header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Insufficient Sanity Checks

A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI parameters. By specifying a malicious INBOX file in a request, the contents of the file may be disclosed to a remote attacker. All files would be accessed with the privileges of the user invoking Imp.

Buffer Overflow in BSD Telnet Daemon

A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can occur when a combination of telnet protocol options are received by the daemon. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking.

Squid Web Proxy Port Scanning Vulnerability

Squid servers, when configured as an 'HTTP accelerator only', may allow remote attackers to use them as port scanners. There is also a potential that they will grant proxied access to the malicious user. To exploit this vulnerability, the attacker needs to set squid to HTTPD_accel mode, with a particular host and strict ACL's, export httpd_proxy='HTTP://squid-server:port' and use lynx HTTP://victim:port/. If the port is open, the attacker will get a HTTP 200 code and sometimes a response with some services SSH, SMTP, etc.

Slackware Linux Local File Creation Vulnerability

Slackware Linux contains a configuration error that enables local users to create files in the directory used by the system manual pager ('man') for cache files. Due to the behaviour of the 'man' program, it may be possible for an attacker to create a malicious cache file causing the execution of arbitrary code when another user views a manual page corresponding to that cache file.

Quake Network Play Denial of Service Vulnerability

A flaw has been identified in the product's network play features which allows a maliciously designed client to prevent legitimate players from connecting to the Quake server. Additionally, it is possible to disconnect players that have already connected to the Quake server.

Interactive Story Arbitrary File Access Vulnerability

Interactive Story is a web-based application written in Perl and is distributed as freeware. It does not filter '../' sequences from user input submitted to a hidden file called 'next'. Remote attackers may take advantage of this by crafting URLs that allow them to break out of webroot and view arbitrary web-readable files. If an attacker sets the 'next' field to something like '../../../../../../../../../../etc/passwd%00', Interactive Story will open and display the password file.

Microsoft Outlook View Control Arbitrary Command Execution Vulnerability

The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts. Scripts can execute commands without user knowledge or consent.

Recent Exploits: