DEBIAN-CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

Ethereal <= 0.10.9 "3G-A11" Remote Buffer Overflow Exploit (2)

No description provided by source. / Ethereal IAPP remote buffer overflow 2 PoC exploit --------------------------------------------------- To test this vulnerability on windows, try to send 3-10 packets that will trigger the crash, and scroll between captured packets in Ethereal. Coded by Leon...

MS Windows JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028)

No description provided by source. / =============================================================== Windows JPEG GDI+ Overflow Download Shellcoded Exploit MS04-028 Coded By ATmaCA Credit to eEye Digital Security,K-OTik Security,FoToZ,pathetic. E-Mail:[email protected] Web:www.prohack.net...

Null pointer dereference

Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via a .ics file containing 1 a large 16-bit integer on a TRIGGER line, or 2 a large integer...

MS Windows Message Queuing Service RPC BOF Exploit (MS07-065)

No description provided by source. / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 by axis http://www.ph4nt0m.org you should know the dnsname of target to trigger this vuln the service runs on port 2103/2105/2107 D:\soft\develop\MyProjects\temp\Debugtemp.exe -h 192.168.152.100 -...

Authentication flaw

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

asa-2007-015.rb.txt

!/usr/bin/env ruby author = tenkeiev Script to test chaniax for the vuln in ASA-2007-015 Trigger subtypes of 11 or 12 will crash an unpatched server First establish a call - send new, recv accept, send ack, recv answer, send ack Then send IAX2 control packets with subtypes 0x0b or 0x0c that conta...

Asterisk 1.2.221.4.8 - IAX2 Channel Driver Remote Crash

Asterisk 1.2.221.4.8 - IAX2 Channel Driver Remote Crash !/usr/bin/env ruby author = tenkeiev Script to test chaniax for the vuln in ASA-2007-015 Trigger subtypes of 11 or 12 will crash an unpatched server First establish a call - send new, recv accept, send ack, recv answer, send ack Then send IA...

nf}_conntrack_sctp: remotely triggerable NULL ptr dereference

The sctpnew function in 1 ipconntrackprotosctp.c and 2 nfconntrackprotosctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference...

Re: GDI+ and Internet Explorer question

IE has its own image decoders for many image types jpeg, ico, etc. You can trigger this bug remotely by renaming your .ico to .emf or .wmf, which forces it be opened by the Picture and Fax Viewer using GDI+. -HD On Saturday 09 June 2007 06:40, [email protected] wrote: fails to crash my Internet...

CVE-2007-2112

CVE-2007-2112 is an authentication bypass in Oracle Database 10.1.0.5 and 10.2.0.3 (DB05). The description states that remote authenticated users may bypass the AUTH_ALTER_SESSION policy via an AFTER LOGON ON DATABASE trigger, and notes this as related to CVE-2006-0547. The connected documents al...

Bypass Oracle Logon Trigger

Bypass Oracle Logon Trigger Name Bypass Oracle Logon Trigger 7826485 DB05 Systems Affected Oracle 8-10g Rel. 2 Severity High Risk Category Bypass Security Feature Database Logon Trigger Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com CVE Advisory 17...

Apache mod_rewrite (Windows x86) - Off-by-One Remote Overflow

Apache modrewrite Windows x86 - Off-by-One Remote Overflow !/bin/sh Exploit for Apache modrewrite off-by-oneWin32. by axis http://www.ph4nt0m.org 2007-04-06 Tested on Apache 2.0.58 Win32 Windows2003 CN SP1 Vulnerable Apache Versions: 1.3 branch: 1.3.28 and 2.0.46 and 2.2.0 and 2006-08-20...

IBM Lotus Domino Server 6.5 PRE AUTH Remote Exploit

Exploit for unknown platform in category remote exploits =================================================== IBM Lotus Domino Server 6.5 PRE AUTH Remote Exploit =================================================== !/usr/bin/python IBM Lotus Domino Server 6.5 PRE AUTH Remote Exploit Tested on windo...

PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

CVE-2007-1231

Multiple cross-site scripting XSS vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 database name, 2 table name, 3 ViewName, 4 view, 5 trigger, and 6 function fields in main.php and certain other files...

CVE-2007-1231

Multiple cross-site scripting XSS vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 database name, 2 table name, 3 ViewName, 4 view, 5 trigger, and 6 function fields in main.php and certain other files...

Adobe reader plugin PDF files universal crossite scripting

By using URIs like http://path/to/pdf/file.pdfwhatevernameyouwant=javascript:yourcodehere it's possible to execute code in context of any Web site where at least one PDF is stored. 2. By using "trigger action" in PDF document it's possible to execute code in context of the web page where...

SQL SERVER security risks--triggers-vulnerability warning-the black bar safety net

| This article is dedicated to the cross I of the development program teacher-XI'an ZHAOLONG of the week the teacher, and learning together AT2Q6101 of classmates. Trigger permissions and ownership CREATE TRIGGER permissions default to the definition of the trigger table owner, members of the...

phpFox XSS Injection

Exploit found by Maximize -- jjj.zkpber.pbz -- ------------------------------------------------------------------- Step1: When editing your profile, in the about me section put the following code img src="http://xss.xss/xss.jpg" z=' Step2: In the field under the About me section put the following...