156 matches found
Slackware: Security Advisory (SSA:2004-239-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpdx 1.5.4 Heap Overflow
!/usr/bin/perl -w ====================================================================== Exploit Title: httpdx UnhandledExceptionFilter ====================================================================== use strict; use IO::Socket::INET; target my $host = "127.0.0.1"; The perl|php|py|.. page t...
Epson EventManager 2.50 - Denial of Service
Luigi Auriemma Application: Epson EventManager http://www.epson.com Versions: 53 PUSH EBX 01639680 |. 8B5C24 24 MOV EBX,DWORD PTR SS:ESP+24 01639684 |. 53 PUSH EBX 01639685 |. 50 PUSH EAX 01639686 |. E8 25F8FFFF CALL epnsm.01638EB0 ; parse "x-protocol-version"...
FCrackZip 1.0 Buffer Overflow
Exploit Title: FCrackZip Local Buffer Overflow PoC Date: September 5th, 2010 Author: 0x6264 Software Link: http://oldhome.schmorp.de/marc/data/fcrackzip-1.0.tar.gz Version: 1.0 Tested on: Ubuntu 10.04 CVE : None Software Description: fcrackzip is a zip password cracker, similar to fzc, zipcrack a...
Heap overflow
Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 5.00.062, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a...
CVE-2007-2489
Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 5.00.062, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a...
CVE-2007-2489
Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 5.00.062, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a...
CVE-2006-3355
Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll allows remote attackers to execute arbitrary code via a long URL, which is not properly terminated before being used with the strncpy function. NOTE: This appears to be the result of an incomplete patch for CVE-2004-0982...
CVE-2006-0720
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file...
ProFTPd Local pr_ctrls_connect Vuln - ftpdctl
Exploit for linux platform in category local exploits ============================================= ProFTPd Local prctrlsconnect Vuln - ftpdctl ============================================= / This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be...
ProFTPd - ftpdctl pr_ctrls_connect Local Overflow
ProFTPd - ftpdctl prctrlsconnect Local Overflow / This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be configured with option --enable-ctrls. Bug exist in func tion prctrlsconnect in file "src/ctrls.c", look: "src/ctrls.c" int prctrlsconnectconst...
ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Local Overflow
/ This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be configured with option --enable-ctrls. Bug exist in func tion prctrlsconnect in file "src/ctrls.c", look: "src/ctrls.c" int prctrlsconnectconst char socketfile ... struct sockaddrun clsock,...
security flaw
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks...
CVE-2003-0465
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks...
CVE-2003-0465
The CVE-2003-0465 issue affects the Linux kernel (2.4/2.5) where strncpy does not pad with null bytes on architectures other than x86, potentially allowing information leaks. Red Hat’s RHSA-2004:188 and related advisories document this as a kernel vulnerability with fixes in updated kernel packag...
Progress Database vulnerabilities
strcpy and pstcopy dbutpstcopy are BAD!@@!$! you need to make use of strncpy or invent pstncopy This is straight from the unix man pages for strcpy NAME strcpy, strncpy - copy a string SYNOPSIS include string.h char strcpychar dest, const char src; BUGS If the destination string of a strcpy is no...