Oracle Internet Directory 10.1.4 preauthentication Denial Of Service vulnerability was found by Joxean Koret. Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. The server 'commonly' tolerates one shoot, but even when you only send one packet it will crash. Tested on Win2000 x86, WinXP x86, Win2003 X86_64.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable script. The vulnerable parameter is 'id' which is not properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. An attacker can exploit this vulnerability to gain access to the administrator panel.
This exploit is used to gain access to the admin details of AlstraSoft Article Manager Pro. It uses a blind SQL injection technique to extract the admin details from the database. The exploit is written in Perl and uses the LWP::Simple module to send HTTP requests to the target server.
This vulnerability allows an authenticated user to set arbitrary SELinux roles when OpenSSH is configured with --with-selinux. This is done by specifying the role in the username after a forward slash '/'. This is a bug jailed in some distros because of legacy code.
Video Share Enterprise is prone to a remote SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
A buffer overflow vulnerability exists in the StartURL() method of the ActiveX control '72B15B25-2EC8-4CDD-B284-C89A5F8E8D5F' when a long string is passed as an argument. This can be exploited to execute arbitrary code by tricking a user into visiting a malicious web page.
An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the URL. The malicious query will return the admin login and password from the database.
A vulnerability in Joomla Component DT Register allows remote attackers to inject arbitrary SQL commands via the eventId parameter in a index.php?option=com_dtregister request.
A vulnerability exists in PHPizabi v0.848b C1 HFP1, which allows an attacker to execute arbitrary code on the vulnerable system. This is due to the lack of proper input validation in the system/v_cron_proc.php script, which allows an attacker to inject malicious code into the CONF[CRON_LOGFILE] and CONF[LOCALE_LONG_DATE_TIME] parameters. This can be exploited to execute arbitrary code on the vulnerable system by sending a specially crafted HTTP POST request.
A buffer overflow vulnerability exists in Black Ice Software's Document Imaging SDK 10.95. By supplying a specially crafted argument to the GetNumberOfImagesInGifFile method of the biimgfrm.ocx ActiveX control, an attacker can cause a stack-based buffer overflow, resulting in a denial of service condition. The CLSID of the vulnerable ActiveX control is {79956462-F148-497F-B247-DF35A095F80B}. The vulnerable ActiveX control is marked as safe for scripting and initialization, and the kill bit is not set.
Services By CQR