The Nagios Plugins software is vulnerable to a remote buffer-overflow vulnerability. Attackers can exploit this vulnerability to execute arbitrary machine code in the context of the affected users. The vulnerability exists due to the software's failure to properly bounds-check user-supplied data before copying it to a buffer that is not large enough.
The vulnerability allows remote attackers to execute arbitrary commands in the context of users that follow malicious URIs. Attack vectors include following URIs in Mozilla Firefox, Skype, Adobe Acrobat Reader, Miranda, Netscape, and mIRC. The issue in BID 25543 (Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability) can also be exploited as an attack vector for this issue.
The Dawn of Time MUD server is prone to multiple format-string vulnerabilities. Exploiting these issues will allow attackers to execute arbitrary code with the permissions of a user running the application. Failed attacks will likely cause denial-of-service conditions.
The vulnerabilities in DropTeam allow an attacker to execute arbitrary code, crash the application, and obtain sensitive information. These vulnerabilities can be exploited remotely.
Stuffed Tracker is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This exploit takes advantage of a command injection vulnerability in Mac OS X 10.4.8 (8L2127) to execute arbitrary commands. By modifying the CMD_STRING variable, an attacker can execute any command they desire. The exploit uses a static address for the command string, but this may need to be adjusted depending on the execution method and string length. The payload includes the addresses for system(), setuid(), and the command string. Sleds are also included to allocate large heap chunks for better reliability. This exploit was released on January 1, 2007, and was developed by LMH and Kevin Finisterre.
The Cart32 application fails to sanitize user-supplied input, leading to an arbitrary file download vulnerability. An attacker can exploit this vulnerability to download arbitrary files within the context of the webserver process, potentially aiding in further attacks.
GForge is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.
The FeedBurner FeedSmith plugin is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to use a victim's currently active session to perform actions with the application. The vulnerability can be exploited by sending a malicious request to the affected application.
The vulnerability allows an attacker to spoof responses to DNS requests, corrupting the DNS cache with attacker-specified content. This can aid in further attacks such as phishing.