Local root exploit for Cdrecord versions 2.0 and below under Linux. Version 1.10 is not vulnerable.
914dac976a698edcc4171c58949751d969d9fb21519d7ad028595eb0ff3c9047Microsoft's Windows Script Engine within the Windows operating system has a flaw in its implementation of jscript.dll. When a malicious web page is loaded with code that points to self.window() random errors and lock ups occur in Internet Explorer. Tested against IE versions: 5.01 (Win2000), 5.5(Win98SE), 6.0(WinXP). Vulnerable jscript.dll versions: 5.1.0.8513 (Win2000), 5.5.0.8513 (Win98SE), 5.6.0.6626 (WinXP Pro), 5.6.0.8513 (Win2000).
47ac1d606f466452571ac90777b13a37b24d69838cf1609016f6c7dfe9905845Atstake Security Advisory A051203-1 - The Apple AirPort XORs a password with a fixed maximum of 32 bytes against a predefined key. If a password is set to one character, a simple sniff of the 32 byte block will reveal 31 bytes of the XOR key. The final byte can be obtained by XORing the obfuscated first byte against the first character of the plaintext password.
72c9a3c6b408f1e2bd344bc4e089fb5e6fd14d01b2497ba07065546cd0280432Secunia Research Advisory - Opera browser versions 7.10 and 7.03 suffer from denial of service and possible remote code execution vulnerabilities due to incorrect handling of long filename extensions.
6813e2fb04422a621b2923b0573f448627a664e0e64d5de3ab7ba2ce8d64ae00Snitz Forums v3.3.3 has an SQL injection vulnerability in its register.asp page with its Email variable. Because register.asp does not check user input, remote users can execute stored procedures, such as xp_cmdshell, to arbitrarily run non-interactive commands on the system.
88e2db0c77773604dc8879db1c1af96995d5144b910b58b58ca6716c337beb02Linux x86 shellcode (48 bytes) which does setreuid(0,0); execve("/bin/bash", NULL); exit(0);
9b5c6592a60521c7b883d20faff2a3b2f672c2706732bafb65e60fe26cd543f8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed