header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

lprm-bsd.c – Exploit for lprm vulnerability in OpenBSD and FreeBSD-stable

It has been reported that a vulnerability in the handling of some types of requests exists in lprm. When an attacker sends a maliciously crafted string to a configured printer through the lprm command, it may be possible to execute code.

Exploit for Coffee Cup Password Wizard

A vulnerability exists in Password Wizard configured to generate Java applets to password protect pages. Specifically, the authentication credentials are stored in the HTML code. The credentials may be encrypted using an algorithm that can be cracked by an attacker. An attacker can simply view the HTML source code to obtain authentication credentials.

Dr. Web Virus Scanner Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names. An attacker is able to exploit this vulnerability by creating a malicious folder name of excessive length. When a virus scan is initiated, processing the folder name will trigger the buffer overflow condition. Successful exploitation of this issue will result in the execution of attacker-supplied code with the privileges of the Dr. Web virus scanner process.

3Com Superstack 3 Firewall HTTP Content Filter Fragmentation Vulnerability

A vulnerability has been reported in the 3Com Superstack 3 Firewall. HTTP content filters put in place by the device fail to assemble fragmented data, potentially allowing an attacker to access unauthorized web sites. An attacker could exploit this vulnerability by connecting a web server using a protocol in which data is fragmented when transferred.

Stack Overflow in File Program

It has been reported that a stack overflow exists in the file program. It is likely that this issue could be exploited to execute code as the user invoking file. An exploit code is provided which does cp /bin/sh /tmp/.sh;chmod 4755 /tmp/.sh and also echos the correct filename followed by ': data'. This exploit works without silly targets or offsets.

Exploit for file program <= 3.39

It has been reported that a memory allocation issue exists the file program. Although details of this issue are currently unavailable, it is likely that this issue could be exploited to cause a denial of service condition, and potentially execute code as the user of the file utility.

XFree86 XLOCALEDIR env local root exploit

Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploit this vulnerability by setting the XLOCALEDIR environment variable to an overly long value. When the vulnerable utilities are executed, the buffer overflow vulnerability will be triggered.

XFree86 xlock local root exploit

Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploit this vulnerability by setting the XLOCALEDIR environment variable to an overly long value. When the vulnerable utilities are executed, the buffer overflow vulnerability will be triggered.

XFree86 Utilities Buffer Overflow Vulnerability

Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploit this vulnerability by setting the XLOCALEDIR environment variable to an overly long value. When the vulnerable utilities are executed, the buffer overflow vulnerability will be triggered.

HP JetDirect J2552A/J2552B/J2591A/J3110A/J3111A/J3113A/J3263A/300.0 X Printer SNMP JetAdmin Device Password Disclosure Vulnerability

A problem with JetDirect printers could make it possible for a remote user to gain administrative access to the printer. It has been reported that HP JetDirect printers leak the web JetAdmin device password under some circumstances. By sending an SNMP GET request to a vulnerable printer, the printer will return the hex-encoded device password to the requester. This could allow a remote user to access and change configuration of the printer.

Recent Exploits: