Intel® Security Vulnerabilities
Intel Centrino wireless network drivers fail to properly handle malformed frames
Overview Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description The Microsoft Windows drivers for Intel Centrino 2200BG and 2915ABG PRO wireless.....
0.9AI Score
0.021EPSS
[Full-disclosure] linksys WRT54g authentication bypass
I'm having some trouble believing this hasn't been reported before. If you have a linksys router handy, please check to see whether it is vulnerable to this attack. It's possible that all of the linksys router web UIs have the same bug. Hopefully the problem is isolated to one particular...
-0.2AI Score
ISS Protection Brief: Vulnerability in Server Driver could result in Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Brief July 28, 2006 Vulnerability in Server Driver could result in Denial of Service Summary: Multiple versions of Microsoft Windows are vulnerable to a null pointer dereference in the server driver (srv.sys). By sending a...
-0.2AI Score
[Full-disclosure] Microsoft SMB Information Disclosure Vulnerability CVE-2006-1315
McAfee, Inc. McAfee® Avert® Labs Security Advisory Public Release Date: 2006-07-11 SMB Information Disclosure Vulnerability CVE-2006-1315 • Synopsis An information disclosure vulnerability exists in the Server service that could allow an attacker to retrieve fragments of memory from an...
0.7AI Score
0.06EPSS
REVERSING MRXSMB.SYS CHAPTER I “Getting Ring0”
REVERSING MRXSMB.SYS CHAPTER I “Getting Ring0” Rubén Santamarta [email protected] www.reversemode.com May 15, 2006 Abstract Microsoft Mrxsmb.sys does not verify properly user-mode buffers allowing to overwrite, with controlled values, any desired memory address. Index...
-0.3AI Score
MaxiSepet <= 1.0 (link) SQL Injection Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
PunBB 1.2.11 Cross site scripting
/* [N]eo [S]ecurity [T]eam [NST]® Advisory #22 Program : PunBB 1.2.11 Homepage: http://www.punbb.org Vulnerable Versions: PunBB 1.2.11 & lower ones Risk: Low! Impact: Indirect cross site scripting -> PunBB 1.2.11 Cross site scripting <- - Description In short, PunBB is a fast and lightweight ...
-0.2AI Score
-0.4AI Score
ScanAlert Security Advisory http://www.scanalert.com Caucho Resin Multiple Vulnerabilities - Arbitrary File Access & Information Disclosure Date: 5/16/06 Vendor: Caucho Package: Resin Version: 3.0.17 and 3.0.18 – Vendor Confirmed Credit: ScanAlert’s Security and Enterprise Services Teams. Risk:...
0.5AI Score
Do All in Cmd Shell-vulnerability warning-the black bar safety net
Directory 1, Preface 2, The file transmission 3, The system configuration 4, the network configuration 5, software installation 6, Windows Script 7, The accompanying statement Foreword Cmd Shell(command line interaction)is a hack eternal topic, it is the historic and enduring it. This...
-0.2AI Score
-0.3AI Score
CuteNews 1.4.1 Multiple vulnerabilities
/* [N]eo [S]ecurity [T]eam [NST]® Advisory #20 Program : CuteNews 1.4.1 Homepage: http://www.cutephp.com Vulnerable Versions: CuteNews 1.4.1 & lower ones Risk: Medium! Impact: Cross Site Scripting, Full Path Disclosure -> CuteNews 1.4.1 Multiple vulnerabilities <- - Description Cute news is a...
-0.2AI Score
[SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access
HP System Management Homepage Remote Unauthorized Access [Vulnerability]: Remote Authentication Bypass [Product]: CompaqHTTPServer/9.9 HP System Management Homepage 2.1.3.132 and above [Platform]: Microsoft® Windows® - Linux operating systems (IA32 and Itanium Processor Family) - Tru64 UNIX...
0.4AI Score
ISS Protection Bried: ie_patch_ms_06-13
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief April 11, 2006 Cumulative Security Update for Internet Explorer Summary: Microsoft has issued a cumulative security update for Internet Explorer. This update addresses a number of critical issues that could affect IE ...
-0.1AI Score
ISS prtoection Brief: Microsoft MDAC Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief April 11, 2006 Microsoft MDAC Remote Code Execution Summary: Microsoft has issued an advisory for a vulnerability in Microsoft Data Access Components. Specifically, the RDS.Dataspace ActiveX control provided with MDAC ...
0.1AI Score
TUGZip Archive Extraction Directory traversal
TUGZip Archive Extraction Directory traversal TUGZip is a powerful award-winning freeware archiving utility for WindowsA® that provides support for a wide range of compressed, encoded and disc-image files, as well as many other very powerful features; all through an easy to use application...
-0.4AI Score
ISS Protection Brief: RealNetworks RealPlayer chunked Transfer-Encoding buffer overflow
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Alert Date: 03/28/06 Title: RealNetworks RealPlayer chunked Transfer-Encoding buffer overflow Summary: Multiple versions of RealNetworks RealPlayer and RealOne Player are vulnerable to a heap-based buffer overflow, caused by...
0.1AI Score
7.4AI Score
EPSS
Microsoft Office 2002 - Excel/Powerpoint/Word.. 10.0.2614.0 => 11.0.5612.0
Full archive at http://www.milw0rm.com/sploits/excel_03262006.rar Topic : Microsoft Office 2002 - Excel/Powerpoint/Word.. 10.0.2614.0 => 11.0.5612.0 Date : 02/12/2006 Author : posidron <[email protected]> Table of Contens Some Excel Information The XLS File Format and...
0.1AI Score
7.1AI Score
Microsoft Office Products - Array Index Bounds Error (PoC)
Microsoft Office Products - Array Index Bounds Error...
0.1AI Score
[Full-disclosure] [INetCop Security Advisory] zeroboard IP session bypass XSS vulnerability
======================================== INetCop Security Advisory #2006-0x82-029 ======================================== Title: zeroboard IP session bypass XSS vulnerability 0x01. Description Zeroboard is a popular web notice board used in Korea. INetCop Security found XSS...
-0.1AI Score
-0.2AI Score
phpBB <= 2.0.19 Multiple DoS vulnerabilities
/* [N]eo [S]ecurity [T]eam [NST]® - Advisory #18 - 03/03/06 Program: phpBB Homepage: http://www.phpbb.com Vulnerable Versions: All phpBB versions Risk: High Risk!! Impact: Multiple DoS Vulnerabilities. -==phpBB Multiple DoS Vulnerabilities ==- - Description phpBB is a high powered, fully scalable,....
-0.5AI Score
-0.5AI Score
WordPress 2.0.1 Multiple Vulnerabilities
/* [N]eo [S]ecurity [T]eam [NST]® WordPress 2.0.1 Multiple Vulnerabilities Program : WordPress 2.0 Homepage: http://www.wordpress.org Vulnerable Versions: WordPress 2.0.1 & lower ones Risk: Critical! Impact: XSS, Full Path Disclosure, Directory Listing -> WordPress 2.0.1 Multiple Vulnerabilities...
-0.4AI Score
StuffIt and ZipMagic Family of products Directory traversal
StuffIt and ZipMagic Family of products Directory traversal The StuffIt and ZipMagic Family of products is designed to meet any level of compression needs; from basic expansion to advanced archive manipulation, to automating routine compression tasks, and even building compression into a software.....
-0.3AI Score
PunBB 1.2.10 Multiple DoS Vulnerabilities
/* [N]eo [S]ecurity [T]eam [NST]® PunBB 1.2.10 Multiple DoS Vulnerabilities Program : PunBB 1.2.10 Homepage: http://www.punbb.org Vulnerable Versions: PunBB 1.2.10 & lower ones Risk: Critical! Impact: Denial of service by registering too many users (Critical) Possible bruteforce attack...
0.1AI Score
Invision Power Board 2.1.4 Multiple Vulnerabilities
/* [N]eo [S]ecurity [T]eam [NST]В® - Advisory #16 - 18/02/06 Program: Invision Power Board 2.1.4 Homepage: http://www.invisionboard.com Vulnerable Versions: 2.1.4 & Lower versions Risk: Low Risk!! Impact: Multiple Vulnerabilities. -==Invision Power Board 2.1.4 Multiple Vulnerabilities==- -...
-0.2AI Score
-0.1AI Score
[Full-disclosure] XSS in PlaySMS
I Found an XSS Vulnerability in PlaySmS Site: playsms.sourceforge.net PoC: www.target.com/playsms/index.php?err=<script>alert(document.cookie);</script> Salam http://mohajali.lezr.org ®.....Now I Am Become Death....The Destroyer Of...
