GoText 1.01 discloses user informations to local users.
This is an exploit for the vulnerability discovered in Pidgin by core-security. The library "libmsn" used by pidgin doesn't handle specially crafted MsnSlp packets which could lead to memory corruption.
This exploit takes advantage of a buffer overflow vulnerability in FTPShell Client 4.1 RC2. By sending a malicious pasv response, an attacker can trigger the buffer overflow and potentially execute arbitrary code on the target system. The exploit has been tested on Windows XP SP3 and Windows 2000 SP4.
This exploit takes advantage of a SEH (Structured Exception Handling) overwrite vulnerability in Audio Lib Player. By creating a specially crafted playlist file (exploit.m3u) and loading it into the player, an attacker can trigger the exploit and gain control of the program, potentially allowing for remote code execution.
This exploit allows an attacker to execute remote commands on a target system running Agoko CMS version 0.4 or earlier. The attacker needs to provide the host and path as input parameters to the exploit script. The script checks if a shell already exists on the target system and if not, proceeds to inject a shell. Once the shell is injected, the attacker can execute arbitrary commands on the target system.
This exploit allows remote attackers to execute arbitrary code via a long GET request to the webtool component. The vulnerability is caused due to a boundary error within the webtool when handling requests with overly long URIs. This can be exploited to cause a stack-based buffer overflow via a specially crafted GET request.
There is a pre authentication buffer overflow that exists in the login mechanism of the WebSTAR FTP service. See advisory for further details.
The tcpdump program, specifically versions 3.8.x to 3.9.1, is vulnerable to a remote denial of service attack. This vulnerability is caused by a single (GRE) packet that triggers an infinite loop in the isis_print() function, which is used in many places by tcpdump. The bug lies in the TLV_ISNEIGH_VARLEN portion of the code, where providing a zero length causes the infinite loop.
Multiple remote file inclusion vulnerabilities in FreeSchool 1.1.0 allow remote attackers to execute arbitrary PHP code via a URL in the CLASSPATH parameter to (1) biblioteca/bib_form.php, (2) biblioteca/bib_pldetails.php, (3) biblioteca/bib_plform.php, (4) biblioteca/bib_plsearchc.php, (5) biblioteca/bib_plsearchs.php, (6) biblioteca/bib_save.php, (7) biblioteca/bib_searchc.php, (8) biblioteca/bib_searchs.php, (9) biblioteca/edi_form.php, (10) biblioteca/edi_save.php, (11) biblioteca/gen_form.php, (12) biblioteca/gen_save.php, (13) biblioteca/lin_form.php, (14) biblioteca/lin_save.php, (15) biblioteca/luo_form.php, (16) biblioteca/luo_save.php, (17) biblioteca/sog_form.php, (18) biblioteca/sog_save.php, (19) calendario/cal_insert.php, (20) calendario/cal_save.php, or (21) calendario/cal_saveactivity.php.
tcpdump(v3.8.3 and earlier versions) contains a remote denial of service vulnerability in the form of a single (BGP) packet causing an infinite loop. BGP is TCP, however the victim does not have to have the BGP port(179) open to abuse the bug. by sending a specially crafted (spoofed) TCP(ACK)