RHEL 2.1 : mod_ssl (RHSA-2002:136)

Updated modssl packages are now available for Red Hat Advanced Server. These updates incorporate a fix for an incorrect bounds check in versions of modssl up to and including version 2.8.9. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL a...

RHEL 2.1 : ethereal (RHSA-2002:291)

Updated Ethereal packages are available which fix various security issues. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 Ethereal is a package designed for monitoring network traffic on your system. Several security issues have been found in the Ethereal packages distribut...

RHEL 2.1 : nss_ldap (RHSA-2002:180)

Updated nssldap packages are now available for Red Hat Linux Advanced Server 2.1. These updates fix a potential buffer overflow which can occur when nssldap is set to configure itself using information stored in DNS as well as a format string bug in logging functions used in pamldap. Updated 09 J...

RHEL 2.1 : vim (RHSA-2002:302)

Updated VIM packages are available for Red Hat Linux Advanced Server. These updates resolve a security issue when opening a specially crafted text file. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 VIM VIsual editor iMproved is a version of the vi editor. VIM allows a use...

RHEL 2.1 : sendmail (RHSA-2002:259)

The sendmail packages shipped with Red Hat Linux Advanced Server have a security bug if sendmail is configured to use smrsh. This security errata release fixes the problem. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 SMRSH the SendMail Restricted SHell is a /bin/sh...

RHEL 2.1 : php (RHSA-2002:129)

PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. updated 22 Aug 2002 The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not...

RHEL 2.1 : ypserv (RHSA-2002:224)

Updated ypserv packages which fix a memory leak are now available for Red Hat Linux Advanced Server. Updated 08 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 ypserv is an NIS authentication server. ypserv...

CVE-2004-1952

SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password...

Advanced Guestbook 2.2 - Password SQL Injection

Advanced Guestbook 2.2 - Password SQL Injection source: https://www.securityfocus.com/bid/10209/info It has been reported that Advanced Guestbook is prone to a SQL injection vulnerability that could allow an attacker to gain administrative access to the application. This issue is reported to exis...

Advanced Guestbook 2.2 - 'Password' SQL Injection

source: https://www.securityfocus.com/bid/10209/info It has been reported that Advanced Guestbook is prone to a SQL injection vulnerability that could allow an attacker to gain administrative access to the application. This issue is reported to exist in Advanced Guestbook 2.2, however, it is...

Advanced Guestbook 2.2 -- SQL Injection Exploit

The widely-used Advanced Guestbook 2.2 webapplication PHP, MySQL appears vulnerable to SQL Injection granting the attacker administrator access. The attack is very simple and consists of inputting the following password string leaving the username entry blank: ' OR 'a' = 'a Regards, JQ...

easydynamic.txt

Producr:EasyDynamicPages v.2.0: Advanced Portal Management System Vendors:http://software.stoitsov.com Bug :include Risk:Cao Author:tsbeginnervnc Web : www.security.com.vn ------------------------------------- Introduction : system, personal or business site or what you need. The goal is to have ...

CVE-2003-1178

Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the 1 id, 2 templateset, or 3 action parameter...

CVE-2003-1179

Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the includepath parameter in 1 booth.php, 2 png.php, 3 pollssi.php, or 4 popup.php, the 5 basepath parameter to common.inc.php...

CVE-2003-1180

Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the basepath or pollvarslang parameters to the admin files 1 index.php, 2 admintplnew.php, 3 admintplmiscnew.php, 4...

php.advanced.poll.txt

Informations : °°°°°°°°°°°°° Language : PHP Product : Advanced Poll Version : 2.0.2 Textfile Website : http://www.proxy2.de Problems : - PHP Code Injection - File Include - Phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° comments.php :...

Advanced Poll : PHP Code Injection, File Include, Phpinfo

Informations : °°°°°°°°°°°°° Language : PHP Product : Advanced Poll Version : 2.0.2 Textfile Website : http://www.proxy2.de Problems : - PHP Code Injection - File Include - Phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° comments.php :...

CVE-2003-1181

Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo function...

Advanced Poll info.php Remote Information Disclosure

The remote host is running Chien Kien Uong's Advanced Poll, a simple Poll system using PHP. By default, this utility includes a file named 'info.php' that makes a call to 'phpinfo' and displays a lot of information about the remote host and how PHP is configured. An attacker may use this flaw to...

Advanced Poll 2.0 - Remote Information Disclosure

Advanced Poll 2.0 - Remote Information Disclosure source: https://www.securityfocus.com/bid/7171/info It has been reported that an information disclosure vulnerability exists in Advanced Poll. Because of this, a remote user to potentially access privileged information that could lead to further...