-0.2AI Score
Corrupt Word file may cause buffer overflow in the Blackberry Attachment Service
>From Research in Motion's KB-04791 (sorry, long link): http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/8149/8052/Support_-_Corrupt_Word_file_may_cause_buffer_overflow_in_the_BlackBerry_Attachment_Service.html?nodeid=1181753&vernum=2 Applies to: BlackBerry Enterprise...
1.6AI Score
-0.3AI Score
0.1AI Score
ISS Protection Alert: Windows Picture and Fax Viewer WMF Overflow
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Alert December 28, 2005 Microsoft Picture and Fax Viewer WMF Buffer Overflow Summary: The X-Force is tracking a new, unpatched critical vulnerability in Microsoft.s Picture and Fax Viewer application which is the default...
0.1AI Score
Plexcor's(r) CMS XSS vuln.
Plexcor's® CMS XSS vuln. Vuln. discovered by : r0t Date: 21 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/plexcors-cms-xss-vuln.html vendor:http://www.plexcor.com/ affected version: 4.0 and prior Product Description: Integrated modular content, communications, calendar, commerce,.....
1.1AI Score
7.4AI Score
EPSS
Microsoft IIS - HTTP Request Denial of Service (1)
Microsoft IIS - HTTP Request Denial of Service...
-0.3AI Score
MS Windows IIS Malformed HTTP Request Denial of Service Exploit (c)
No description provided by...
7.1AI Score
Microsoft IIS Remote DoS .DLL Url exploit
Microsoft IIS Remote DoS .DLL Url exploit Advisory Name Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit Release Date 16. December 2005 Vulnerable Microsoft® Internet Information Server® V5.1 Not vulnerable Microsoft® Internet Information Server® V5.0 Microsoft® Internet Information...
-0.1AI Score
Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit
** Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ ** Advisory Name: Microsoft IIS Remote Denial of Service (DoS) .DLL Url exploit Release Date: 16. Desember 2005 Vulnerable: Microsoft® Internet Information Server® V5.1 Not vulnerable: ...
0.2AI Score
[Full-disclosure] XSS Vuln in PlaySmS
I Found an XsS vulnerability in the playsms script.... website: playsms.sourceforge.net POC: www.target.com/playsms/index.php?err=XSShere ®.....Now I Am Become Death....The Destroyer Of...
0.8AI Score
Flatnuke 2.5.6 - Privilege Escalation Remote Command Execution
Flatnuke 2.5.6 - Privilege Escalation Remote Command...
0.8AI Score
7.4AI Score
EPSS
Flatnuke 2.5.6 Privilege Escalation / Remote Commands Execution Exploit
No description provided by...
7.1AI Score
[Full-disclosure] CYBSEC - Security Advisory: Phishing Vector in SAP WAS
(The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Phishing_Vector_in_SAP_WAS.pdf ) CYBSEC S.A. www.cybsec.com Advisory Name: Phishing Vector in SAP WAS (Web Application Server) Vulnerability Class: Phishing Vector /...
-0.1AI Score
[Full-disclosure] CYBSEC - Security Advisory: Multiple XSS in SAP WAS
(The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf ) CYBSEC S.A. www.cybsec.com Advisory Name: Multiple XSS in SAP WAS (Web Application Server) Vulnerability Class: Cross-Site Scripting Release...
-0.2AI Score
[Full-disclosure] CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS
(The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_HTTP_Response_Splitting_in_SAP_WAS.pdf ) CYBSEC S.A. www.cybsec.com Advisory Name: HTTP Response Splitting in SAP WAS (Web Application Server) Vulnerability Class: HTTP...
-0.2AI Score
[Full-disclosure] Fwd: Vulnerability in Ar-blog ver 5.2 and prior versions
---------- Forwarded message ---------- From: (M.o.H.a.J.a.L.i) <[email protected]> Date: Oct 25, 2005 12:52 AM Subject: Vulnerability in Ar-blog ver 5.2 and prior versions To: [email protected] Vulnerability in Ar-blog ver 5.2 and prior Software: Ar-blog Vulnerable versions: <...
-0.2AI Score
[Full-disclosure] Vulnerability in AL-Caricatier, V.2.5 And Prior Versions
Vulnerability in AL-Caricatier,V.2.5 Hello... i found a vulneribility in an program called AL-Caricatier it's an arabic program site: http://www.php-ar.com Vulnerability: Login Bypass GoogleDork: inurl:view_caricatier. php Vunlerability in an included file called ss.php which resides in the...
0.3AI Score