675 matches found
CVE-2009-4027
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service system crash via a Delete Block ACK aka DELBA packet that triggers a certain state change in the absence of an aggregation session...
CVE-2009-4027
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service system crash via a Delete Block ACK aka DELBA packet that triggers a certain state change in the absence of an aggregation session...
[SECURITY] Fedora 10 Update: prewikka-0.9.14-2.fc10
Prewikka is a graphical front-end analysis console for the Prelude Hybrid IDS Framework. Providing numerous features, Prewikka facilitates the work of users and analysts. It provides alert aggregation and sensor and hearbeat views, and has user management and configurable filters. It has access t...
[SECURITY] Fedora 9 Update: prewikka-0.9.14-2.fc9
Prewikka is a graphical front-end analysis console for the Prelude Hybrid IDS Framework. Providing numerous features, Prewikka facilitates the work of users and analysts. It provides alert aggregation and sensor and hearbeat views, and has user management and configurable filters. It has access t...
Nokia Siemens FlexiISN GGSN Authentication Bypass
NOKIA Siemens FlexiISN GGSN Multiple Authentication bypass Vulnerability: NOKIA Siemens FlexiISN Remote: Yes Local: No Class: Input Validation Error Critical: Moderately critical OS : FlexiISN GGSN FISN 3.1 URL 1 for bypassing authentication on AAA Configuration: http://Flexi-ISN...
Nokia Siemens FlexiISN 3.1 Multiple Auth Bypass Vulnerabilities
Exploit for hardware platform in category remote exploits =============================================================== NOKIA Siemens FlexiISN 3.1 Multiple Auth Bypass Vulnerabilities =============================================================== NOKIA Siemens FlexiISN GGSN Multiple...
CVE-2008-2999
Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Code injection
The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions...
CVE-2008-3001
The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions...
CVE-2008-3000
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions...
Improper access control
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions...
CVE-2008-3001
CVE-2008-3001 affects Drupal’s Aggregation module (5.x) prior to 5.x-4.4. A crafted feed enables uploading files with arbitrary extensions, which could lead to remote code execution. Impact is described as remote attacker access with potentially complete compromise. A patch is available in 5.x-4....
CVE-2008-2998
Multiple cross-site scripting XSS vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-2998
CVE-2008-2998 affects the Drupal Aggregation module (5.x) vulnerable before version 5.x-4.4. The vulnerability enables remote XSS via unspecified vectors in this module, allowing injection of arbitrary script/HTML. Impact is remote user interaction is not required, with partial integrity impact a...
CVE-2008-2999
The CVE-2008-2999 entry concerns a Drupal Aggregation module vulnerability in the 5.x line prior to 5.x-4.4. The issue is a SQL injection in the Aggregation module that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected software is Drupal with the Aggregat...
CVE-2008-3000
The vulnerability CVE-2008-3000 affects Drupal’s Aggregation module (5.x) prior to 5.x-4.4 when node access modules are enabled. The issue is a faulty access-control implementation that may allow remote attackers to bypass restrictions and access areas they should not reach. The description and m...
CVE-2008-3001
The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions...
CVE-2008-3000
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions...