5493 matches found
Need for Speed 2 Remote Client Buffer Overflow Exploit
Exploit for unknown platform in category dos / poc ====================================================== Need for Speed 2 Remote Client Buffer Overflow Exploit ====================================================== / Need for Speed 2 Remote Client Buffer Overflow Exploit - 23.01.2004 by Luigi...
CVE-2003-0984
Real time clock RTC routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space...
[Advisory] Powerslave 4.3 Information Leak Vuln.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================= H Zero Seven Security Advisory Product : FlyingDog Software - Powerslave Portalmanager Impact : information leak vulnerability Issue date: 19 Sept. 2003 Update : Powerslave 4.4.3pl3 Affected :...
MS Windows (RPC DCOM2) Remote Exploit (MS03-039)
No description provided by source. / RPCDCOM2.c ver1.1 copy by FLASHSKY flashsky at xfocus.org 2003.9.14 / include stdio.h include winsock2.h include windows.h include process.h include string.h include winbase.h unsigned char bindstr=...
Flying Dog Software Powerslave 4.3 Portalmanager - 'sql_id' Information Disclosure
source: https://www.securityfocus.com/bid/8659/info It has been reported that Powerslave Portalmanager is prone to an information disclosure issue that may allow remote attackers to gain access to sensitive information about the underlying database structure. The problem is reported to exist in t...
Flying Dog Software Powerslave 4.3 Portalmanager - sql_id Information Disclosure
Flying Dog Software Powerslave 4.3 Portalmanager - sqlid Information Disclosure source: https://www.securityfocus.com/bid/8659/info It has been reported that Powerslave Portalmanager is prone to an information disclosure issue that may allow remote attackers to gain access to sensitive informatio...
Microsoft Windows NetBIOS information leak
Uninitialized memory structure during reply to NetBIOS name request allows attacker to read few bytes from remote host's memory...
RIP Detection
RIP is an Interior Gateway Protocol and is based on the distance vector routing algorithm. Routing tables may disclose your internal network architecture and help a remote attacker. C Tenable Network Security, Inc. References: RFC 1058 Routing Information Protocol RFC 2453 RIP Version 2 0 1 2 3 4...
Shattering SEH II
========================================================================= = Shattering SEH II = = [email protected] = http://www.security-assessment.com = = Originally posted: July 28, 2003 ========================================================================= == Background =...
Windows 2003/XP gethostbyaddr() NULL pointer bug
If invalid CNAME in reverse lookup zone is specified, gethostbyaddr returns hostent structure with name pointer set to NULL...
TOPO 1.41 - Full Path Disclosure
TOPO 1.41 - Full Path Disclosure source: https://www.securityfocus.com/bid/6768/info It has been reported that TOPo may return information to users that is sensitive in nature. Under some circumstances, it is possible to produce an error message that reveals information about web directory...
TOPO 1.41 - Full Path Disclosure
source: https://www.securityfocus.com/bid/6768/info It has been reported that TOPo may return information to users that is sensitive in nature. Under some circumstances, it is possible to produce an error message that reveals information about web directory structure. This could result in more...
NetBSD Security Advisory 2002-007: Repeated TIOCSCTTY ioctl can corrupt session hold counts
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-007 ================================= Topic: Repeated TIOCSCTTY ioctl can corrupt session hold counts Version: NetBSD-current: source prior to July 21, 2002 NetBSD-1.6 beta: source prior to July 23, 2002 NetBSD-1.5.: source prior to...
LEVERAGING CROSS-PROTOCOL SCRIPTING IN MSIE
The following was researched and written before I installed IE SP1. read to the bottom to see whats changed LEVERAGING CROSS-PROTOCOL SCRIPTING IN MSIE ---------------------------------------------------------------------------- -------------------------- Introduction...
Directory content leakage in Abyss
Using URL with number of /// it's possible to obtain directory listing...
EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability
Remote PGP Outlook Encryption Plug-in Vulnerability Release Date: July 10, 2002 Severity: High Remote Code Execution Systems Affected: NAI PGP Desktop Security 7.0.4 NAI PGP Personal Security 7.0.3 NAI PGP Freeware 7.0.3 Description: The beer is still cold, the days are still long, the exploits...
Partial access to local files via CSS in Internet Explorer
Via .oFile.cssText property of Link object it's possible to get partial content of any file with structure close to CSS...
SilverStream Database Structure Disclosure
An unauthenticated, remote attacker can discover the internal structure of the remote SilverStream database by sending a special request. %NASLMINLEVEL 70300 This script was written by Tor Houghton, but I looked at "htdig" by Renaud Deraison Changes by rd: - phrasing in the report - pattern read...
EFTP Server 2.0.7.337 - Directory Existence File Existence
EFTP Server 2.0.7.337 - Directory Existence File Existence source: https://www.securityfocus.com/bid/3333/info A user can confirm the existence and location of files and directory structure information, by submitting a 'size' or 'mdtm' command of a file. If the command is carried out by the...
EFTP Server 2.0.7.337 - Directory Existence / File Existence
source: https://www.securityfocus.com/bid/3333/info A user can confirm the existence and location of files and directory structure information, by submitting a 'size' or 'mdtm' command of a file. If the command is carried out by the vulnerable service, the attacker can confirm the location of the...