This exploit allows remote attackers to execute arbitrary commands on a server running DokuWiki <= 2006-03-09b release by exploiting a vulnerability in the /bin/dwpage.php script. The vulnerability can be triggered if the register_argc_argv setting is turned on. By sending a specially crafted request, an attacker can inject shell commands and execute them on the target server.
Attackers could exploit these issues to cause a denial of service or to execute arbitrary code.
A problem in the handling of some types of remote files has been reported in mpg123. Because of this, it may be possible for a remote attacker to execute arbitrary code with the privileges of the mpg123 user.
A remotely exploitable buffer overrun vulnerability has been reported in ProFTPD. This issue could be triggered if an attacker uploads a malformed file and then that file is downloaded in ASCII mode. Successful exploitation will permit a malicious FTP user with upload access to execute arbitrary code in the context of the FTP server. It is also reported that ProFTPD does not adequately drop privileges in some circumstances, which may compound the risks associated with exploitation.
The configuration files for the RealOne Player are installed in a hidden folder in a user's home directory. These configuration files have insecure permissions, allowing an attacker in the same group as the target user to modify the files and escalate privileges to that of the target user. The exploit involves modifying the path to shared libraries and writing malicious shared libraries.
A vulnerability has been reported for various Roger Wilco server releases. The problem occurs server-side, and can be triggered when processing malformed client packets. Specifically, when connecting to a server the Roger Wilco client transmits a packet containing the size of data to be copied into an internal buffer. As a result, a malicious user could modify the size to result in excessive data being copied into a previously allocated buffer. This could ultimately allow for sensitive server memory to be corrupted, potentially resulting in the execution of arbitrary code.
Due to insufficient input validation, an unauthenticated attacker can disclose arbitrary local files with the privileges of the webserver. This includes the user/administrator database. As the attacker-controlled path is passed to the PHP include() function, code execution is also possible. Furthermore, the path is then passed to the unlink() function and therefore can be used to delete arbitrary files in the filesystem.
The 'username' parameter in the 'kingchat.php' file of the KingChat MyBB plugin is vulnerable to SQL Injection. An attacker can exploit this vulnerability by injecting malicious SQL code into the 'username' parameter, which is not properly sanitized.
This exploit takes advantage of a buffer overrun vulnerability in Ipswitch WS_FTP Server when handling the APPE and STAT FTP commands. An FTP user can send excessive input to these commands, potentially executing arbitrary code on the server or causing a denial of service.
A denial of service vulnerability has been alleged in ZoneAlarm. It is reportedly possible to reproduce this condition by sending a flood of UDP packets of random sizes to random ports on a system hosting the vulnerable software.
Services By CQR