Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2013/04/22 12:0 a.m.•17 views

BigAnt IM Server DDNF username Field Remote Overflow

Added: 04/22/2013 BID: 58998 OSVDB: 92239 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt IM Server is vulnerable to buffer overflow in the expsrv.dll library as a result of improper validation of...

8.3AI score
Exploits0
Saint
Saint
•added 2013/04/12 12:0 a.m.•17 views

HP System Management Homepage iprange parameter command execution

Added: 04/12/2013 BID: 58817 OSVDB: 91812 Background HP System Management Homepage SMH is a web-based interface that consolidates the management of ProLiant and Integrity servers. Problem A vulnerability in HP SMH allows command execution when an attacker requests /proxy/DataValidation with a...

7.4AI score
Exploits0
Saint
Saint
•added 2013/04/12 12:0 a.m.•17 views

ActFax RAW Server Stack Buffer Overflow

Added: 04/12/2013 BID: 57789 OSVDB: 89944 Background ActFax is a Windows-based software package that sends, receives and electronically stores faxes. Problem The ActFax RAW server is vulnerable to a boundary error when processing the @F000 data field, which could result in stack-based buffer...

8.3AI score
Exploits0
Saint
Saint
•added 2013/02/07 12:0 a.m.•17 views

Novell eDirectory NCP KeyedObjectLogin Function Vulnerability

Added: 02/07/2013 CVE: CVE-2012-0432 BID: 57038 OSVDB: 88718 Background Novell eDirectory is a directory server which implements the NetWare Core Protocol NCP to synchronize data changes between the servers in a directory service tree. NCP is used to access file, print, directory, clock...

10CVSS7.9AI score0.58702EPSS
Exploits14
Saint
Saint
•added 2013/01/12 12:0 a.m.•17 views

Foxit Reader Plugin for Firefox URL Filename Stack Buffer Overflow

Added: 01/12/2013 BID: 57174 OSVDB: 89030 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader plugin for Firefox npFoxitReaderPlugin.dll is vulnerable to remote code execution as a result of failure to check boundary conditions when processing a URL...

8.1AI score
Exploits0
Saint
Saint
•added 2012/11/05 12:0 a.m.•17 views

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

0.4AI score
Exploits0
Saint
Saint
•added 2012/11/05 12:0 a.m.•17 views

TurboSoft TurboFTP Server PORT Command Buffer Overflow

Added: 11/05/2012 BID: 55764 OSVDB: 85887 Background TurboSoft TurboFTP Server is a MS Windows based file transfer server that provides FTP, FTP over SSL/TLS, and SFTP over SSH services. Problem TurboFTP Server 1.30.826 is vulnerable to a stack based buffer overflow that could allow remote code...

8.3AI score
Exploits0
Saint
Saint
•added 2012/09/10 12:0 a.m.•17 views

Oracle Outside In XPM Image Processing Stack Overflow

Added: 09/10/2012 Background Oracle Outside In is a suite of software development kits that provides developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem In Outside In versions 8.3.5.0 through 8.3.7, the XPM image...

7.1AI score
Exploits0
Saint
Saint
•added 2012/05/09 12:0 a.m.•17 views

Ricoh DC Software DL-10 FTP Server USER Remote Code Execution

Added: 05/09/2012 BID: 52235 OSVDB: 79691 Background Various cameras e.g. CX1-6, G700, G700SE provided by Ricoh support transfering images to a PC over FTP. Ricoh supplies a small FTP server called SR-10 / Capftpd which enables users to transfer images from camera to computer. Problem The flaw is...

7.6AI score
Exploits0
Saint
Saint
•added 2012/04/18 12:0 a.m.•17 views

Screen Capture

Added: 04/18/2012 Background This tool captures the screen of a remote target. Limitations An existing connection to the remote target is required. For Unix and Linux systems, the xwd utility must be present on the remote target. Platforms Windows Linux Unix...

1.8AI score
Exploits0
Saint
Saint
•added 2011/12/27 12:0 a.m.•17 views

Traq authenticate function remote code execution

Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...

7.8AI score
Exploits0
Saint
Saint
•added 2011/11/28 12:0 a.m.•17 views

Viscom Software Image Viewer ActiveX TIFMergeMultiFiles Vulnerability

Added: 11/28/2011 BID: 50712 Background Viscom Image Viewer CP is an image viewer ActiveX control that supports many popular image file formats, zoom in, zoom out, panning, auto zoom and auto scrolling when drawing the selection rectangle. Problem The ImageViewer2.OCX ActiveX control in Image...

8.3AI score
Exploits0
Saint
Saint
•added 2011/11/15 12:0 a.m.•17 views

Oracle Hyperion Financial Management ActiveX File Upload

Added: 11/15/2011 BID: 50476 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for scripting and...

0.1AI score
Exploits0
Saint
Saint
•added 2011/07/14 12:0 a.m.•17 views

Crack OS X 10.7 Hashes

Added: 07/14/2011 Background This tool attempts to crack the passwords retreived by the "Mac OS X Hash grab" exploit tool. Accounts are cracked using dictionaries/Commonpwlong.txt Limitations An existing macosxhashgrab.out file must exist in the /exploits directory. Platforms Mac OS X...

0.3AI score
Exploits0
Saint
Saint
•added 2011/07/08 12:0 a.m.•17 views

Lotus Domino HPRAgentName Stack Overflow

Added: 07/08/2011 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem The WebAdmin.nsf resource on the Domino web service contains a buffer overflow vulnerability. Resolution No patch is available at this time. References...

7.7AI score
Exploits0
Saint
Saint
•added 2011/04/08 12:0 a.m.•17 views

Zend Server Java Bridge Remote Code Execution

Added: 04/08/2011 BID: 47060 OSVDB: 71420 Background Zend Server is an enterprise web application server for hosting PHP applications. Problem The Zend Server Java Bridge allows PHP applications to execute methods in Java classes. The Java Bridge does not validate that requests to execute Java co...

7.5AI score
Exploits0
Saint
Saint
•added 2011/04/01 12:0 a.m.•17 views

RealFlex RealWin FC_RFUSER_FCS_LOGIN Buffer Overflow

Added: 04/01/2011 CVE: CVE-2011-1563 BID: 46937 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially...

10CVSS7.6AI score0.74638EPSS
Exploits15
Saint
Saint
•added 2011/02/24 12:0 a.m.•17 views

Citrix Provisioning Services streamprocess.exe Stack Overflow

Added: 02/24/2011 BID: 45914 OSVDB: 70597 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Service 5.6 and prior are vulnerable to a remotely exploitable...

1.3AI score
Exploits0
Saint
Saint
•added 2011/01/04 12:0 a.m.•17 views

SQL injection authentication bypass

Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...

1AI score
Exploits0
Saint
Saint
•added 2010/10/10 12:0 a.m.•17 views

Reverse Shell Applet

Added: 10/10/2010 Background This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server. Proble...

0.9AI score
Exploits0
Saint
Saint
•added 2010/09/13 12:0 a.m.•17 views

Touch22 Image22 ActiveX Control Buffer Overflow

Added: 09/13/2010 BID: 41547 Background Touch22 Software Image22 ActiveX enables dynamic graphic creation and image manipulation from within an application. Problem Touch22 Software Image22 ActiveX Control 1.1.1 is vulnerable to buffer overflow due to a boundary error when handling the function...

7.4AI score
Exploits0
Saint
Saint
•added 2010/08/20 12:0 a.m.•17 views

Symantec Alert Management System Intel Alert Handler command execution

Added: 08/20/2010 BID: 41959 OSVDB: 66807 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on port...

8.5AI score
Exploits0
Saint
Saint
•added 2010/08/16 12:0 a.m.•17 views

Novell iPrint Client ActiveX Control ExecuteRequest debug buffer overflow

Added: 08/16/2010 BID: 42100 OSVDB: 66960 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in ienipp.ocx allows command execution...

1.8AI score
Exploits0
Saint
Saint
•added 2010/03/22 12:0 a.m.•17 views

Open and Compact FTP Server Long Password Buffer Overflow

Added: 03/22/2010 Background Open and Compact FTP Server Open-FTPD is a Windows-based compact FTP server. Problem A buffer overflow vulnerability allows command execution as a result of an overly long password. Resolution Upgrade to a version newer than 1.2 when it becomes available, or use a...

8AI score
Exploits0
Saint
Saint
•added 2010/02/09 12:0 a.m.•17 views

BigAnt Messenger Server USV Command Buffer Overflow

Added: 02/09/2010 BID: 37520 OSVDB: 61386 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt server version 2.52 and earlier are vulnerable to a remote, unauthenticated buffer overflow attack. The...

1.3AI score
Exploits0
Saint
Saint
•added 2010/01/21 12:0 a.m.•17 views

ACD Systems ACDSee Products XBM File Handling Buffer Overflow

Added: 01/21/2010 BID: 37685 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl plug-in allows command execution when a user opens a specially crafted XBM file. Resolution Apply a patch or upgrade when released by the...

7.9AI score
Exploits0
Saint
Saint
•added 2009/12/07 12:0 a.m.•17 views

VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow

Added: 12/07/2009 BID: 36439 OSVDB: 58217 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A buffer overflow vulnerability exists in VideoLAN VLC media player due to an error when an overly deep box structure in ".mp4" files....

8.3AI score
Exploits0
Saint
Saint
•added 2009/11/23 12:0 a.m.•17 views

Novell eDirectory DHost HTTPSTK buffer overflow

Added: 11/23/2009 BID: 37042 Background Novell eDirectory is a directory server which implements the LDAP protocol. eDirectory for Windows, Linux, and UNIX includes the DHost program, which runs under eDirectory and provides the functionality of the NetWare operating system. Problem A buffer...

8.7AI score
Exploits0
Saint
Saint
•added 2009/11/23 12:0 a.m.•17 views

Novell eDirectory DHost HTTPSTK buffer overflow

Added: 11/23/2009 BID: 37042 Background Novell eDirectory is a directory server which implements the LDAP protocol. eDirectory for Windows, Linux, and UNIX includes the DHost program, which runs under eDirectory and provides the functionality of the NetWare operating system. Problem A buffer...

0.9AI score
Exploits0
Saint
Saint
•added 2009/11/13 12:0 a.m.•17 views

InterSystems Cache HTTP Stack Buffer Overflow

Added: 11/13/2009 Background InterSystems Cache is a high-performance object database that also enables rapid Web application development. Problem Intersystems Cache is vulnerable to a HTTP stack buffer overflow as a result of a specially crafted parameter to the UtilConfigHome.csp page. Resoluti...

2.2AI score
Exploits0
Saint
Saint
•added 2009/10/30 12:0 a.m.•17 views

Novell eDirectory DHost module load buffer overflow

Added: 10/30/2009 BID: 36815 Background Novell eDirectory is a directory server which implements the LDAP protocol. eDirectory for Windows, Linux, and UNIX includes the DHost program, which runs under eDirectory and provides the functionality of the NetWare operating system. Problem A buffer...

2.1AI score
Exploits0
Saint
Saint
•added 2009/10/01 12:0 a.m.•17 views

ProFTP welcome message buffer overflow

Added: 10/01/2009 BID: 36128 OSVDB: 57394 Background Labtam ProFTP is an FTP client program for Microsoft Windows. Problem A buffer overflow vulnerability allows command execution when a user connects to an FTP server which sends a specially crafted welcome message. Resolution Apply a fix from th...

7.8AI score
Exploits0
Saint
Saint
•added 2009/09/23 12:0 a.m.•17 views

Phishing Tool

Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...

6.7AI score
Exploits0
Saint
Saint
•added 2009/09/23 12:0 a.m.•17 views

Phishing Tool

Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...

6.7AI score
Exploits0
Saint
Saint
•added 2009/08/03 12:0 a.m.•17 views

Easy Chat Server Authentication Request Buffer Overflow

Added: 08/03/2009 Background Easy Chat Server is a web-based chat server for Microsoft Windows. Problem The server is vulnerable to a remote buffer-overflow attack which can be triggered by sending a specially crafted password parameter to chat.ghp. Resolution Easy Chat Server 2.2 and earlier are...

0.8AI score
Exploits0
Saint
Saint
•added 2009/03/31 12:0 a.m.•17 views

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

9.3CVSS6.9AI score0.37721EPSS
Exploits9
Saint
Saint
•added 2009/03/29 12:0 a.m.•17 views

SAP GUI SAPBExCommonResources ActiveX Command Execution

Added: 03/29/2009 Background The SAP GUI is the GUI client in SAP's 3-tier architecture of database, application server and client. The SAP GUI family is available for Windows, Java, and HTML/Internet Transaction Server ITS environment. SAP GUI for Windows registers the...

0.2AI score
Exploits0
Saint
Saint
•added 2008/10/15 12:0 a.m.•17 views

Microsoft Host Integration Server SNA RPC authentication bypass

Added: 10/15/2008 CVE: CVE-2008-3466 BID: 31620 OSVDB: 49068 Background Microsoft Host Integration Server is an enabling technology which allows integration of applications and data with new Windows solutions. Problem A vulnerability in Microsoft Host Integration Server allows remote...

10CVSS6.9AI score0.77741EPSS
Exploits9
Saint
Saint
•added 2008/09/24 12:0 a.m.•17 views

Find e-mail addresses

Added: 09/24/2008 Background E-mail addresses in a given domain can often be found using publicly available information such as Internet search engines, network registrars, and public key servers. This tool attempts to provide a list of e-mail addresses using these resources. Limitations Many...

2.3AI score
Exploits0
Saint
Saint
•added 2008/09/12 12:0 a.m.•17 views

TFTP Server error packet buffer overflow

Added: 09/12/2008 CVE: CVE-2008-2161 BID: 29111 OSVDB: 44904 Background TFTP Server is an open source server implementation of the tftp protocol for multiple platforms. Problem A buffer overflow vulnerability in the handling of error packets allows remote attackers to execute arbitrary commands...

10CVSS10AI score0.65284EPSS
Exploits6
Saint
Saint
•added 2007/07/09 12:0 a.m.•17 views

Snort DCE/RPC preprocessor buffer overflow

Added: 07/09/2007 CVE: CVE-2006-5276 BID: 22616 OSVDB: 32094 Background Snort is an open-source intrusion detection system. It includes a DCE/RPC preprocessor, which reassembles DCE/RPC traffic before it is passed to the intrusion detection engine. Problem A buffer overflow vulnerability in the...

10CVSS7.7AI score0.79319EPSS
Exploits15
Saint
Saint
•added 2006/08/23 12:0 a.m.•17 views

Oracle Database string conversion buffer overflow

Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...

2AI score
Exploits0
Saint
Saint
•added 2006/06/09 12:0 a.m.•17 views

7-Zip ARJ archive handling buffer overflow

Added: 06/09/2006 CVE: CVE-2005-3051 BID: 14925 OSVDB: 19639 Background 7-Zip is a free file archiver for Windows platforms. Problem A buffer overflow vulnerability in 7-Zip could allow code execution when a specially crafted ARJ file is opened. Resolution Upgrade to 7-Zip 4.27 beta or higher...

9.3CVSS7.2AI score0.06053EPSS
Exploits4
Saint
Saint
•added 2006/03/24 12:0 a.m.•17 views

BakBone NetVault remote heap overflow

Added: 03/24/2006 CVE: CVE-2005-1009 BID: 12967 OSVDB: 15234 Background BakBone NetVault is a distributed data backup and restore solution for UNIX and Windows networks. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.6AI score0.57017EPSS
Exploits8
Saint
Saint
•added 2006/01/31 12:0 a.m.•17 views

Winamp playlist file buffer overflow

Added: 01/31/2006 CVE: CVE-2006-0476 BID: 16410 OSVDB: 22789 Background Winamp is a media player for Windows. Problem A buffer overflow in Winamp allows code execution when a specially crafted playlist file is opened. Resolution Upgrade to Winamp 5.13 or higher. References...

7.6CVSS7.1AI score0.74506EPSS
Exploits8
Saint
Saint
•added 2005/12/28 12:0 a.m.•17 views

phpBB viewtopic.php highlight parameter vulnerability

Added: 12/28/2005 CVE: CVE-2005-2086 BID: 14086 OSVDB: 17613 Background phpBB is an open-source bulletin board package written in PHP. Problem This is a variant of an older vulnerability which allows remote command execution by requesting viewtopic.php with a specially crafted highlight parameter...

7.5CVSS6.5AI score0.85366EPSS
Exploits9
Saint
Saint
•added 2014/12/19 12:0 a.m.•16 views

XEROX Multiple Product Unauthenticated Remote Firmware Injection Vulnerability

Added: 12/19/2014 BID: 52483 OSVDB: 80096 Background Some Xerox Multifunction Printers MFP utilize Dynamic Loadable Modules DLM for patching, upgrading and cloning. The DLMs can be delivered to the printer via the Jet Direct printer service on TCP port 9100. Problem Multiple Xerox products are...

0.8AI score
Exploits0
Saint
Saint
•added 2014/07/02 12:0 a.m.•16 views

Easy File Management Web Server UserID Cookie Handling Buffer Overflow

Added: 07/02/2014 BID: 67542 OSVDB: 107241 Background Easy File Management Web Server is a Microsoft Windows based file management application that allows remote users to upload and download files through a web browser. It also supports online editing of Word, Excel, PowerPoint and PDF documents ...

8.5AI score
Exploits0
Saint
Saint
•added 2012/12/07 12:0 a.m.•16 views

Novell NetIQ Privileged User Manager modifyAccounts Security Bypass

Added: 12/07/2012 BID: 56535 OSVDB: 87335 Background Novell NetIQ Privileged User Manager NPUM allows IT administrators to work on systems without exposing superuser administrator or supervisor passwords or root-account credentials to the administrator. Problem NetIQ Privileged User Manager 2.3.1...

0.4AI score
Exploits0
Saint
Saint
•added 2012/12/03 12:0 a.m.•16 views

Novell NetIQ Privileged User Manager Security Bypass

Added: 12/03/2012 BID: 56539 OSVDB: 87334 Background Novell NetIQ Privileged User Manager NPUM allows IT administrators to work on systems without exposing superuser administrator or supervisor passwords or root-account credentials to the administrator. Problem NetIQ Privileged User Manager 2.3.1...

0.6AI score
Exploits0
Total number of security vulnerabilities4305