257 matches found
Vulnerability allowed hacker to Delete any Facebook Photo; Rewarded with $12,500 for reporting bug
Indian Security Enthusiast 'Arul Kumar' recently reported an interesting Facebook vulnerability that allowed him to delete any Facebook image within a minute. Facebook Bug Bounty program rewarded him with $12,500 USD for helping the Facebook Security team to patch this critical loophole in their...
Free Monthly Websites 2.0 Admin Bypass / Shell Upload
========================================================================================== Free Monthly Websites 2.0 Multiple Vulnerabilities ==========================================================================================...
Hack a webcam and a film camera into a USB microscope
Hack a webcam and a film camera into a USB microscope Have you ever wanted to inspect or photograph something up close, but could not find amagnifying glass or did not have enough light on your subject? Well read on, because this project will do the job for you at little or no cost called "My...
JQuery-Real-Person captcha plugin 0-day Bypass
Exploit for php platform in category web applications Exploit Title: Bypass the JQuery-Real-Person captcha plugin Google Dork: if relevant we will automatically add these to the GHDB Date: 28th November, 2011 Author: Alberto Garcia-Illera Software Link: http://keith-wood.name/realPerson.html...
Deserialization of untrusted data
Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service browser crash via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action...
Google Chrome 0.2.149.27 - Inspect Element Denial of Service
Google Chrome 0.2.149.27 - Inspect Element Denial of Service Metascortexsecurity img...
Google Chrome 0.2.149.27 - Inspect Element Denial of Service
Metascortexsecurity img...
Design/Logic Flaw
The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...
CVE-2006-2769
The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...
CVE-2006-2769
The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...
CVE-2006-2769
The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...
CVE-2006-2769
The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...
CVE-2006-2769
The CVE-2006-2769 issue affects Snort 2.4.0–2.4.4 and is described in connected sources as an evasion flaw in the http_inspect preprocessor. A carriage return (\r) placed after the URL and before the HTTP declaration can bypass uricontent rules, enabling remote attackers to bypass certain URL con...
CVE-2006-2769
Removed by vendor...
Snort HTTP Inspect Pre-Processor Uricontent Bypass
For those of you using snort on this list, this got posted to some of the snort mailing lists this morning. http://www.demarc.com/support/downloads/patch20060531 http://www.osvdb.org/25837 "The evasion technique allows an attack to bypass detection of "uricontent" rules by adding a carriage retur...
DEBIAN-CVE-2006-0151
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158...
Проблемы в IOS Firewall Feature Set (protection bypass)
При исопльзовании правил типа ip inspect Не срабатывает ip-фильтрация входящего трафика...