2659 matches found
Multiple DoS, CSRF and XSS vulnerabilities in ADSL modem Callisto 821+
Hello 3APA3A! This is the last advisory in which I'll warn you about new multiple security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. This time I will tell you about Security section of control panel, which is full of vulnerabilities. These are Denial of Service,...
DEC Alpha Linux <= 3.0 Local Root Exploit
No description provided by source. / DEC Alpha Linux = 3.0 local root exploit by Dan Rosenberg @djrbliss Usage: $ gcc alpha-omega.c -o alpha-omega $ ./alpha-omega Notes: -Payload specific to = 2.6.28 no cred struct, modify as needed -Socket trigger tested on 2.6.28 adjust offset as needed -INETDI...
DEC Alpha Linux 3.0 Local Root Exploit
/ DEC Alpha Linux include include include include include include include include include include define SYSosfwait4 7 define SOCKOFFSET 552 / Offset of skdestruct fptr in sock struct, change for your kernel / define PAGESIZE 8192 / DEC alpha page size is 8K / define KERNELBASE 0xfffffc0000000000...
Linux Kernel 2.6.283.0 (DEC Alpha Linux) - Local Privilege Escalation
Linux Kernel 2.6.283.0 DEC Alpha Linux - Local Privilege Escalation / DEC Alpha Linux include include include include include include include include include include define SYSosfwait4 7 define SOCKOFFSET 552 / Offset of skdestruct fptr in sock struct, change for your kernel / define PAGESIZE 819...
DEC Alpha Linux <= 3.0 Local Root Exploit
Exploit for linux platform in category local exploits / DEC Alpha Linux include include include include include include include include include include define SYSosfwait4 7 define SOCKOFFSET 552 / Offset of skdestruct fptr in sock struct, change for your kernel / define PAGESIZE 8192 / DEC alpha...
CVE-2011-1676
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via 1 an action description, 2 an action message, 3 a node, or 4 a taxonomy term, related to the actions feature and the...
CVE-2010-3094
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via 1 an action description, 2 an action message, 3 a node, or 4 a taxonomy term, related to the actions feature and the...
CVE-2010-3094
CVE-2010-3094 describes multiple XSS vulnerabilities in Drupal 6.x before 6.18. The issues allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action description, (2) an action message, (3) a node, or (4) a taxonomy term, related to the actio...
CVE-2010-3094
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via 1 an action description, 2 an action message, 3 a node, or 4 a taxonomy term, related to the actions feature and the...
Fedora 12 : krb5-1.7.1-9.fc12 (2010-8805)
Shawn Emery discovered a remotely-triggerable NULL pointer dereference in the Kerberos GSS-API library which could be used to cause GSS-API-authenticated services to crash. This update incorporates fixes to instead correctly detect the error and return an error code. Note that Tenable Network...
Oracle DB SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger
This module will escalate an Oracle DB user to MDSYS by exploiting a sql injection bug in the MDSYS.SDOTOPODROPFTBL trigger. After that exploit escalate user to DBA using "CREATE ANY TRIGGER" privilege given to MDSYS user by creating evil trigger in system scheme 2-stage attack. This module...
RPM SelectElite 5.0 - .xml Configuration parsing Unicode Buffer Overflow (PoC)
RPM SelectElite 5.0 - .xml Configuration parsing Unicode Buffer Overflow PoC !/usr/bin/python RPM Select/Elite v5.0 .xml config parsing unicode buffer overflow PoC Found by: mrme - http://net-ninja.net/ Homepage: http://lpd.brooksnet.com/ Download: http://www.brooksnet.com/download-rpmselect Test...
Discuz7. X registration code to extract the XSS cross-site vulnerabilities-vulnerability warning-the black bar safety net
Vulnerability file: ajax.php Code reading: $message = "span id="seccodeswf".$ secchecktype.""& gt;/span". extensionloaded"ming" ? "script type="text/javascript" reload="1"\n$"seccodeswf$secchecktype". innerHTML=ACFLRunContent "width", "$seccodedatawidth", "height", "$seccodedataheight", "src",...
Command injection
The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script...
Media Jukebox 8.0.400 - Local Buffer Overflow (SEH) (Metasploit)
Media Jukebox 8.0.400 - Local Buffer Overflow SEH Metasploit $Id: mediajukebox.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...
WebSphere 7.0.0.* < 7.0.0.3 在z-OS上的多触发漏洞
No description provided by source...
Integer overflow
Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via 1 a crafted Content-Length HTTP header or 2 a large HTTP request, related to an integer overflow tha...
Enlightenment - Linux Null PTR Dereference Exploit Framework
No description provided by source. / enlightenment 200909092307 To create your own exploit module for enlightenment, just name it expwhatever.c It will be auto-compiled by the runexploits.sh script and thrown into the list of loaded exploit modules Each module must have the following features: It...
Enlightenment - Linux Null PTR Dereference Exploit Framework
Exploit for linux platform in category local exploits ============================================================ Enlightenment - Linux Null PTR Dereference Exploit Framework ============================================================ / enlightenment 200909092307 To create your own exploit modu...