Lucene search
+L

38 matches found

seebug.org
seebug.org
added 2014/03/05 12:0 a.m.26 views

大汉jget、source尚存在SQL注入漏洞

简要描述: 这两个测试的版本应该已经升级到U2了。应该再修复得细一点…… 详细说明: 厂商可以自己结合' or '%'=' 之类的来测试。很简单,如果全部用户回显出来了,那就是有注入了。 漏洞证明: http://www.gansu.gov.cn/source/objectbox/selectxuserlist.jsp?fnKeywords=test&perm=&cPage=1&tiao= http://www.gansu.gov.cn/jget/objectbox/selectxuserlist.jsp?fnKeywords=wanghui&perm=&cPage=1&tiao=...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/06/21 12:0 a.m.16 views

Rocket U2 UniData < 7.3 unidata72 RPC Interface Call Parsing Arbitrary Command Execution

Binary data unidatacommandexecution.nbin...

7.3AI score
Exploits0References1
NVD
NVD
added 2003/08/18 4:0 a.m.13 views

CVE-2003-0578

ccidir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files...

7.8CVSS7.6AI score0.00455EPSS
Exploits1References2
NVD
NVD
added 2003/08/18 4:0 a.m.13 views

CVE-2003-0580

Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument...

7.2CVSS7.6AI score0.00686EPSS
Exploits1References2
CVE
CVE
added 2003/07/17 4:0 a.m.47 views

CVE-2003-0578

IBM U2 UniVerse 10.0.0.9 and earlier are affected by CVE-2003-0578 through the cci_dir component, which can create hard links and unlink files as root. This allows local users to gain privileges by deleting and overwriting arbitrary files. Affected software: IBM U2 UniVerse (version 10.0.0.9 and ...

7.8CVSS6.9AI score0.00455EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2003/07/17 4:0 a.m.20 views

CVE-2003-0578

ccidir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files...

7.6AI score0.00455EPSS
Exploits1References2
Cvelist
Cvelist
added 2003/07/17 4:0 a.m.21 views

CVE-2003-0579

uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user...

6.7AI score0.00879EPSS
Exploits1References2
Cvelist
Cvelist
added 2003/07/17 4:0 a.m.22 views

CVE-2003-0580

Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument...

7.6AI score0.00686EPSS
Exploits1References2
CVE
CVE
added 2003/07/17 4:0 a.m.48 views

CVE-2003-0580

CVE-2003-0580 : A buffer overflow in uvadmsh affects IBM U2 UniVerse 10.0.0.9 and earlier, allowing the local uvadm user to execute arbitrary code via a long -uv.install command line argument. The vulnerability is caused by overflowing a buffer when handling the -uv.install parameter, with the do...

7.2CVSS7.9AI score0.00686EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2003/07/17 4:0 a.m.46 views

CVE-2003-0579

CVE-2003-0579 affects IBM U2 UniVerse before or at version 10.0.0.9, where uvadmsh trusts a user-supplied -uv.install command line option to locate and run uv.install. The flaw lets a local attacker cause execution of uv.install by supplying a pathname under the attacker’s control, enabling privi...

4.6CVSS7.1AI score0.00879EPSS
Exploits1References2Affected Software1
exploitpack
exploitpack
added 2003/07/16 12:0 a.m.10 views

IBM U2 UniVerse 10.0.0.9 - uvrestore Buffer Overflow (PoC)

IBM U2 UniVerse 10.0.0.9 - uvrestore Buffer Overflow PoC source: https://www.securityfocus.com/bid/8206/info It has been reported that the uvrestore binary does not perform bounds checking when parsing command-line arguments. Because this binary is installed with suid root privileges by default,...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2003/07/16 12:0 a.m.43 views

[Full-Disclosure] SRT2003-07-08-1223 - IBM U2 UniVerse uvadm can take root via buffer overflows

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/16 12:0 a.m.25 views

[Full-Disclosure] SRT2003-07-07-0831 - IBM U2 UniVerse cci_dir creates hard links as root

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2003/07/16 12:0 a.m.85 views

[Full-Disclosure] SRT2003-07-07-0833 - IBM U2 UniVerse users with uvadm rights can take root via uvadmsh

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2003/07/16 12:0 a.m.33 views

[Full-Disclosure] SRT2003-07-07-0913 - Abnormal suid behavior in several applications

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2003/07/16 12:0 a.m.40 views

Multiple U2 Universe bugs

Problems with creating hard links, buffer overflow, changing files ownership, etc...

3AI score
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2002/08/03 12:0 a.m.33 views

Buffer overflow in IBM U2 UniVerse ODBC

No description provided...

4.5AI score
Exploits0References1
securityvulns
securityvulns
added 2002/08/03 12:0 a.m.27 views

TZ Advisores - Buffer Overflow in IBM U2 UniVerse ODBC

Systems Affecteds: All UniVerse versions with UV/ODBC Explanation: Trying to make an invalid query the client crashes and make the server slow with 5sec to 2min lag what could crash the server. Expoit: Make a query accessing UV/ODBC I've used CrystalReports all versions and make a valid/invalid...

3.8AI score
Exploits0
Rows per page
Query Builder