Several bugs, including integer overflows and memory leaks, have been found in the NetSurf web browser. The researcher was able to overwrite the ESI register with their own data, which could lead to heap-based exploitation of the bugs. Large values passed to certain HTML tag attributes can trigger integer overflows when allocating memory.
This exploit allows an attacker to escalate their privileges on a system by modifying the root's encrypted password. The exploit is specific to the ncpfs 2.2.5 version on Gentoo. It requires the attacker to have access to the system and execute the provided script. The script will create a temporary directory, modify the ~/.nwclient file, mount the directory using ncpmount, and then remove the temporary directory and restore the ~/.nwclient file. If successful, the attacker will have root privileges. For more details, refer to milw0rm.com.
The DMXReady BillboardManager version 1.1 and below is vulnerable to remote contents change. An attacker can exploit this vulnerability to modify the contents of the billboard remotely.
This exploit allows for privilege elevation in Linux kernel 2.4 series using the uselib() function. The exploit is based on the original exploit source from http://isec.pl and has been modified to increase the chance of success. It should work on 2.4 SMP but may not be easy. The exploit requires a race condition to be successful and has a time delta of 5000 milliseconds to detect the race. The exploit uses a temporary library location, a shell name, and a magic value of 0xdeadbabe. The exploit uses various system calls and includes definitions from the Linux kernel.
This exploit allows an attacker to read files on a vulnerable Teamspeak server. The vulnerability was found and the exploit was written by c411k. The exploit was tested on Windows using the ts2_server_rc2_202317 and ts2_server_rc2_20201.exe versions of the Teamspeak server. The exploit can be accessed through http://localhost/ts_xek.php.
This exploit targets the /usr/bin/trn binary and allows an attacker to gain root privileges. By providing a specially crafted 'buf' argument, the attacker can overwrite the return address and execute arbitrary code. The exploit includes a shellcode that spawns a root shell. This vulnerability affects versions of trn on Mandrake 9.2, Slackware 10.0.0, and Slackware 9.1.0.
This is a remote format string exploit for Gpsd. It allows an attacker to execute arbitrary code with the privileges of the gpsd or root user. The exploit works by exploiting a format string vulnerability in the program. By providing a specially crafted format string as input, an attacker can overwrite memory addresses and gain control of the program's execution flow.
This is an exploit for the SiteMan vulnerability discovered by "amironline452". The exploit allows an attacker to create a new user with arbitrary credentials and email address.
The code provided shows multiple instances of SQL injection vulnerabilities in the application. The vulnerable code uses user input directly in SQL queries without proper sanitization or parameterization. This allows an attacker to manipulate the queries and potentially execute arbitrary SQL commands.
This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the user input for the `configdir` parameter. If the users sends a command prefixed and postfixed with | , the command will be executed.
Services By CQR