A local user can exploit the version of adb shipped with AIX 4.2 through 4.3.1 to cause a denial of service, resulting in the machine being halted.
This program crashes Netscape Enterprise Server when it is running in SSL mode by exploiting a bug in the SSL handshake code. The server crashes if the client starts with SSL 2.0 format, uses a long record header, uses padding >= 8, sends at least 11 bytes more data than it specifies in the header, and sends at least about 4 kb data.
This exploit targets a buffer overflow vulnerability in the login and password fields of Symantec PcAnywhere. By sending a specially crafted payload, an attacker can overwrite adjacent memory and potentially execute arbitrary code.
This module exploits a stack overflow in the Windows Routing and Remote Access Service. Since the service is hosted inside svchost.exe, a failed exploit attempt can cause other system services to fail as well. A valid username and password is required to exploit this flaw on Windows 2000. When attacking XP SP1, the SMBPIPE op.
The exploit creates a malicious PDF file that triggers a memory corruption vulnerability in Able2Doc and Able2Doc Professional version 6.0. By opening the specially crafted PDF file, an attacker can corrupt the memory of the application, leading to potential code execution or system instability.
The exploit involves creating a malicious PDF file with a payload that causes a memory corruption in Able2Extract and Able2Extract Server v 6.0. By opening the crafted PDF file, an attacker can trigger the memory corruption and potentially execute arbitrary code.
This exploit allows an attacker to trigger a heap overflow vulnerability in the touchview.exe component of Kingview version 6.53. By sending a specially crafted packet to the network configuration interface, an attacker can cause a buffer overflow and potentially execute arbitrary code on the targeted system. This vulnerability was already patched by the vendor silently.
The LPRng software is an enhanced, extended, and portable version of the Berkeley LPR software (the standard UNIX printer spooler) that ships with Debian GNU/Linux. When root controls the print queue, the authentication that is used is based on whether the client source port connecting to lpd is privileged or not. Apparently, lpd does not check the source port properly, and it is possible for any local user to control the print queue with a modified client. The consequences of this vulnerability being exploited is a compromise of print queue control.
This is a Perl script that exploits a SQL injection vulnerability in DataLife Engine. It allows an attacker to retrieve the password hash for a specific user by brute-forcing the characters of the hash.
This is a buffer overflow exploit in the Lsof utility. When the utility is run with root privileges, it is vulnerable to a buffer overflow that can allow regular users to gain root privileges.
Services By CQR
