Windows FTP Server is prone to a remote format string vulnerability when processing a malicious request from a client. The vulnerability presents itself when the server receives a malicious request containing embedded format string specifiers from a remote client when supplying a username during FTP authentication. This could be exploited to crash the server but could also theoretically permit corruption/disclosure of memory contents and execution of arbitrary code.
The exploit causes IDA Pro 6.3 to crash due to an internal error. The root cause of the problem is the lack of validation to verify if e_shstrndx > e_shnum before referencing it.
This module exploits a flaw in the SurgeFTP server's web-based administrative console to execute arbitary commands.
A vulnerability has been identified in the YaSoft Switch Off software package when handling message requests. The buffer overrun condition exists in the 'swnet.dll' module of the software due to insufficient bounds checking performed by the affected component. The overflow may be caused by sending an excessively long 'message' parameter to the application. This may make it possible for a remote user to execute arbitrary code through a vulnerable server.
The vulnerability allows a local user to cause a denial of service (DoS) condition on the target system. This can be achieved by specifying a large password for a SecKeychainUnlock() call. The SecurityServer crashes during a memory copy operation, potentially leading to memory corruption. Although unconfirmed, this could potentially allow for the execution of arbitrary code.
The Apache mod_php module is prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors. This vulnerability can be exploited by a local attacker to pose as a legitimate server and potentially steal or manipulate sensitive information.
When a user is presented with a file dialog in Opera, a temporary file is created. It is possible for an attacker to specify a relative path to another file on the system using directory traversal sequences. If the user has write permissions to the specified file, it can be corrupted. This vulnerability could be exploited to delete sensitive files on the system. It is unknown if it could be used to trojan files.
The ProjectForum application is prone to a denial of service vulnerability. This vulnerability allows remote attackers to crash the server by sending an excessively long string via the 'find' request.
This is a Perl script that exploits a vulnerability in the Sami FTP server. It is based on a remote exploit by Critical Security. The script allows an attacker to execute arbitrary code on a vulnerable system. The script has been tested on Windows 2000 SP4 Italian and English versions and Windows XP Pro SP2 Italian and English versions. The exploit uses a specific return address depending on the target system.
A remote attacker can gain unauthorized access to a system using the vulnerable software by exploiting a buffer overflow vulnerability in the 'abook_dbname' function. By sending a long argument with the FETCHADDRESS command, the attacker can cause a buffer overflow and execute arbitrary commands.
Services By CQR