Tftpd32 is vulnerable to a remote file download/upload attack, allowing an attacker to download and upload arbitrary system files. This can be exploited by sending a GET or PUT request to the tftp host, followed by the file path. For example, an attacker can send a GET request to download the boot.ini file, or a PUT request to upload a malicious file to the boot.ini path.
A vulnerability has been discovered in Traceroute-nanog. It has been reported that Traceroute-nanog contains a buffer overflow condition. The overflow occurs in the 'get_origin()' function in the 'traceroute.c' file. Due to insufficient bounds checking performed by the whois parser, it may be possible to cause 'get_origin()' to corrupt memory on the system stack. This vulnerability can be exploited by an attacker to gain root privileges on a target host.
This exploit allows a remote attacker to execute arbitrary code on a vulnerable system by overflowing a buffer with malicious format strings. The exploit uses a shellcode to spawn a shell and run the command 'ingreslock stream tcp nowait root /bin/bash bash -i'>/tmp/.inetd.conf; /usr/sbin/inetd /tmp/.inetd.conf'
Pi3Web Server is vulnerable to a denial of Service when a malformed HTTP Request is done the webserver hangs due to an stack overflow. GET /////////..[354]../////////
CuteCast is a web-based streaming media server application. It has been reported that the default configuration of CuteCast is insecure, as it stores user information in a publicly accessible directory. This includes plaintext credentials, which can be accessed via the URL http://www.example.com/cgi-bin/cutecast/members/<username>.user.
AOL Instant Messenger (AIM) is prone to an issue which may allow attackers to execute arbitrary files on the client system. It is possible to send a malicious link which references local files to a user of the client. When the link is visited, the referenced file on the client's local filesystem will be executed. To exploit this issue, the attacker must know the exact location of the file to be executed. Additionally, there can be no spaces in the path or filename. This limits exploitability, since files must be on the same partition and command line arguments cannot be supplied.
VBZoom 1.01 fails to properly validate the types of files that are received, allowing an attacker to specify an arbitrary file to be uploaded. This can be exploited to upload malicious PHP scripts to the vulnerable system, which will be executed in the security context of the site hosting VBZoom.
A vulnerability has been discovered in Citrix which allows an attacker to obtain information regarding Published Applications by sending specially crafted requests to the Citrix server, and examining responses. By bruteforcing a Citrix Published Applications list, it may be possible for an attacker to launch further attacks.
The IBM AIX errpt command is prone to a locally exploitable buffer overflow condition. It is possible to exploit this condition to execute arbitrary attacker-supplied instructions with root privileges.
This exploit is a local buffer overflow vulnerability in the gnomehack game. It allows an attacker to gain elevated privileges by exploiting a vulnerability in the game. The exploit was tested on Debian 2.2, kernel 2.2.17 - x86. The exploit uses a NOP sled and shellcode to gain elevated privileges. The exploit is triggered by executing the gnomehack game with a specially crafted buffer as an argument.
Services By CQR