mole.com.ua Booking Script

Booking Script. Homepage: http://www.mole.com.ua PError with full path disclosure and possible buffer overflow?: http://www.example.com/week.php?year=2006&month=06&day=0' Warning: checkdate expects parameter 2 to be long, string given in...

Kaspersky Antivirus content filtering protection bypass

Small reassembly timeout during stateful filtering allows filtering bypass by breaking stream with pauses...

session spoofing and password theft probe-vulnerability warning-the black bar safety net

session spoofing article first briefly about the General asp system of the authentication principle. In General, the backend administrator login page enter the account password, the program will take him to submit a user name and password to the database administrator table to find if there is th...

HiveMail <= 1.3 (addressbook.add.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications =================================================================== HiveMail = 1.3 addressbook.add.php Remote Code Execution Exploit =================================================================== !/usr/bin/perl HiveMail = 1.3 remote...

Apache Httpd < 1.3.35 : Expect header Cross-Site Scripting

A flaw in the handling of invalid Expect headers. If an attacker can influence the Expect header that a victim sends to a target site they could perform a cross-site scripting attack. It is known that some versions of Flash can set an arbitrary Expect header which can trigger this flaw. Not marke...

Fedora Core 5 : gdm-2.14.1-1.fc5.2 (2006-338)

Notes taken from upstream release mail - The sockets connection between the slaves and the GDM daemon is now better managed to better ensure that sockets are never left open. Brian Cameron - Corrected bug that causes a core dump when you click on gdmgreeter fields that have an id. Brian Cameron -...

DEBIAN-CVE-2006-1726

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the jsValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method...

[Full-disclosure] sendmail stuff2

written in a rush, pardon the mess ; not that ive gotten that far but here is my confirmed by mark to be close, thanks attack.... NOTE: ive just been informed that i need to fix something to makethis work, stand by. ALSO NOTE: the default timeout in collect is 1 hour, that means this exploit will...

CVE-2006-0058

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

security flaw

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

Sendmail signal I/O race condition

Overview A race condition in Sendmail may allow a remote attacker to execute arbitrary code. Description Sendmail Sendmail is a widely used mail transfer agent MTA. Mail Transfer Agents MTA MTAs are responsible for sending an receiving email messages over the internet. They are also referred to a...

Dropbear SSH server DoS

Limited static number of pre-authentication TCP connections with large timeout valued...

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload a short explaination: if a user cam call directly http://target/path/editor/filemanager/browser/default/connectors/php/connector.php he can upload malicious contempt on a target server, including arbitrary php code, and launch...

CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ================================================================= CuteNews CuteNews 1.4.1 re...

snmpwalk 'scanner'

This plugin runs snmpwalk against the remote machine to find open ports. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Battle Carry <= .005 Socket Termination Denial of Service Exploit

Exploit for unknown platform in category dos / poc ================================================================= Battle Carry include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h...

PHP-Nuke 7.8 - SQL Injection / Remote Command Execution

?php 20.05 23/10/2005 ---phpnuke78xpl.php PHPNuke 7.8 with all security fixes/patches "Downloads","WebLinks" & "YourAccount" modules SQL Injection / remote commands execution exploit yet not tested 7.9, but OK... by rgod site: http://rgod.altervista.org make these changes in php.ini if you have...

security flaw

The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service segmentation fault via certain crafted requests...

Squid proxy server DoS

Error in sslConnectTimeout function causes server to crash. Aborted request causes assert in proxy server...

DEBIAN-CVE-2005-2796

The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service segmentation fault via certain crafted requests...