Lucene search
K

2024 matches found

seebug.org
seebug.org
added 2006/12/06 12:0 a.m.32 views

Microsoft Windows图形设备接口附加库拒绝服务

No description provided by source. !/bin/perl 0-day crash poc gdiplus.dll by Mr.Niega Check out hex offset 2e play with the 2byte's, set it to 20 if you want a non crashing ico file Division by zero this POC tested with: win XP ENG sp2 And for SYS 49152 im that 0daysec guy ; Rename Poc.ico to...

7.1AI score
Exploits0
CERT
CERT
added 2006/11/27 12:0 a.m.17 views

NetGear wireless driver fails to properly process specially-crafted 802.11 management frames

Overview A buffer overflow vulnerability exists in the Netgear WG311ND5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The WG311ND5.SYS driver is a wireless 802.11g device driv...

7.5CVSS7.4AI score0.14498EPSS
Exploits1References3
CVE
CVE
added 2006/11/22 1:0 a.m.46 views

CVE-2006-6059

The CVE-2006-6059 issue affects Netgear MA521 PCMCIA adapter’s MA521nd5.SYS driver (version 5.148.724.2003). A buffer overflow in the driver can be triggered by 802.11 management frames (beacon or probe responses with long supported rates element), allowing remote attackers to execute arbitrary c...

10CVSS7.9AI score0.18755EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/11/22 1:0 a.m.22 views

CVE-2006-6059

Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via 1 beacon or 2 probe 802.11 frame responses with an long supported rates information element. NOTE: this issue was reported as a "memory corruption" error, b...

7.9AI score0.18755EPSS
Exploits1References7
Gentoo Linux
Gentoo Linux
added 2006/11/20 12:0 a.m.23 views

TORQUE: Insecure temporary file creation

Background TORQUE is a resource manager providing control over batch jobs and distributed compute nodes. Description TORQUE creates temporary files with predictable names. Please note that the TORQUE package shipped in Gentoo Portage is not vulnerable in the default configuration. Only systems wi...

7.2CVSS6.8AI score0.00337EPSS
Exploits0
NVD
NVD
added 2006/11/14 7:7 p.m.15 views

CVE-2006-5882

Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field...

8.3CVSS8.1AI score0.13013EPSS
Exploits3References9
Cvelist
Cvelist
added 2006/11/14 7:0 p.m.19 views

CVE-2006-5882

Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field...

8.1AI score0.13013EPSS
Exploits3References9
CVE
CVE
added 2006/11/14 7:0 p.m.45 views

CVE-2006-5882

CVE-2006-5882 describes a stack-based overflow in the Broadcom BCMWL5.SYS wireless device driver (version 3.50.21.10), used by Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products. The vulnerability allows remote attackers within an adjacent network to execute ar...

8.3CVSS8.1AI score0.13013EPSS
Exploits3References9Affected Software1
CERT
CERT
added 2006/11/14 12:0 a.m.12 views

Broadcom wireless driver fails to properly process 802.11 probe response frames

Overview A buffer overflow vulnerability exists in the Broadcom BCMWL5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The BCMWL5.SYS driver is a wireless 802.11 device driver...

7.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/11/06 12:0 a.m.19 views

Solaris 9 (sparc) : 113801-12

Sun Cluster 3.1: Core/Sys Admin Patch. Date this patch was last updated by Sun : May/20/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

7AI score
Exploits0References1
seebug.org
seebug.org
added 2006/10/28 12:0 a.m.16 views

Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version

No description provided by source. / ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard overflow and return into li...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/10/07 12:0 a.m.33 views

[Reversemode Advisory] Symantec Antivirus Engine Privilege Escalation

Symantec Antivirus Engine is prone to a local privilege escalation vulnerability. Two Device Drivers are affected: NAVEX15.sys, NAVENG.sys. NAVEX15.sys LOW CONSTANT VALUE PAGE:0004B611 sub edx, 222AD3h PAGE:0004B617 push esi PAGE:0004B618 jz short loc4B63C loc4B63C: mov edx, ecx+3Ch PAGE:0004B63F...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/30 12:0 a.m.45 views

Apple Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation

/ excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are invalidated, to make sure unauthorized processes do not retain control o...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/08/21 12:0 a.m.13 views

Solaris 9 (sparc) : 121316-02

SunOS 5.9: kernel/sys/doorfs Patch. Date this patch was last updated by Sun : Aug/10/06 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

7.3AI score
Exploits0References1
seebug.org
seebug.org
added 2006/08/17 12:0 a.m.57 views

Oracle DBMS绕过登录访问控制漏洞

BUGTRAQ ID: 16287 CVECAN ID: CVE-2006-0256 Oracle Database是一款大型商业数据库系统。 Oracle Database的登录过程实现存在漏洞,远程攻击者可能在登录过程中对服务器进行SQL注入攻击。...

10CVSS6.3AI score0.0422EPSS
Exploits1
Packet Storm
Packet Storm
added 2006/08/03 12:0 a.m.36 views

gdiplus.pl.txt

!/bin/perl 0-day crash poc gdiplus.dll by Mr.Niega Check out hex offset 2e play with the 2byte's, set it to 20 if you want a non crashing ico file Division by zero this POC tested with: win XP ENG sp2 And for SYS 49152 im that 0daysec guy ; Rename Poc.ico to Poc.png and have it as display picture...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/08/02 12:0 a.m.39 views

Gdiplus.dll division by 0

!/bin/perl 0-day crash poc gdiplus.dll by Mr.Niega Check out hex offset 2e play with the 2byte's, set it to 20 if you want a non crashing ico file Division by zero this POC tested with: win XP ENG sp2 And for SYS 49152 im that 0daysec guy ; Rename Poc.ico to Poc.png and have it as display picture...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2006/07/15 12:0 a.m.17 views

mspp-poc1.txt

/----------------------------------------------------------------------------------------- MS Power Point Unspecified vulnerability POC nice SYS 49152 what about rar ? sorry no more comments : figure it yourself some greetz goes to waqas : Tested against Power Point ' 03 -- naveed...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/07/12 12:0 a.m.50 views

msword-hlink-ohday.txt

Hi people, the same problem concerning hlink.dll already exploited in excel is present even in Microsoft Word, but Word 2003 seems, luckily, not vulnerable. this one is the public 0-day I made for Microsoft Word. the author is "SYS 49152" obviusly it's a local sploit .. best regards. SYS 49152...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/07/09 12:0 a.m.28 views

Microsoft Word 20002003 - Hlink Local Buffer Overflow

Microsoft Word 20002003 - Hlink Local Buffer Overflow !/bin/perl Microsoft Word hlink 0-day by SYS 49152 this POC works only with: win 2ksp4 ENG + word 2000/XP all versions. win XP ENG sp1/sp2 + word XP 2002 SP3. Word 2003 is not vulnerable. bindshell on port 49152 hey kids.. I hope you know how ...

0.1AI score
Exploits0
Rows per page
Query Builder