Specialized exploit for cases where SQL injection is possible against a Oracle PL/SQL setup.
d157fd2dfa2d66e860e087333a9d56513595d3653e44b2708d42626d1eb78d34Exploit for buffer overflow vulnerability in procedure MDSYS.MD2.SDO_CODE_SIZE within Oracle Database Server version 10.1.0.2 under Windows 2000 SP4.
a0f3cca0424aca2f2583ed61ffa387e3f18c17050746fbcb5ef2f5de1e81146fSerendipity 0.8beta4 beta.php SQL injection exploit.
202976f007352d982e4bef3889c5a2c8105be38b552f23a27cf66c03614d2144Serendipity "blog" system version 0.8beta4's "exit.php" module is vulnerable to SQL injection. Previous versions were also vulnerable, and it appears this has not yet been fixed.
ca137befd87bb23f0e1a05b1a0c1c339ec2fb1a20c1fc627330d60c19533f5f4Gentoo Linux Security Advisory GLSA 200504-11 - James Ranson reported a vulnerability when JunkBuster is configured to run in single-threaded mode, an attacker can modify the referrer setting by getting a victim to request a specially crafted URL. Tavis Ormandy of the Gentoo Linux Security Audit Team identified a heap corruption issue in the filtering of URLs. Versions less than 2.0.2-r3 are affected.
5230e1bc925375fa4788e07f7ce82ed74e9dfa93f2e7f7d56512315e0fe36532Multiple SQL injection and Cross-site Scripting issues in phpBB versions 1.52 and below. Example exloit URLs included in advisory.
9ed61fb9b6bddef6a6fbcc172a966e32b1952757835f428dc9b3ec91afbb9023Debian Security Advisory 707-1. Multiple issues with MySQL, including: incorrect privilege handling (users get illegitimate access to databases named similarly to those they have legitimate access to), arbitrary command execution for any user that has been granted INSERT and DELETE rights, and race conditions due to predictable tempfile naming schemes.
8f5c94fb7332fb046cb8ba8ed05f37326977d9787fac3593b9bd7b35da35d0f1Gld, a greylisting server for Postfix, is vulnerable to buffer overflows in the code contained within server.c and cnf.c. Gld is run by root by default, meaning this is a remote-root-class issue.
398a498a2c6d9de9531d7a8a48c1683fe5a153b91ff1584453c5367b7c65add8Proof-of-Concept code to generate a file with an embedded CLSID, demonstrating how the issues detailed in the iDEFENSE "MSHTA" advisory, MS05-016, and other places, can be exploited.
7826084c6c139e8540b77c60563f111711b9055021c1118b3cabc3f461e16bb2This is a slightly modified version of Stuart Pearson's original exploit for the malformed MDB parsing vulnerabilities in Microsoft Access.
21907bea8baebb0eabf8d5cb55470e6622f00c5110265a1be7900b93ce98dd5aDebian Security Advisory 706-1 - The Debian Security Audit Project discovered a buffer overflow in axel, a light download accelerator. When reading remote input the program did not check if a part of the input can overflow a buffer and maybe trigger the execution of arbitrary code.
10f84aee682a1865f89c6e409073124f8a3910a5f499cb79b38686f56a11439ezOOm Media Gallery is susceptible to SQL injection attacks.
b88f4b753bd42e9c2ae76a295971593f9fffeba89289f14643f0dc3375f5ac24Technical Cyber Security Alert TA05-102A - Microsoft has released a Security Bulletin Summary for April, 2005. This summary includes several bulletins that address vulnerabilities in various Windows applications and components. Exploitation of some vulnerabilities can result in the remote execution of arbitrary code by a remote attacker.
3c4afe41c5453fad4a5bfa073bbac7c40792450fc856da20772568df97503e76Microsoft Jet exploit that makes use of an insufficient data validation vulnerability when the parsing of a database file is performed with msjet40.dll.
363d13ce385e71ed1d0b870b6c9e4eb5dfef4e9ceae62b8fe3b8bb540e55059dDoKuWiki is susceptible to a file upload bug.
ed7180efed1b0555eda2d2aa14fbfdc213a32e96846f52a658c94be1e2ad0bfcCisco Security Advisory - A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled ICMP Attacks Against TCP (draft-gont-tcpm-icmp-attacks-03.txt). Multiple Cisco products are affected by the attacks described in this Internet draft.
1f9284a7574fce778b0209924984b5651e903fc11afdbd146cb97effaa4598dc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed