EUVD-2011-1000

Malware in sbrugna...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

CVE-2021-31956 pretty stable exploit on win10 20h2...

xdebug Unauthenticated OS Command Execution Exploit

This Metasploit module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user. This module requires Metasploit: https://metasploit.com/download Current source:...

mysql: pid file can be created in a world-writeable directory (CPU Apr 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where...

LNK Code Execution Vulnerability

This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 CVE-2015-0096. The created LNK file is similar except an additional SpecialFolderDataBlock is included. The...

Samba is_known_pipename() Arbitrary Module Load Exploit

This Metasploit module triggers an arbitrary shared library load vulnerability in Samba versions 3.5.0 to 4.4.14, 4.5.10, and 4.6.4. This Metasploit module requires valid credentials, a writeable folder in an accessible share, and knowledge of the server-side path of the writeable folder. In some...

BeRoot - Windows Privilege Escalation Tool

BeRoots is a post exploitation tool to check commun Windows misconfigurations to find a way to escalate our privilege. A compiled version is available here. It will be added to the pupy project as a post exploitation module so it will be executed all in memory without touching the disk. Except on...

openSUSE Security Update : rocksndiamonds (openSUSE-SU-2012:0918-1)

The game rocksndiamonds created /.rocksndiamonds/ world writeable, allowing other users to save files in there or corrupt your game state. This was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

WordPress Persuasion 主题'dl-skin.php'任意文件访问漏洞

BUGTRAQ ID: 64501 Persuasion是一款强大的商业主题。 Persuasion 2.0、2.3版本没有有效过滤用户输入，攻击者可利用此漏洞下载或删除任意文件。 0 mysitemyway persuasion 2.3 mysitemyway persuasion 2.0 厂商补丁： mysitemyway ----------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://mysitemyway.com/theme/persuasion-wordpress-theme/ Exploit Title:...

phpMyAdmin3 (pma3) Remote Code Execution Exploit

No description provided by source. !/usr/bin/env python coding=utf-8 pma3 - phpMyAdmin3 remote code execute exploit Author: [email protected] type="text/javascript" / !CDATA / functiontryvar...

CVE-2011-0988

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors...

CVE-2011-0988

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors...

Code injection

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors...

CVE-2011-0988

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors...

CVE-2011-0988

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors...

openSUSE Security Update : apport (apport-816)

The apport crash watcher / handler suite contains a cron job that cleanes the world writeable /var/crash directory unsafely, allowing local attackers to remove random files on the system. CVE-2009-1295 This update fixes this. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution

FTP server GNU inetutils 1.4.2 Remote Root Exploit This program remotely exploits the most recent versions of GNU inetutils ftpd on linux systems. Requirements: 1. There MUST be a chroot'ed environment for the logged in user 2. Directory etc must be writeable by the logged in user duh! The exploi...

ProFTPD 1.3.0 (sreplace) Remote Stack Overflow Exploit (meta)

Exploit for linux platform in category remote exploits ============================================================= ProFTPD 1.3.0 sreplace Remote Stack Overflow Exploit meta ============================================================= vdproftpd.pm - Metasploit module for ProFTPD stack overflow...

OpenBSD 2.6 / 2.7ftpd Remote Exploit

No description provided by source. / h0h0h0 0-day k0d3z Exploit by Scrippie, help by dvorak and jimjones greets to sk8 Not fully developt exploit but it works most of the time ; Things to add: - automatic writeable directory finding - syn-scan option to do mass-scanning - worm capabilities? shoul...

TFTP Weak Directory Permissions (HP Ignite-UX) - Active Check

The remote host has a vulnerable version of the HP Ignite-UX application installed that exposes a world-writeable directory to anonymous TFTP access. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...