Linux/x86 24 byte shellcode for execve /bin/sh.
b928039f81e965b053483b267c31c4bdda7b6730503d7aee2c0593ecffa44badMacOSX/PowerPC 32 byte shellcode for sync(), reboot().
5351c8b944368ba099bd46cb47915aa7e0786ff4351bf5533f14b4df81c31cacMacOSX/PowerPC 72 byte shellcode for execve /bin/sh.
ac91044711def1684cd5a9b2453d14c329e8a338863ce7e44ec4589f10d91bdeOpenBSD/x86 23 byte shellcode for execve /bin/sh.
cf9775af8c212ecdbae9ac1f1aee5347daeb57f734b31701789be64c4d662115Invision Power Board version 2.1.5 remote SQL injection exploit.
edff9ae3f3bd623917541b4b345ef9516e9bdff8fd1e9a4772fe6ca438d076ddThe MultiAdmin security framework kernel module provides a means to have multiple root users with unique UIDs. This bypasses collation order problems with NSCD, allows you to have files with unique owners, and allows you to track the quota usage for every real user. It also implements a sub-admin, a partially restricted root user who has full read-only access to most subsystems, but write rights only to a limited subset, for example writing to files or killing processes only of certain users.
6b1f37152a2e647d2824a80fabe12edbd436668efa9a9c487f1fb91aca7ba41aMandriva Linux Security Advisory MDKSA-2006-080: Ulf Harnhammar discovered that the freshclam tool does not do a proper check for the size of header data received from a web server. This could potentially allow a specially prepared HTTP server to exploit freshclam clients connecting to a database mirror and causing a DoS. The updated packages have been updated to Clamav 0.88.2 which corrects this problem.
cd9da835477073b5e90d6e13b1ba55414304793ab54dca4323c406276e320f22Candidate Resources Inc. web software suffers from an administrative bypass flaw.
685ea4431520ae34fd5c3a379c1216f2d30a9479cad58c7480b4453d76be45e6SiteX version 0.7 is susceptible to SQL injection and cross site scripting attacks. Earlier versions may also be affected.
8e938a60980f971677e0b03851bb086b0351931f243f602da70867b7a9afcab0NEW-SOLUTION is susceptible to SQL injection attacks that allow for administrative login bypass.
569dcb8ce1290d8aec101aa3b6abb9de30022c0bc7c88cfd0b97149661e986bfASPThai Forums version 9.0 and below suffer cross site scripting flaws.
eff15390edafcdcbb7b2f68952bacd9a16b110eed8447ce4b4072f35617a1fbeASP-Nuke community version 1.4 SP3 suffers from multiple cross site scripting flaws. Earlier versions also may be affected.
0e5f2db41beda4c6ddfb3e9d198570e36732152bc573d3031da6c77aa43fc95bASP-Nuke community version 1.4 SP2 suffers from multiple cross site scripting flaws. Earlier versions also may be affected.
36cb63a9d0d658055ccebc69af687636d7ed29a68857d40f431d925d633f3b17DMCounter version 0.9.2-b suffers from a remote file inclusion flaw that allows for arbitrary code execution.
54ebbb6e93d6616c08b63b3b9cd528ede87547af26e90848582b2291c5c817deGentoo Linux Security Advisory GLSA 200605-01 - Xfocus Team discovered multiple integer overflows that may lead to a heap-based buffer overflow. Versions less than 1.0.20060415 are affected.
55d6cc6fdba89262f8cd462225602b14d23ccb9c5309f3e2e384d152b261dc92JMK's Picture Gallery allows for direct administrative access.
dee6d5dfe8cb32846de1bea7e5065d1aef9828726a9823c222393da46fe1663aplanetGallery allows for direct administrative access without credentials.
e707ca4a64124d891cfa1c76cbcd5d1fa1f5c8a76ca6254c38bedace434a008bfree-php.net Poll version 1.0 allows for direct /admin/ access.
c7720f356005deec924f55a01f66ce3143eeff1367f0afab99ebca5c91fd433dSecunia Research has discovered a vulnerability in WinHKI versions 1.66 and 1.67, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in ztvunacev2.dll (UNACEV2.DLL) when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a user extracts a specially crafted ACE archive.
8d19c5c9543405f65e77f191242b6bcd10493614ad39c78d692b3fb58dd0ea1aSilent web CGI shell that passes all data between the client and server via cookies.
a410047e3049f504fb0a4cf57d0b03e0efbaf0c47007216944d2cb36be40092dSimple CGI scanner for doing large scans.
6daa6a8d4611c642c1065b8be83dbf13b7d9cbb1c5fa825a76911e1bd4c10ed2Blog Mod versions 0.2.x and below suffer from a SQL injection vulnerability.
77c148a6eb30f71545ab285133c87255a96ad295b1d410038c911f724dc0a510Thyme version 1.3 is susceptible to cross site scripting attacks.
c812a14efeb560b99eb03160ad2007bc59b43bb31efcd7bc67246d33afd43a9cXine version 0.99.4 appears susceptible to format string attacks.
62f25a84eba9e3749d25e73f729fb0af230802b3b37ce4ae221f19a7c6f78478CoolMenus Event remote file inclusion exploit.
886b473afcbe361564ad6e9f72a4ac3788cd931a85501d5595107885ad24a01a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed