# Title: Windows NT User Mode to Ring 0 Escalation Vulnerability
# EDB-ID: 11199
# CVE-ID: (2010-0232)
# OSVDB-ID: ()
# Author: Tavis Ormandy
# Published: 2010-01-19
# Verified: yes
# Download Exploit Code
# Download N/A
Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack
————————————————————————-
CVE-2010-0232
阅读全文
FROM:http://www.securityfocus.com/archive/1/508124
Problem Description
===================
A remote command execution vulnerability exists in the dotDefender
(3.8-5) Site Management.
dotDefender [1] is a web appliaction firewall (WAF) which ‘prevents 阅读全文
hackers from attacking your
website.’
#!/usr/bin/perl #Microsoft Wordpad on WinXP SP3 Memory Exhaustion Vulnerability - 0day #Works on WinXP SP3! #bug found by murderkey in Hellcode Labs. #exploit coded by karak0rsan aka musashi #Hellcode Resarch #just a fuckin' lame 0day bug for fun! $file = "hellcoded.rtf";阅读全文
From:Baoz
Web Application Vulnerability Scanners are tools designed to automatically scan web applications for potential vulnerabilities. These tools differ from general vulnerability assessment tools in that they do not perform a broad range of checks on a myriad of software and hardware. Instead, they perform other checks, such as potential field manipulation and cookie poisoning, which allows a more focused assessment of web applications by exposing vulnerabilities of which standard VA tools are unaware.
阅读全文
WordPress Plugin Related Sites 2.1 BlindSQLinj Vuln http://wordpress.org/extend/plugins/related-sites/ /wp-content/plugins/related-sites/BTE_RW_webajax.php eLwaux(c) 30.05.2009, uasc.org.ua SQL-Inj 27: $guid = $_POST['guid']; 28: $click = $_POST['click']; 31: $ref = $_SERVER["HTTP_REFERER"];阅读全文
From:milw0rm.com
####
# #####
#### # #####
####### ### ######
####### ###### #######
######### ####### ########
##################### #########
#### ######### ########## ####
#### ###### ####### ####
#### #### #### ####
#### # #####
######## ###### ######
###############################
# #### ##############################
####### ## # ##
阅读全文
http://www.microsoft.com/technet/security/Bulletin/MS09-001.mspx
SMB Buffer Overflow Remote Code Execution Vulnerability – CVE-2008-4834
An unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the Server service. An attacker who successfully exploited this vulnerability could take complete control of the system. Most attempts to exploit this vulnerability would result in a system denial of service condition, however remote code execution is theoretically possible.
阅读全文
