106 matches found
Ubuntu: Security Advisory (USN-1146-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-1141-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 11.1 Security Update : Linux kernel (SAT Patch Number 4376)
The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.36 and fixes various bugs and security issues. The following security issues were fixed : - When parsing the FACNATIONALDIGIS facilities field, it was possible for a remote host to provide more digipeaters than expected,...
Linux Kernel I/O-Warrior USB设备栈溢出漏洞
BUGTRAQ ID: 46069 CVE ID: CVE-2010-4656 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel在实现上存在USB设备栈溢出漏洞,攻击者可利用此漏洞以超级用户的权限执行任意代码,完全控制受影响计算机,使内核崩溃,拒绝服务合法用户。 如果在case语句中iowarrior设备支持每个报告中多于8个字节,就可能在内核堆分配外写入。 index bc88c79..8ed8d05 100644 file --- a/drivers/usb/misc/iowarrior.c +++...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
Updated kernel-rt packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise MRG 1.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Debian Security Advisory DSA 2153-1 (linux-2.6)
The remote host is missing an update to linux-2.6 announced via advisory DSA 2153-1. OpenVAS Vulnerability Test $Id: deb21531.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2153-1 linux-2.6 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
CVE-2009-4656
DJ Studio Pro 4.2 (incl. 4.2.2.7.5) and 5.x (incl. 5.1.4.3.1) are affected by a stack-based buffer overflow in the .pls playlist handling. The root cause is insufficient bounds checking on a playlist file, allowing a long string to overflow the stack and crash the application or potentially execu...
CVE-2009-4656
creationtimestamp| type| source ---|---|--- 2009-09-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9691 2009-12-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/10827 2012-03-02 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18547 2018-05-29...
CVE-2008-4656
CVE-2008-4656 concerns a SQL injection vulnerability in the TYPO3 Frontend Users View (feusersview) extension, version 0.1.6 and earlier. The exposed component allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Documents do not provide explicit exploit details, aff...
[SECURITY] [DSA 1518-1] New backup-manager packages fix information disclosure
------------------------------------------------------------------------ Debian Security Advisory DSA-1518-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 15, 2008 http://www.debian.org/security/faq -...
SuSE 10 Security Update : Recommended update for novell-ipsec-tools (ZYPP Patch Number 4656)
This update fixes a segfault in the GSSAPI initialization. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29961; scriptversion"1.13";...
CVE-2007-4656
CVE-2007-4656 affects backup-manager-upload (Backup Manager). The flaw results from the tool passing the FTP server hostname, username, and password as plaintext command‑line arguments when invoking an FTP client, enabling a local attacker to read credentials by inspecting the process list. Impac...
CVE-2007-3289
PHP remote file inclusion vulnerability in spaw/spawcontrol.class.php in the WiwiMod 0.4 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...
Remote file inclusion
PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the TinyContent 1.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...
CVE-2007-3237
CVE-2007-3237 and related entries describe a PHP remote file inclusion in the spaw/spaw_control.class.php handler used by XOOPS modules (TinyContent 1.5, WiwiMod 0.4, XT-Conteudo). The vulnerability allows an attacker to cause arbitrary PHP code execution by supplying a crafted URL in the spaw_ro...
Remote file inclusion
PHP remote file inclusion vulnerability in admin/editor2/spawcontrol.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this may be a duplicate of CVE-2006-4656...
Remote file inclusion
PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...
CVE-2007-3221
PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...
Remote file inclusion
PHP remote file inclusion vulnerability in include/wysiwyg/spawcontrol.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...
CVE-2006-5291
PHP remote file inclusion vulnerability in admin/includes/spaw/spawcontrol.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PH...