7411 matches found
DSA-1642-1 horde3 - cross site scripting
Bulletin has no description...
DSA-1632-1 tiff - arbitrary code execution
Bulletin has no description...
webshell upload asp file called Server ActiveX control overflow access shell-vulnerability warning-the black bar safety net
| --- Do windows System penetration testing when there is a webshell, but don't get the shell, used to elevate privileges, it is a very depressing thing. In General, the use of mdb jet engine overflow is more common, but sometimes depending on the server installed on third-party software, the use...
DSECRG-08-035.txt
Digital Security Research Group DSecRG Advisory DSECRG-08-035 Application: Gallery Versions Affected: 1.5.7, 1.6-alpha3 Vendor URL: http://gallery.menalto.com/ Bug: Local File Include Exploits: YES Reported: 14.07.2008 Vendor response: 15.07.2008 Solution: YES Date of Public Advisory: 08.08.2008...
lovecms-update.txt
!/usr/bin/ruby Exploit by PoMdaPiMp! --------------------- pomdapimpatgmaildotcom LoveCMS Exploit Series Episode 3: changing site settings ... Description: Simply change the site settings ! Usage: ./LoveCMS3settings.rb Ex: ./LoveCMS2themes.rb http://site.com/lovecms/ Tested on: lovecms1.6.2final...
DD-WRT - Site Survey SSID Script Injection
source: https://www.securityfocus.com/bid/30573/info DD-WRT is prone to a script-injection vulnerability because it fails to adequately sanitize user-supplied data to the 'Site Survey' section of the administrative web interface. Attackers can exploit this issue to execute arbitrary script code i...
aflistenerdirectorytraversal-08_006.txt
Portcullis Security Advisory - 08-006 Vulnerable System: Affinium Campaign Vulnerability Title: The Listener is vulnerable to directory traversal. Vulnerability Discovery And Development: Portcullis Security Testing Services. Credit For Discovery: Tim Brown - Portcullis Computer-Security Ltd...
Minishowcase 09b136 (lang) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================= Minishowcase 09b136 lang Local File Inclusion Vulnerability ============================================================= Digital Security Research Group DSecRG Advisory...
DSECRG-08-033.txt
Digital Security Research Group DSecRG Advisory DSECRG-08-033 Application: Pixelpost photoblog Versions Affected: 1.7.1 Vendor URL: http://www.pixelpost.org/ Bug: Local File Include Exploits: YES Reported: 22.07.2008 Vendor response: 23.07.2008 Solution: YES Date of Public Advisory: 28.07.2008...
PixelPost 1.7.1 - language_full Local File Inclusion
PixelPost 1.7.1 - languagefull Local File Inclusion Digital Security Research Group DSecRG Advisory DSECRG-08-033 Application: Pixelpost photoblog Versions Affected: 1.7.1 Vendor URL: http://www.pixelpost.org/ Bug: Local File Include Exploits: YES Reported: 22.07.2008 Vendor response: 23.07.2008...
Dokeos E-Learning System 1.8.5 - Local File Inclusion
Digital Security Research Group DSecRG Advisory DSECRG-08-029 Application: Dokeos E-Learning System Versions Affected: 1.8.5 Vendor URL: http://dokeos.com/ Bug: Local File Include Exploits: YES Reported: 01.07.2008 Vendor response: 05.07.2008 Solution: YES Date of Public Advisory: 17.07.2008...
DSEGRG-08-31.txt
Digital Security Research Group DSecRG Advisory DSECRG-08-31 Application: Interact E-Learning System Versions Affected: 2.4.1 Vendor URL: http://sourceforge.net/projects/cce-interact Bug: Local File Include Exploits: YES Reported: 03.07.2008 Vendor response: 04.07.2008 Solution: YES Date of Publi...
debopenssh-auth.txt
/ Debian maybe other derivates |KUDUBUTUNTU| OpenSSH Remote -=Authenticated=- SELinux Privilege Elevation Fedora/RHEL Linux should be tested because it MAY contain the same vulnerability in it's OpenSSH patches in a time slice. Latest OpenSSH should not be vulnerable. Older Debian Releases may. O...
MS Internet Explorer COM Objects File Download Exploit (MS05-038)
No description provided by source. /+++++++++++++++++++++++++++++++++++++++++++++++ Ms05 038 exploit POC Write By ZwelL 2005 8 11 http://www.donews.net/zwell [email protected] Some code belongs to Lioncnhonker, regards to him. This code tested on Windows 2003...
Linux Kernel "do_mremap" Local Proof of Concept II
No description provided by source. / Proof of concept code for testing domremap Linux kernel bug. It is based on the code by Christophe Devine and Julien Tinnes posted on Bugtraq mailing list on 5 Jan 2004 but it's safer since it avoids any kernel data corruption. The following test was done...
Fedora 9 : java-1.6.0-openjdk-1.6.0.0-0.16.b09.fc9 (2008-6439)
Tue Jul 8 2008 Lillian Angel - 1:1.6.0-0.16.b09 - Only apply hotspot security patch of jitarches. - Wed Jul 2 2008 Lillian Angel - 1:1.6.0-0.16.b09 - Added OpenJDK security patches. - Sat Jun 7 2008 Tom 'spot' Callaway - 1:1.6.0-0.16.b09 - enable sparc/sparc64 builds - Sat May 31 2008 Thomas...
Phpcms 2 0 0 7 remote file inclusion vulnerability-vulnerability warning-the black bar safety net
zzPhpcms 2 0 0 7 remote file include vulnerability url:http://www. wolvez. org/forum/redirect. php? tid=1 8 2&goto=lastpost This vulnerability is a more common variable coverage holes, where the transfer is due to the discovery of this vulnerability if it is a white box that you want to have a...
[SECURITY] Fedora 8 Update: sipp-3.1-2.fc8
SIPp is a free Open Source test tool / traffic generator for the SIP protoc ol. It includes a few basic SipStone user agent scenarios UAC and UAS and establishes and releases multiple calls with the INVITE and BYE methods. It can also reads custom XML scenario files describing from very simple to...
Multiple Vendors Malicious SVG File Denial of Service PoC
No description provided by source. """ Malicious SVG file DoS The following applications were tested in their latest revisions: Firefox's "browse for file, preview" object on linux: affected evince on linux: affected eog on linux: affected gimp on linux: affected inkscape on linux: unaffected...
Citadel/UX Remote Denial of Service Exploit (PoC)
No description provided by source. / citadeldos.c Citadel/UX Remote DoS exploit Proof of Concept Tested in Slackware 9.0.0 / 9.1.0 / 10.0.0 by CoKi [email protected] No System Group - http://www.nosystem.com.ar / include stdio.h include stdlib.h include unistd.h include errno.h include string....