于对部分错误WEB请求处理存在问题可导致绝对路径泄露。 攻击者可以对X-Stat系统中的xstatadmin.php脚本参数action提交不存在的变量，可导致相关绝对路径泄露给攻击者。 攻击者可以通过这些信息，对目标系统进行进一步的攻击。 Xqus X-Stat 2.3 Xqus X-Stat 2.2 临时解决方法： 如果您不能立刻安装补丁或者升级，建议您采取以下措施以降低威胁： 对xstatadmin.php脚本进行访问控制，防止未授权用户访问。 厂商补丁： Xqus ----...

XStat PHPInfo可导致信息泄露漏洞

BUGTRAQ: 4280 X-Stat是一款PHP语言编写免费的WEB通信分析程序，可以运行在Unix和Linux操作系统下，也可运行在Microsoft Windows操作系统平台下。 X-Stat由于对部分错误WEB请求处理存在问题可导致相关主机信息泄露。 攻击者可以对X-Stat系统中的xstatadmin.php脚本参数action提交phpinfo变量，可导致相关主机信息泄露给攻击者，包括主机信息，操作系统信息和服务器信息等。 攻击者可以通过这些信息，对目标系统进行进一步的攻击。 Xqus X-Stat 2.3 Xqus X-Stat 2.2 临时解决方法：...

kernel: x86-64: seccomp: 32/64 syscall hole

The securecomputing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x8664 platform, when CONFIGSECCOMP is enabled, does not properly handle 1 a 32-bit process making a 64-bit syscall or 2 a 64-bit process making a 32-bit syscall, which allows...

WFTPD Pro Server 3.30.0.1 Denial Of Service

/\ Title: WFTPD Pro Server 3.30.0.1 pre auth Multiple Remote Denial of Service Vulnerabilities Summary: Professional FTP server for Windows NT / 2000 / XP / 2003 Desc: WFTPD Pro Server 3.30.0.1 suffers from multiple remote vulnerabilities which resolves in denial of service. Several commands are...

CVE-2008-0884

The Replace function in the capp-lspp-config script in the 1 lspp-eal4-config-ibm and 2 capp-lspp-eal4-config-hp packages before 0.65-2 in Red Hat Enterprise Linux RHEL 5 uses lstat instead of stat to determine the /etc/pam.d/system-auth file permissions, leading to a change to world-writable...

CVE-2002-2245

NetBSD ftpd is affected on versions 1.5 through 1.5.3 and 1.6. The issue arises because the FTP server does not properly quote a digit in the response to a STAT command for a filename containing a carriage return followed by a digit, which can cause firewalls and other intermediary devices to los...

CVE-2002-2245

ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session...

Linux Omnikey Cardman 4040 driver Local Buffer Overflow Exploit PoC

No description provided by source. / Linux Omnikey Cardman 4040 driver buffer overflow CVE-2007-0005 Copyright C Daniel Roethlisberger [email protected] Compass Security Network Computing AG, Rapperswil, Switzerland. All rights reserved. http://www.csnc.ch/ / includesys/stat.h...

TinyPHP Forum 3.6 - 'makeAdmin' Remote Admin Maker

TinyPHPForum 3.6 Admin Maker By SirDarckCat from elhacker.net Existing User: document.forms0.action=prompt"Path to forum","http://www.server.com/tpf/"+"updatepf.php"; milw0rm.com 2006-08-02...

Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Inclusion

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ Minerva phpbbrootpath = 2.0.8a Build 237 Remote File Include Vulnerability $$ script site: http://sourceforge.net/projects/minerva/ $$ dork: Powered by Minerva 237 $$...