Under some circumstances, it may be possible to disclose the contents of directories. By passing a malicious request to the viewtopic.php script, UPB may return a listing of the directory. This could be further refined to disclose the contents of selected files.
A vulnerability has been discovered in Boozt. By passing a malicious parameter of excessive length to the index.cgi script, it is possible to overrun a buffer. This could be exploited by a remote attacker to corrupt sensitive memory, which may result in the execution of arbitrary code.
A buffer overflow vulnerability has been reported for Moby NetSuite that may result in a denial of service condition. It is possible to cause NetSuite to crash when a malformed POST request is received. An attacker can exploit this vulnerability by issuing a malformed POST request. When NetSuite attempts to service the malformed POST request, it will crash resulting in a denial of service. Restarting the service is necessary to restore functionality.
The vulnerability allows for the construction of bytecode that can instantiate objects without proper initialization, leading to potential read/write access to system files despite the security constraints of the Applet sandbox.
Light httpd is prone to a remotely exploitable buffer overflow condition. This overflow can be triggered by sending the server an excessively long GET request. As Light httpd drops user privileges when running, exploitation of this issue may result in the execution of arbitrary attacker-supplied commands with the privileges of the 'nobody' user.
The Visual Tools DVR systems have multiple vulnerabilities that allow an unauthorized user to access the DVR web interface and gain a root shell on the system. The vulnerabilities include administration password disclosure, default administration password, and log files disclosure. The vulnerabilities can be exploited during the first ten minutes after system boot.
This exploit targets a vulnerability in Huawei Technologies' Internet Mobile software. It is a Unicode SEH based vulnerability that allows for local exploitation. The exploit has been tested on Windows XP SP1 and may not work on other versions of Windows due to SafeSEH enabled.
By passing an excessively long commandline argument to Abuse, it is possible to overrun a buffer. Exploiting this issue could allow a local attacker to overwrite sensitive memory variables, resulting in the execution of arbitrary code, within the context of the Abuse process.
The SolarWinds TFTP Server does not properly handle user-supplied input. Due to insufficient handling of user input, it is possible for a remote user to request arbitrary files from the vulnerable server. It would be possible for a remote user to download any files readable through the permissions of the TFTP Server user.
The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled.
Services By CQR