WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow (1)

WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/4713/info Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in th...

WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/4713/info Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in the execution of arbitrary code as the server process. An attacker may al...

SSH Protocol Versions Supported

This plugin determines the versions of the SSH protocol supported by the remote SSH daemon. TRUSTED...

Multiple implementations of the RADIUS protocol do not adequately validate the vendor-length of the vendor-specific attributes

Overview Various RADIUS servers and clients permit the passing of vendor-specific and user-specific attributes. Several implementations of RADIUS fail to check the Vendor-Length of the Vendor-Specific attribute. It's possible to cause a denial of service against RADIUS servers with a malformed...

more RADIUS authentication attack scenarios

Hello bugtraq, There is also problem with some vendor-specific RADIUS authentication implementation. For example Microsoft has it's specific attributes defined in RFC 2548. These attributes allow MS-CHAP and MS-CHAPv2 authentication via RADIUS. There is design flow in this authentication scenario...

CVE-2001-0650

Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute...

CVE-2001-0568

Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker Zope user with through-the-web scripting capabilities to alter ZClasses class attributes...

CVE-2001-0568

Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker Zope user with through-the-web scripting capabilities to alter ZClasses class attributes...

CVE-2001-0263

Gene6 G6 FTP Server 2.0 aka BPFTP Server 2.10 allows attackers to read file attributes outside of the web root via the 1 SIZE and 2 MDTM commands when the "show relative paths" option is not enabled...

CVE-2001-0263

Gene6 G6 FTP Server 2.0 aka BPFTP Server 2.10 allows attackers to read file attributes outside of the web root via the 1 SIZE and 2 MDTM commands when the "show relative paths" option is not enabled...

Проблема с ActiveX в Microsoft Indexing Services

Через ActiveX возможно получить список и аттрибуты файлов...

HTTP Server Type and Version

This plugin attempts to determine the type and the version of the remote web server. Copyright 2000 by Hendrik Scholz @@NOTE: The output of this plugin should not be changed Changes by Tenable: - Revised plugin title 10/08/10 - Removed use of deprecated functions 01/16/2018 - Fixed various regula...

CVE-1999-0895

Firewall-1 does not properly restrict access to LDAP attributes...

DUO-PSA-2014-008: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-008 Publication Date: 2014-12-22 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in the iOS Duo Mobile app that may allow credentials to be backed up in an encrypted form to a user's local machine...

DUO-PSA-2014-008: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-008 Publication Date: 2014-12-22 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in the iOS Duo Mobile app that may allow credentials to be backed up in an encrypted form to a user's local machine...

PT-2010-5679 · Linux +1 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise versions prior to 2.6.35.2 openSUSE affected versions not specified Description: The issue involves multiple vulnerabilities in the Linux kernel and related packages, which can be exploited to compromise the...

PT-2005-5554 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Debian GNU/Linux kernel-image-2.4.27- versions Debian GNU/Linux kernel-headers-2.4.27- versions Debian GNU/Linux kernel-pcmcia-modules-2.4.27- versions Debian GNU/Linux kernel-patch-2.4.27- versions Debian GNU/Linux kernel-build-2.4.27-...

PT-2013-6313 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.14.3 Description: The issue is related to the BPF S ANC NLATTR and BPF S ANC NLATTR NEST extension implementations in the sk run filter function in net/core/filter.c, which do not check whether a certain length...

Cross site scripting via HTML attributes in the back end

More info at https://contao.org/en/security-advisories/cross-site-scripting-via-html-attributes-in-the-back-end.html...

CVE-2026-45064: HtmlSanitizer URL Attributes Pass Through BiDi Override Characters → Visual href Spoofing

More info at https://symfony.com/cve-2026-45064...