2023 matches found
Microsoft Excel Universal Hlink Local Buffer Overflow Exploit
No description provided by source. excel hlink overflow UNIVERSAL poc by SYS 49152 public version works with ANY of the following oses/office combinations: -windows 2k sp4/XP SP1/XP SP2 -office 2000/Xp/2003 bindshell on port 49152 thanks go to BuzzDee for some things.. credits to kcope for findin...
Microsoft Excel - Universal Hlink Local Buffer Overflow
excel hlink overflow UNIVERSAL poc by SYS 49152 public version works with ANY of the following oses/office combinations: -windows 2k sp4/XP SP1/XP SP2 -office 2000/Xp/2003 bindshell on port 49152 thanks go to BuzzDee for some things.. credits to kcope for finding the vuln.. I'm always ready to jo...
phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ============================================================= phpMyChat 0.15.0dev SYS enter Remote Code Execution Exploit ============================================================= !/usr/bin/php -q -d shortopentag=on works with...
phpMyChat 0.14.5 - SYS enter Remote Code Execution
phpMyChat 0.14.5 - SYS enter Remote Code Execution !/usr/bin/php -q -d shortopentag=on query"INSERT INTO ".CMSGTBL." VALUES $T, '$R', 'SYS exit', '', ".time.", '', 'sprintfLEXITROM, "".specialchar$U,$Latin1,1.""'"; $kicked = 3; ... have a look to "T" argument, it is not sanitized before to be...
Buffer overflow
Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTHALTERSESSION attribute in the authentication phase of t...
CVE-2006-0547
Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTHALTERSESSION attribute in the authentication phase of t...
CVE-2006-0081
CVE-2006-0081 affects the Intel Graphics Accelerator Driver 6.14.10.4308 (ialmrnt5 display driver). The vulnerability is a denial of service caused by an overly long text field in a window title, leading to a crash or screen resolution change. The connected documents confirm the affected componen...
CVE-2006-0081
ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service crash or screen resolution change via a long text field, as demonstrated using a long window title...
Design/Logic Flaw
ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service crash or screen resolution change via a long text field, as demonstrated using a long window title...
NBD Tools: Buffer overflow in NBD server
Background The NBD Tools are the Network Block Device utilities allowing one to use remote block devices over a TCP/IP network. It includes a userland NBD server. Description Kurt Fitzner discovered that the NBD server allocates a request buffer that fails to take into account the size of the rep...
Fedora Core 3 : perl-5.8.5-22.FC3 (2005-1145)
o Updated upstream fix for sprintf integer overflow vulnerabilities CVE-2005-3962 and CVE-2005-3912, including new Sys::Syslog 0.08 o Updated fix for bug 136009 / MakeMaker LDRUNPATH issue: restore previous default Red Hat behavior of removing the MakeMaker generated LDRUNPATH setting from the li...
Fedora Core 4 : perl-5.8.6-22 (2005-1144)
o Updated upstream fix for sprintf integer overflow vulnerabilities CVE-2005-3962 and CVE-2005-3912, including new Sys::Syslog 0.08 o Updated fix for bug 136009 / MakeMaker LDRUNPATH issue: restore previous default Red Hat behavior of removing the MakeMaker generated LDRUNPATH setting from the li...
MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:220 http://www.mandriva.com/security/ Package : kernel Date : November 30, 2005 Affected: 10.2 Problem Description: Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this...
[ GLSA 200511-17 ] FUSE: mtab corruption through fusermount
Gentoo Linux Security Advisory GLSA 200511-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)
No description provided by source. / Due to many responses i've improved the exploit to cover more systems! ONGBAK v0.9 october 24th 05 """""""""""""""""""""""""""""""""""" o universal "shellcode" added o try to use all possible memory regions o bugfixes qobaiashi@voyager:/w00nf/kernelsploit...
Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow
/ THCsnortbo 0.3 - Snort BackOrifice PING exploit by [email protected] THC PUBLIC SOURCE MATERIALS Bug was found by Internet Security Systems http://xforce.iss.net/xforce/alerts/id/207 v0.3 - removed/cleaned up info for public release v0.2 - details added, minor changes v0.1 - first release Greetz to al...
GNU Mailutils imap4d 0.6 (search) Remote Format String Exploit (fbsd)
No description provided by source. / Copyright c 2005 Rosiello Security http://www.rosiello.org Permission is granted for the redistribution of this software electronically. It may not be edited in any way without the express written consent of Rosiello Security. Disclaimer: The author published...
GLSA-200507-22 : sandbox: Insecure temporary file handling
The remote host is affected by the vulnerability described in GLSA-200507-22 sandbox: Insecure temporary file handling The Gentoo Linux Security Audit Team discovered that the sandbox utility was vulnerable to multiple TOCTOU Time of Check, Time of Use file creation race conditions. Impact : Loca...
sandbox: Insecure temporary file handling
Background sandbox is a Gentoo Linux utility used by the Portage package management system. Description The Gentoo Linux Security Audit Team discovered that the sandbox utility was vulnerable to multiple TOCTOU Time of Check, Time of Use file creation race conditions. Impact Local users may be ab...
zlib: Buffer overflow
Background zlib is a widely used free and patent unencumbered data compression library. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...