1680 matches found
Microsoft Windows XP - Weak Default Configuration
// source: https://www.securityfocus.com/bid/11410/info Microsoft Windows XP Service Pack 2 is reported prone to a weak default configuration vulnerability. Internet Connection Firewall ICF includes functionality that controls what binaries are permitted to listen for incoming connections. It is...
FreeBSD : SA-04:15.syscons
The remote host is running a version of FreeBSD which contains a flaw in the syscons console driver. There are boundary errors in the CONSSCRSHOT ioctls that may allow a local attacker to read portions of the kernel memory, which may contain sensitive information. C Tenable Network Security, Inc...
W-Agora 4.1.6a - 'login.php?loginuser' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11283/info Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these vulnerabilities to carry out SQL injection, cross-site scripting, a...
Debian DSA-518-1 : kdelibs - unsanitised input
iDEFENSE identified a vulnerability in the Opera web browser that could be used by remote attackers to create or truncate arbitrary files on the victims machine. The KDE team discovered that a similar vulnerability exists in KDE. A remote attacker could entice a user to open a carefully crafted...
Debian DSA-464-1 : gdk-pixbuf - broken image handling
Thomas Kristensen discovered a vulnerability in gdk-pixbuf binary package libgdk-pixbuf2, the GdkPixBuf image library for Gtk, that can cause the surrounding application to crash. To exploit this problem, a remote attacker could send a carefully-crafted BMP file via mail, which would cause e.g...
MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation
MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation source: https://www.securityfocus.com/bid/11212/info RsyncX is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames. A loc...
MacOSXLabs RsyncX 2.1 - Insecure Temporary File Creation
source: https://www.securityfocus.com/bid/11212/info RsyncX is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames. A local attacker may exploit this vulnerability to execute...
Snitz Forums 2000 - 'down.asp' HTTP Response Splitting
source: https://www.securityfocus.com/bid/11201/info Snitz Forums is reported prone to a HTTP response splitting vulnerability. The issue exists in a parameter of the 'down.asp' script. The issue presents itself due to a flaw in the affected script that allows an attacker to manipulate how GET...
RHEL 3 : httpd (RHSA-2004:349)
Updated httpd packages that include a security fix for modssl and various enhancements are now available. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. An input filter bug in modssl was discovered in Apache httpd version 2.0.50 and earlier. A...
DSA-458-3 python2.2 - buffer overflow
Bulletin has no description...
Keene Digital Media Server 1.0.2 - Directory Traversal
Keene Digital Media Server 1.0.2 - Directory Traversal source: https://www.securityfocus.com/bid/11057/info It is reported that DMS is susceptible to a directory traversal vulnerability. The directory traversal issue is present upon requesting files outside the webroot of the application using he...
Keene Digital Media Server 1.0.2 - Directory Traversal
source: https://www.securityfocus.com/bid/11057/info It is reported that DMS is susceptible to a directory traversal vulnerability. The directory traversal issue is present upon requesting files outside the webroot of the application using hex encoded directory traversal character sequences to...
Microsoft Internet Explorer 6 - Resource Detection
source: https://www.securityfocus.com/bid/11026/info Microsoft Internet Explorer is prone to a security weakness that may permit an attacker to determine the existence of resources on a vulnerable computer. An attacker can use an IFRAME that is accessible within the same domain and change its URI...
Fusionphp Fusion News 3.33.6 - Administrator Command Execution
Fusionphp Fusion News 3.33.6 - Administrator Command Execution source: https://www.securityfocus.com/bid/10836/info It is reported that Fusion News is affected by an administrator command execution vulnerability. This issue is due to a failure of the application to properly validate access to...
Fusionphp Fusion News 3.3/3.6 - Administrator Command Execution
source: https://www.securityfocus.com/bid/10836/info It is reported that Fusion News is affected by an administrator command execution vulnerability. This issue is due to a failure of the application to properly validate access to administrative commands. This issue permits a remote attacker to...
Citadel/UX 5.9/6.x - 'Username' Remote Buffer Overflow (1)
// source: https://www.securityfocus.com/bid/10833/info A buffer overrun vulnerability is reported for Citadel/UX. The problem occurs due to insufficient bounds checking when processing 'USER' command arguments. An anonymous remote attacker may be capable of exploiting this issue to execute...
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Open Proxy Relay source: https://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user...
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Arbitrary File Access source: https://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on us...
PHP-Fusion Database Backup - Information Disclosure
source: https://www.securityfocus.com/bid/10974/info It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from the server. Authentication would not be required. A...
Opera Web Browser 7.5 - Resource Detection
source: https://www.securityfocus.com/bid/10961/info Opera Web Browser is prone to a security weakness that may permit an attacker to determine the existence of resources on a vulnerable computer. An attacker can use an IFRAME that is accessible within the same domain and change its URI to the...