It is possible to crash rpc.ttdbserver by using the old tddbserver buffer overflow exploit. This problem is caused by a NULL pointer being dereferenced when rpc function 15 is called with garbage. You cannot make rpc.ttdbserver execute arbitrary code with this vulnerability. The consequence of this vulnerability being exploited is a denial of service condition (rpc.ttdbserver).
The Delegate proxy server from ElectroTechnical Laboratory has numerous unchecked buffers that could be exploited to remotely compromise the server. The exploit code provided in the text opens a shell with the privileges of the nobody user.
Variable $_CONF[path] not sanitized. When register_globals=on an attacker can exploit this vulnerability with a simple PHP injection script. The vulnerability can be exploited by injecting an evil script into the _CONF[path] parameter in various plugins of GeekLog. The affected plugins include links, polls, spamx, and more.
This exploit takes advantage of a buffer overflow vulnerability in ALLMediaServer 0.8. It allows an attacker to execute arbitrary code by sending a specially crafted payload to the target server. The exploit uses a combination of a short jump (NSEH) and a POP POP RETN (SEH) to bypass stack protection mechanisms and gain control of the program flow. The payload can be replaced with any desired shellcode.
Certain versions of WebBBS by Mike Bryeans of International TeleCommunications contain a flaw in the initial login program. User supplied data via the login name and password are not bounds checked and can result in a buffer overflow. This leads a compromise of the system running WebBBS.
There is a buffer overflow in the HELO command of the smtp gateway which ships as part of the VirusWall product. This buffer overflow could be used to launch arbitrary code on the vulnerable server.
Multiple SQL Injection vulnerabilities are detected in the CLscript v3.0 Content Management System. The vulnerability allows an attacker (remote) to inject/execute own sql commands on the affected application dbms. The vulnerabilities are located in the userDetail.php, advertise_detail.php or land.php files.
The GuestBook Scripts PHP v1.5 is vulnerable to multiple web vulnerabilities. The script allows visitors to leave comments and feedback on a website. However, it has several security issues including HTML and JavaScript injections, lack of input validation, and insufficient protection against spam. These vulnerabilities can potentially lead to unauthorized access, data manipulation, and denial of service attacks.
This exploits a buffer overflow in RealServers web authentication on the administrator port. By sending a long response to the authentication request, the buffer can be overwritten and arbitrary code can be executed on the server.
This exploit takes advantage of a buffer overflow vulnerability in the remote web administration feature of Real Server software. By sending a long response to the authentication request, arbitrary code can be executed on the server.
Services By CQR
