«
Expand/Collapse
367 items tagged "execution"
Related tags:
x code [+],
ruby [+],
vulnerability [+],
command execution [+],
victim machine [+],
spreecommerce [+],
proof of concept [+],
php code [+],
osx [+],
management [+],
gitorious [+],
gadu [+],
apache [+],
active x [+],
command [+],
zenphoto [+],
wordpress [+],
script [+],
sap [+],
exploit [+],
day [+],
vsa [+],
struts [+],
store [+],
register [+],
mac app [+],
gadu gadu [+],
directory traversal [+],
data execution prevention [+],
attackers [+],
arbitrary [+],
wireshark [+],
winamp [+],
websense [+],
webcalendar [+],
webapps [+],
version v1 [+],
version [+],
vbseo [+],
valid username [+],
uri [+],
typo [+],
trust issue [+],
triton [+],
traq [+],
tinymce [+],
system [+],
soap [+],
slimpdf [+],
shell [+],
sharpgrid [+],
session management [+],
secure [+],
sdk [+],
samba [+],
safari [+],
router function [+],
root privilege [+],
root certificate [+],
rogue server [+],
realplayer [+],
realnetworks [+],
realgames [+],
reader [+],
proof [+],
privilege escalation vulnerability [+],
pls file [+],
phpmyfaq [+],
phpfox [+],
php scripts [+],
php barcode [+],
pcvue [+],
password disclosure [+],
page parameter [+],
page [+],
owncloud [+],
overflows [+],
overflow vulnerability [+],
overflow [+],
onefilecms [+],
mysqldumper [+],
monitor [+],
modacom [+],
mobility [+],
minicms [+],
meta characters [+],
malware [+],
magneto [+],
lua [+],
lifestyle management [+],
libavcodec [+],
java runtime environment [+],
instance [+],
information disclosure [+],
information [+],
inclusion [+],
heap [+],
freewebshop [+],
freepbx [+],
file corruption [+],
ffmpeg [+],
fckeditor [+],
exploits [+],
executable file [+],
eval [+],
drupal [+],
dhclient [+],
decisiontools [+],
context variables [+],
console [+],
ckeditor [+],
cisco products [+],
cisco [+],
bypass [+],
buffer overflow vulnerability [+],
browser [+],
black ice [+],
barcode [+],
awstats [+],
arbitrary commands [+],
apple security [+],
aphpkb [+],
apache struts [+],
antivirus [+],
anfibia [+],
alegrocart [+],
aidicms [+],
activex version [+],
active x control [+],
Software [+],
xpdf [+],
windows multimedia [+],
tinywebgallery [+],
splunk [+],
script file [+],
safer use [+],
pro versions [+],
plugin [+],
phpmyadmin [+],
multimedia library [+],
midi [+],
mac os x [+],
lua script [+],
kernel memory [+],
kernel [+],
java code execution [+],
esignal [+],
disclosure issues [+],
directory traversal vulnerability [+],
bit [+],
automation [+],
apple mac os x [+],
apple mac os [+],
arbitrary code execution [+],
remote [+],
zdi [+],
xsltresult [+],
x86 [+],
x prior [+],
x cve [+],
windows [+],
win [+],
webkit [+],
web configurator [+],
vmware [+],
usa [+],
unauthenticated [+],
typo3 [+],
svg [+],
shellcode [+],
server manager [+],
root [+],
rmi server [+],
protection mechanisms [+],
prevention [+],
postgresql [+],
php 5 [+],
opentext [+],
null [+],
mozilla firefox [+],
mozilla [+],
microsoft windows [+],
microsoft [+],
maynor [+],
manager remote [+],
manager [+],
license server [+],
java rmi [+],
java execution [+],
java [+],
internet explorer [+],
glsa [+],
functions [+],
firefox [+],
family connections [+],
disclosure [+],
david maynor [+],
data protector [+],
data [+],
bugtraq [+],
black hat [+],
authors [+],
attacker [+],
aslr [+],
apple webkit [+],
administration kit [+],
administration [+],
arbitrary command [+],
ajax [+],
cross site scripting [+],
php [+],
code execution [+],
code [+],
vulnerabilities [+],
apple safari [+],
zip,
zero day,
zach hoffmann,
xine,
wmp,
wmitools,
windows machines,
winamp versions,
whitepaper,
vulnerable version,
viscom,
version 6,
user assisted,
user,
uploadservlet,
txt,
toolbar,
temp directory,
sql,
spring framework,
spring,
smarterstats,
shortcut,
shell commands,
security issue,
security,
secunia,
script execution,
roberto suggi,
retired,
research,
quot,
protocol handler,
professional,
privilege elevation,
privilege,
performance,
pdf,
payload,
package,
opera,
openedit,
ofbiz,
novell zenworks,
novell iprint,
novell,
new,
netcraft toolbar,
netcraft,
multiple,
mitel,
midi parser,
meshcms,
mcafee,
malicious website,
lucent,
lotus domino,
lomtec,
local privilege escalation,
library path,
ld library,
layout engine,
krb5,
kdc,
jtiny,
jdownloader,
javascript engine,
jakcms,
jaf cms,
jaf,
j integra,
interface code,
interface,
integra 2,
insight,
ignition,
icq,
html tables,
hp performance,
graphical user interface,
gold version,
gold,
framework,
flexdb,
flag,
file upload,
file,
exec,
engine,
elevation,
element,
editable,
e pre ,
dsa,
download,
dotnetnuke,
dos command,
domino,
dom node,
document position,
detection,
denial of service,
debug,
database login,
database,
credentials,
contacts,
configuration management,
concept,
code security,
cms,
christian holler,
can bite,
bug,
buffer overflows,
bind request,
awc,
avira antivir,
arbitrary code,
apps,
application execution,
application,
apple quicktime,
android,
amp,
alice,
alguest,
akamai download,
activeweb,
ARM
-
-
16:56
»
Packet Storm Security Exploits
MySQLDumper version 1.24.4 suffers from code execution, cross site request forgery, cross site scripting, local file inclusion, and directory traversal vulnerabilities.
-
16:56
»
Packet Storm Security Recent Files
MySQLDumper version 1.24.4 suffers from code execution, cross site request forgery, cross site scripting, local file inclusion, and directory traversal vulnerabilities.
-
16:56
»
Packet Storm Security Misc. Files
MySQLDumper version 1.24.4 suffers from code execution, cross site request forgery, cross site scripting, local file inclusion, and directory traversal vulnerabilities.
-
-
18:16
»
Packet Storm Security Exploits
FreePBX versions 2.10.0, 2.9.0, and perhaps earlier versions suffer from cross site scripting and remote code execution vulnerabilities.
-
-
18:03
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Lotus CMS 3.0's Router() function. This is done by embedding PHP code in the 'page' parameter, which will be passed to a eval call, therefore allowing remote code execution. The module can either automatically pick up a 'page' parameter from the default page, or manually specify one in the URI option.
-
18:03
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Lotus CMS 3.0's Router() function. This is done by embedding PHP code in the 'page' parameter, which will be passed to a eval call, therefore allowing remote code execution. The module can either automatically pick up a 'page' parameter from the default page, or manually specify one in the URI option.
-
18:03
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Lotus CMS 3.0's Router() function. This is done by embedding PHP code in the 'page' parameter, which will be passed to a eval call, therefore allowing remote code execution. The module can either automatically pick up a 'page' parameter from the default page, or manually specify one in the URI option.
-
16:45
»
Packet Storm Security Exploits
This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using Windows Media Player's ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than how much is available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing us to either "inc al" or "dec al" a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. At this time, for IE 8 target, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention). Note: Based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.
-
16:45
»
Packet Storm Security Recent Files
This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using Windows Media Player's ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than how much is available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing us to either "inc al" or "dec al" a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. At this time, for IE 8 target, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention). Note: Based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.
-
16:45
»
Packet Storm Security Misc. Files
This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using Windows Media Player's ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than how much is available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing us to either "inc al" or "dec al" a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. At this time, for IE 8 target, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention). Note: Based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.
-
-
16:08
»
Packet Storm Security Exploits
WordPress versions 3.3.1 and below suffer from MySQL username/password disclosure, PHP code execution and cross site scripting vulnerabilities.
-
16:08
»
Packet Storm Security Misc. Files
WordPress versions 3.3.1 and below suffer from MySQL username/password disclosure, PHP code execution and cross site scripting vulnerabilities.
-
-
20:50
»
Packet Storm Security Exploits
This Metasploit module exploits an arbitrary command execution vulnerability in the in gitorious. Unvalidated input is send to the shell allowing command execution.
-
20:50
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary command execution vulnerability in the in gitorious. Unvalidated input is send to the shell allowing command execution.
-
20:50
»
Packet Storm Security Misc. Files
This Metasploit module exploits an arbitrary command execution vulnerability in the in gitorious. Unvalidated input is send to the shell allowing command execution.
-
-
22:39
»
Packet Storm Security Exploits
This Metasploit module exploits an arbitrary root command execution vulnerability in OP5 Monitor welcome. Ekelow AB has confirmed that OP5 Monitor versions 5.3.5, 5.4.0, 5.4.2, 5.5.0, 5.5.1 are vulnerable.
-
22:39
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary root command execution vulnerability in OP5 Monitor welcome. Ekelow AB has confirmed that OP5 Monitor versions 5.3.5, 5.4.0, 5.4.2, 5.5.0, 5.5.1 are vulnerable.
-
22:39
»
Packet Storm Security Misc. Files
This Metasploit module exploits an arbitrary root command execution vulnerability in OP5 Monitor welcome. Ekelow AB has confirmed that OP5 Monitor versions 5.3.5, 5.4.0, 5.4.2, 5.5.0, 5.5.1 are vulnerable.
-
-
16:02
»
Packet Storm Security Exploits
Apache Struts2 versions 2.2.1.1 and below suffer from an ExceptionDelegator remote command execution vulnerability. Versions 2.3.1 and below suffer from remote command execution vulnerabilities related to CookieInterceptor and DebuggingInterceptor. Versions 2.3.1 and below suffer from a file overwrite vulnerability in ParametersInterceptor.
-
16:02
»
Packet Storm Security Recent Files
Apache Struts2 versions 2.2.1.1 and below suffer from an ExceptionDelegator remote command execution vulnerability. Versions 2.3.1 and below suffer from remote command execution vulnerabilities related to CookieInterceptor and DebuggingInterceptor. Versions 2.3.1 and below suffer from a file overwrite vulnerability in ParametersInterceptor.
-
16:02
»
Packet Storm Security Misc. Files
Apache Struts2 versions 2.2.1.1 and below suffer from an ExceptionDelegator remote command execution vulnerability. Versions 2.3.1 and below suffer from remote command execution vulnerabilities related to CookieInterceptor and DebuggingInterceptor. Versions 2.3.1 and below suffer from a file overwrite vulnerability in ParametersInterceptor.
-
-
14:09
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Webkit Library.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
8:36
»
Packet Storm Security Recent Files
Sec-1 Labs performed a product security analysis of Splunk and discovered remote command execution as a privileged user, a directory traversal vulnerability, failure to protect itself from brute force attacks and information disclosure issues. Versions 4.2.2, 4.2.3 and 4.2.4 were tested. This archive contains an advisory and an exploit.
-
8:36
»
Packet Storm Security Misc. Files
Sec-1 Labs performed a product security analysis of Splunk and discovered remote command execution as a privileged user, a directory traversal vulnerability, failure to protect itself from brute force attacks and information disclosure issues. Versions 4.2.2, 4.2.3 and 4.2.4 were tested. This archive contains an advisory and an exploit.
-
-
7:57
»
Packet Storm Security Exploits
This Metasploit module exploits an arbitrary command execution vulnerability in Traq 2.0 to 2.3. It's in the admincp/common.php script. This function is called in each script located into /admicp/ directory to make sure the user has admin rights, but this is a broken authorization schema due to the header() function not stopping the execution flow.
-
7:57
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary command execution vulnerability in Traq 2.0 to 2.3. It's in the admincp/common.php script. This function is called in each script located into /admicp/ directory to make sure the user has admin rights, but this is a broken authorization schema due to the header() function not stopping the execution flow.
-
7:57
»
Packet Storm Security Misc. Files
This Metasploit module exploits an arbitrary command execution vulnerability in Traq 2.0 to 2.3. It's in the admincp/common.php script. This function is called in each script located into /admicp/ directory to make sure the user has admin rights, but this is a broken authorization schema due to the header() function not stopping the execution flow.
-
-
21:37
»
Packet Storm Security Exploits
This Metasploit modules exploits a vulnerability in Wireshark 1.6 or less. When opening a pcap file, Wireshark will actually check if there's a 'console.lua' file in the same directory, and then parse/execute the script if found. Versions affected by this vulnerability: 1.6.0 to 1.6.1, 1.4.0 to 1.4.8
-
21:37
»
Packet Storm Security Recent Files
This Metasploit modules exploits a vulnerability in Wireshark 1.6 or less. When opening a pcap file, Wireshark will actually check if there's a 'console.lua' file in the same directory, and then parse/execute the script if found. Versions affected by this vulnerability: 1.6.0 to 1.6.1, 1.4.0 to 1.4.8
-
21:37
»
Packet Storm Security Misc. Files
This Metasploit modules exploits a vulnerability in Wireshark 1.6 or less. When opening a pcap file, Wireshark will actually check if there's a 'console.lua' file in the same directory, and then parse/execute the script if found. Versions affected by this vulnerability: 1.6.0 to 1.6.1, 1.4.0 to 1.4.8
-
-
7:27
»
Packet Storm Security Advisories
Various antivirus software on Windows fails to detect, block and/or move malware if the executable file has only execution permission and no read, write, or other bits set.
-
7:27
»
Packet Storm Security Recent Files
Various antivirus software on Windows fails to detect, block and/or move malware if the executable file has only execution permission and no read, write, or other bits set.
-
7:27
»
Packet Storm Security Misc. Files
Various antivirus software on Windows fails to detect, block and/or move malware if the executable file has only execution permission and no read, write, or other bits set.
-
-
11:15
»
Packet Storm Security Exploits
This Metasploit module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password must be provided.
-
11:15
»
Packet Storm Security Recent Files
This Metasploit module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password must be provided.
-
11:15
»
Packet Storm Security Misc. Files
This Metasploit module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password must be provided.
-
-
7:58
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Apple Safari on OSX platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution under the context of the user. In order to trigger arbitrary remote code execution, the best way seems to be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or a fileformat that OSX might automount), and then execute it in /Volumes/[share]. If there's some kind of bug that leaks the victim machine's current username, then it's also possible to execute the payload in /Users/[username]/Downloads/, or else bruteforce your way to getting that information. Please note that non-java payloads (*.sh extension) might get launched by Xcode instead of executing it, in that case please try the Java ones instead.
-
7:58
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Apple Safari on OSX platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution under the context of the user. In order to trigger arbitrary remote code execution, the best way seems to be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or a fileformat that OSX might automount), and then execute it in /Volumes/[share]. If there's some kind of bug that leaks the victim machine's current username, then it's also possible to execute the payload in /Users/[username]/Downloads/, or else bruteforce your way to getting that information. Please note that non-java payloads (*.sh extension) might get launched by Xcode instead of executing it, in that case please try the Java ones instead.
-
7:58
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Apple Safari on OSX platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution under the context of the user. In order to trigger arbitrary remote code execution, the best way seems to be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or a fileformat that OSX might automount), and then execute it in /Volumes/[share]. If there's some kind of bug that leaks the victim machine's current username, then it's also possible to execute the payload in /Users/[username]/Downloads/, or else bruteforce your way to getting that information. Please note that non-java payloads (*.sh extension) might get launched by Xcode instead of executing it, in that case please try the Java ones instead.
-
7:58
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Apple Safari on OSX platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution under the context of the user. In order to trigger arbitrary remote code execution, the best way seems to be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or a fileformat that OSX might automount), and then execute it in /Volumes/[share]. If there's some kind of bug that leaks the victim machine's current username, then it's also possible to execute the payload in /Users/[username]/Downloads/, or else bruteforce your way to getting that information. Please note that non-java payloads (*.sh extension) might get launched by Xcode instead of executing it, in that case please try the Java ones instead.
-
7:58
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Apple Safari on OSX platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution under the context of the user. In order to trigger arbitrary remote code execution, the best way seems to be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or a fileformat that OSX might automount), and then execute it in /Volumes/[share]. If there's some kind of bug that leaks the victim machine's current username, then it's also possible to execute the payload in /Users/[username]/Downloads/, or else bruteforce your way to getting that information. Please note that non-java payloads (*.sh extension) might get launched by Xcode instead of executing it, in that case please try the Java ones instead.
-
7:58
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Apple Safari on OSX platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution under the context of the user. In order to trigger arbitrary remote code execution, the best way seems to be opening a share on the victim machine first (this can be SMB/WebDav/FTP, or a fileformat that OSX might automount), and then execute it in /Volumes/[share]. If there's some kind of bug that leaks the victim machine's current username, then it's also possible to execute the payload in /Users/[username]/Downloads/, or else bruteforce your way to getting that information. Please note that non-java payloads (*.sh extension) might get launched by Xcode instead of executing it, in that case please try the Java ones instead.
-
-
19:19
»
Packet Storm Security Exploits
Apple Safari versions prior to 5.1.1 fail to enforce an intended policy for file:// URLs and in turn allows for remote attackers to execute code.
-
19:19
»
Packet Storm Security Exploits
Apple Safari versions prior to 5.1.1 fail to enforce an intended policy for file:// URLs and in turn allows for remote attackers to execute code.
-
19:19
»
Packet Storm Security Recent Files
Apple Safari versions prior to 5.1.1 fail to enforce an intended policy for file:// URLs and in turn allows for remote attackers to execute code.
-
19:19
»
Packet Storm Security Misc. Files
Apple Safari versions prior to 5.1.1 fail to enforce an intended policy for file:// URLs and in turn allows for remote attackers to execute code.
-
-
15:34
»
Packet Storm Security Exploits
This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce search. Unvalidated input is called via the Ruby send method allowing command execution.
-
15:34
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce search. Unvalidated input is called via the Ruby send method allowing command execution.
-
15:34
»
Packet Storm Security Misc. Files
This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce search. Unvalidated input is called via the Ruby send method allowing command execution.
-
-
12:13
»
Packet Storm Security Exploits
This Metasploit module allows remote attackers to execute arbitrary commands on the affected system by abusing a directory traversal attack when using the 'xf' command (execute function). An attacker can execute system() from msvcrt.dll to upload a backdoor and gain remote code execution.
-
12:13
»
Packet Storm Security Recent Files
This Metasploit module allows remote attackers to execute arbitrary commands on the affected system by abusing a directory traversal attack when using the 'xf' command (execute function). An attacker can execute system() from msvcrt.dll to upload a backdoor and gain remote code execution.
-
12:13
»
Packet Storm Security Misc. Files
This Metasploit module allows remote attackers to execute arbitrary commands on the affected system by abusing a directory traversal attack when using the 'xf' command (execute function). An attacker can execute system() from msvcrt.dll to upload a backdoor and gain remote code execution.
-
-
18:15
»
Packet Storm Security Recent Files
eSignal and eSignal Pro versions 10.6.2425.1208 and below suffer from heap overflow and code execution vulnerabilities. Proof of concept included.
-
18:15
»
Packet Storm Security Misc. Files
eSignal and eSignal Pro versions 10.6.2425.1208 and below suffer from heap overflow and code execution vulnerabilities. Proof of concept included.
-
-
7:16
»
Packet Storm Security Advisories
Apple Security Advisory 2011-07-20-1 - A large amount of security issues have been addressed in Safari versions 5.1 and 5.0.6. These range from cross site scripting, possible arbitrary code execution, accidental trust in a disable root certificate, buffer and integer overflows, and more.
-
7:16
»
Packet Storm Security Recent Files
Apple Security Advisory 2011-07-20-1 - A large amount of security issues have been addressed in Safari versions 5.1 and 5.0.6. These range from cross site scripting, possible arbitrary code execution, accidental trust in a disable root certificate, buffer and integer overflows, and more.
-
7:16
»
Packet Storm Security Misc. Files
Apple Security Advisory 2011-07-20-1 - A large amount of security issues have been addressed in Safari versions 5.1 and 5.0.6. These range from cross site scripting, possible arbitrary code execution, accidental trust in a disable root certificate, buffer and integer overflows, and more.
-
18:12
»
Packet Storm Security Recent Files
phpMyAdmin version 3.x suffers from multiple remote code execution vulnerabilities.
-
-
7:52
»
Packet Storm Security Recent Files
Whitepaper called Defeating Data Execution Prevention and ASLR in Windows XP SP3. Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.
-
-
19:09
»
SecuriTeam
XPDF contains multiple vulnerabilities that could lead to arbitrary code execution.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
18:44
»
Packet Storm Security Exploits
This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.
-
18:44
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.
-
18:44
»
Packet Storm Security Misc. Files
This Metasploit module exploits an arbitrary command execution vulnerability in the AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.
-
-
17:34
»
Packet Storm Security Exploits
This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce API searchlogic. Unvalidated input is called via the Ruby send method allowing command execution.
-
17:34
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce API searchlogic. Unvalidated input is called via the Ruby send method allowing command execution.
-
17:34
»
Packet Storm Security Misc. Files
This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce API searchlogic. Unvalidated input is called via the Ruby send method allowing command execution.
-
-
9:15
»
Packet Storm Security Exploits
Winamp version 5.6.1 remote command execution exploit that creates a malicious .pls file which downloads http://127.0.0.1:8888/ked/k.exe and executes it.
-
9:15
»
Packet Storm Security Recent Files
Winamp version 5.6.1 remote command execution exploit that creates a malicious .pls file which downloads http://127.0.0.1:8888/ked/k.exe and executes it.
-
9:15
»
Packet Storm Security Misc. Files
Winamp version 5.6.1 remote command execution exploit that creates a malicious .pls file which downloads http://127.0.0.1:8888/ked/k.exe and executes it.
-
-
8:19
»
Packet Storm Security Advisories
ISC dhclient does not strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on the client. Versions 3.0.x through 4.2.x are affected.
-
8:19
»
Packet Storm Security Recent Files
ISC dhclient does not strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on the client. Versions 3.0.x through 4.2.x are affected.
-
8:19
»
Packet Storm Security Misc. Files
ISC dhclient does not strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on the client. Versions 3.0.x through 4.2.x are affected.
-
-
16:22
»
Packet Storm Security Exploits
RealNetworks RealGames StubbyUtil.ShellCtl.1 active-x control InstallerDlg.dll version 2.6.0.445 suffers from remote command and code execution vulnerabilities.
-
16:22
»
Packet Storm Security Recent Files
RealNetworks RealGames StubbyUtil.ShellCtl.1 active-x control InstallerDlg.dll version 2.6.0.445 suffers from remote command and code execution vulnerabilities.
-
16:22
»
Packet Storm Security Misc. Files
RealNetworks RealGames StubbyUtil.ShellCtl.1 active-x control InstallerDlg.dll version 2.6.0.445 suffers from remote command and code execution vulnerabilities.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution