InteliEditor suffers from a remote file inclusion vulnerability in sys_path.
8a0b2276403d545d1d676c5f336b15d1b0b574920602145cd45519ef926384f2adobe php sdk suffers from a remote file inclusion vulnerability in CachedGateway.php.
6dd0ca24fd785b4c1838f18654274a650891d756a41779bd9c04fff0c949f149Crafty Syntax Live Help (CSLH) 2.9.9 suffers from multiple remote file inclusion vulnerabilities.
b34b3fa80cea1b5a2e2858ec6acb712d1c823c8fe5c1f0c934b8be86e2fccd29Solaris in.telnetd 8.0 and prior remote exploit. A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can occur when a combination of telnet protocol options are received by the daemon. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This exploit has been tested against Solaris 7 & Solaris 8 (sparc).
8b1b9e7b12ccde64848ee3e68e52d71b897094c36e01d0c6aefb642d65d2014bSGI IRIX 6.5 /usr/sysadm/bin/runpriv local root exploit.
87ee2433cea6d25492bbf29d76ac2dddfffb1036915de7f4e24d87a028286cbeSCO Openserver 5.0.7 termsh exploit. 'termsh' is a program to view or modify an existing terminal entry on SCO Openserver. A stack based overflow exists in the handling of command line arguments, namely the [-o oadir] argument. It is installed setgid auth in a default SCO Openserver 5.0.7 install. An attacker may use this flaw to gain write access to /etc/passwd or /etc/shadow allowing for local root compromise.
80848a38a842001ba4c5cb1a4aa2616cfde210738c9f9ac3f9e0ec9ee9fa8266SCO Unixware 7.1.3 ptrace local root exploit. SCO Unixware 7.1.3 kernel allows unprivileged users to debug binaries. The condition can be exploited by an attacker when he has execute permissions to a file which has the suid bit set.
5a1bb516b7d517521524776f7946fdb5d76fc8e72a5fbece7674002e32ad2a4eSCO Openserver 5.0.7 Netware Printing utilities exploit. Multiple buffer overflows exist in the handling of command line arguments in SCO Openserver Netware printing utils. EIP is overwritten after 997 bytes are supplied on the command line. The following binaries are installed setgid 'lp' as default and are vulnerable to this attack.
83a9ce0000e4291a949433b76dd8e4502dbf1c5dbe40d16fb8f14962865b2148SCO Openserver 5.0.7 enable exploit. A standard stack-overflow exists in the handling of command line arguments in the 'enable' binary. A user must be configured with the correct permissions to use the "enable" binary. SCO user documentation suggests "You can use the asroot(ADM) command. In order to grant a user the right to enable and disable tty devices". This exploit assumes you have those permissions.
817dbb560a816e2f79b66debcf45beb878184dc4c5bbaa5233467482a065771bExim versions 4.43-r2 and prior host_aton() local root exploit.
aebac98246454607fa35d16a81b2ca598ce612832413121e7c0d3f85eac98cf7Adabas D 13.01 (GNU/Linux & Win32) Multiple Vulns in WebApps including directory traversal and SQL injection.
693290f05e0b0840b9b91832cbcf89d077f7c7515d33a03cc02acc2ec5bf1135GNU/Linux adabas v1301 universal local root exploit. Standard stack overflow in the command line arguments of SUID root(default) clr_kernel & stop bins. The exploit calculates the value to use for return address.
ed833915fb367c22a24bae21eeb3b2964eb4dfac2a260b2bcaab81b34fb8697bCisco VPN Concentrator 3000 FTP remote exploit. A vulnerability exists in the Cisco VPN Concentrator 3000, an unauthenticated user may access the file system through manipulation of FTP service commands.
4a0105294cbe6f0ee0f0bf817086a0b2f875637c7acc2e15634b0a8695cb01d5AEP/Smartgate arbitrary file download exploit. A vulnerability exists in the smartgate SSL server (listens on port 443 by default) which may allow a malicious user to download arbitrary files with the privileges of the smartgate server.
458fcf07885e8ffe5f837843edcf30c3a17eb5e839951995e800bb8570220cd0HP-UX swmodify buffer overflow exploit. HP-UX 'swmodify' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficient bounds checking in the "-S" optional argument. 'swmodify' is installed setuid root by default in HP-UX and allows for local root compromise when exploiting this issue.
6b1717b21f6b056cf18126c41c392c3e1536cac16fd737bd04e4d45e08ff85deHP-UX swask format string local root exploit. HP-UX 'swask' contains an exploitable format string vulnerability. The 'swask' utility is installed setuid root by default. Specifically the vulnerability is in the handling of the "-s" optional argument which is passed to a format function as verbatim.
3023aa994493e76bd2f6ffff2ce173e8623eb8396ee93dd2faebae1841d15ffeHP-UX libc timezone environment overflow exploit. HP-UX libc contains an exploitable stack overflow in the handling of "TZ" environment variable. The problem occurs due to insufficient bounds checking in the localtime_r() and related functions. Any suid or sgid program which uses the timezone functions can be used as an attack vector. This exploit uses "su" to obtain root privileges.
34d846e3e0a8d4700592a69b16c25ca882966c58bb1de3a7e74d3cb507960e1aHP-UX swpackage buffer overflow exploit. HP-UX 'swpackage' contains an exploitable stack overflow in the handling of command line arguments. Specifically the problem occurs due to insufficient bounds checking in the "-S" optional argument. 'swpackage' is installed setuid root by default in HP-UX and allows for local root compromise when exploiting this issue.
02450b690464a6879577282db8258a809e36d37c3095b86ce73f246a5e8dae97Shellcode that execve() /bin/sh -c (user supplied command). Designed to evade tolower() and friends. requires %esio reference a valid writable address.
a8d80a1d3e6ed93ff7cfffd2ef34670d800df5da4fe9ec2e25e4138b7a0bf1c7WebAPP v0.9.9.2.1 apage.cgi remote command execution exploit.
570cbcdd4473796143ad45dea24ba9487d965bfb9e3539fb0df926476863622cGoogle Rower was created to automate google searches and retrieve the links. It can brute force searches to get more results by adding a letter or number to the end of each search. It then combines all the results found into one html file and removes the duplicates. It can be used to search an ip range using google's site operator, thus looking for backup/old http servers.
86f00a69b7a4f19042600ca8b3faa941f8e5a84be44902ff4121f04711fd7237Two vulnerabilities have been found in CruiseWorks. When exploited, the vulnerabilities allow an authenticated user to retrieve arbitrary files accessible to the web server process and to execute arbitrary code with privileges of the IIS IUSR_MACHINE account.
6ded8d2684f90a3812fd49e9f82867b5dc550992e640d71d72193a57d9bafc44ProgSys 0.151 and below suffer from multiple instances of cross site scripting.
12c2b4c1ca50ef10c00652fd6ecfdf01ebe996921db9a3af71195ad5e4a9260efsfuzzer (0.6-lmh): This is a filesystem fuzzer. This tool creates initial (valid) filesystem images and then manipulates their binary format and structure for detecting flaws/bugs/design problems in the parsing/handling code for that particular filesystem. Expects a /media directory and some base tools (util-linux, etc) as well as support for some filesystems in the kernel (fortunately it will add the filesystems that are supported on your system, if it finds the necessary tools available).
92f98b9deaa72c4d86a635c40039aa5d0b2567e49e623d4120f4ec8f374f15a6Possible Firefox 2.0 Iframe cross site scripting vulnerability.
e541d0cf9e93f13a4fdf465fdab9d26c2ac165299c6f22233c823ef7a6da8f71
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed