Pages: 10/14 First page Previous page 3 4 5 6 7 8 9 10 11 12 13 14 Next page Final page [ View by Articles | List ]
来源:Neeao's Security Blog

漏洞发布:yamato[BCT]

发布日期:2008-2-15

BBSXP 2008 New.asp过滤不严导致注入漏洞

  [晴 February 21, 2008 23:40 | by ]
来源:Neeao's Security Blog
BBSXP 2008 New.asp过滤不严导致注入漏洞

漏洞发布:Bug.Center.Team

BBSXP2008存在后台注射漏洞

  [阴 February 18, 2008 12:53 | by ]
By:Neeao[B.C.T]
漏洞预警中心小组应急事件响应公告
测试系统:
BBSXP2008 ACCESS版本 目前为最新版
文章作者:mika
信息来源:邪恶八进制信息安全团队(www.eviloctal.com
  前两天就看到这个exp了,漏洞本身俺就不多说了,非常简单的栈溢出,exp都给了用od或者windbg跟一下就出来了,这里俺要非常感谢gyzy哥哥对俺的帮助,当俺一拿到exp的时候就非常庆幸,感觉会很容易修改(事实也是如此),于是俺就修改了ret地址,然
Tags: , , , , , ,

Exploiting IIS via HTMLEncode (MS08-006)

  [晴 February 15, 2008 11:39 | by ]
The second Tuesday of every month is a busy time at BreakingPoint; myself and the rest of the security team stop what we are doing and focus entirely on the patches released by Microsoft. Using IDA Pro in conjunction with BinDiff, we compare the existing files with their patched versions and review the differences. This month, Microsoft released patches for seventeen individual vulnerabilities split into eleven different bulletins. Two of these were denial of service flaws, one was a local privilege
PS:已更新了编译好的 EXP ,可在附件下载到/*
* Copyright (c) 2008 chujwamwdupe - pumpernikiel.c
* one day in teletubby land...

Linux Kernel 2.6.23 - 2.6.24 vmsplice Local Root Exploit

  [晴 February 13, 2008 00:13 | by ]
/*
* diane_lane_fucked_hard.c
*
* Linux vmsplice Local Root Exploit
Tags: , , , , , ,

Excel 发现安全漏洞 可远程安插恶意代码

  [阴 January 17, 2008 09:59 | by ]
微软于周二发布了一个安全警告,称恶意袭击者正在利用微软Office Excel的安全漏洞来发动袭击。
微软表示,装有Service Pack 2的Office Excel 2003、Excel Viewer 2003、Excel 2002、Excel 2000以及用于苹果Mac电脑的Excel

Qvod Player播放器0day漏洞曝光

  [阴 January 12, 2008 10:54 | by ]
来源:超级巡警
  一、事件分析:
  今日,超级巡警团队接到网友举报,称Qvod Player播放器存在漏洞,并发来测试文件。经分析该漏洞发生在Qvod Player的一个activex控件上,当安装了Qvod Player的用户在浏览到黑客精心构造的包含恶意代码的网页后,会下载任意程序在用户系统上以当前

Windows TCP/IP协议栈存在严重远程安全漏洞

  [晴 January 9, 2008 21:58 | by ]
来源:Nsfocus
冷漠PS:今天刚打的补丁,刚才搜索了下,没找到 EXP ,不然又要引起一场风波了.
综述:
======
微软发布了1月份的2篇安全公告,这些公告描述并修复了3个安全漏洞,其中1个漏洞属于“紧急”风险级别。其中MS08-001中修复
<object id="divx" classid="clsid:D050D736-2D21-4723-AD58-5B541FFB6C11" style="display:none;">
</object>

迅雷5出现严重0day漏洞

  [多云 December 24, 2007 11:08 | by ]
来源:51CTO
据相关报道,迅雷5出现严重0-Day漏洞,病毒作者可利用该漏洞编写恶意网页,当用于浏览这些网页的时候,就会感染病毒,进而该病毒可以盗窃用户的帐号和密码,从而使用户遭受到损失。
Tags: , , , , ,

PHP ZLink 0.3 (go.php) Remote SQL Injection Exploit

  [多云 December 24, 2007 09:54 | by ]
#!/usr/bin/perl
use LWP::UserAgent;
use Getopt::Long;
Tags: , , , , ,

OpenSSL < 0.9.7l / 0.9.8d SSLv2 Client Crash Exploit

  [多云 December 24, 2007 09:52 | by ]
#!/usr/bin/perl
# Copyright(c) Beyond Security
# Written by Noam Rathaus - based on beSTORM's SSL Server module
Tags: , , , , ,

zBlog 1.2 Remote SQL Injection Vulnerability

  [阴 December 23, 2007 10:08 | by ]
#########################################################################
            zBlog v1.2  Remote SQL Injection Exploit
#########################################################################
Tags: , ,
Pages: 10/14 First page Previous page 3 4 5 6 7 8 9 10 11 12 13 14 Next page Final page [ View by Articles | List ]