CVE-2007-3144

Visual truncation vulnerability in Mozilla 1.7.12 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

CVE-2007-3142

Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

Design/Logic Flaw

Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

Design/Logic Flaw

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

Design/Logic Flaw

Visual truncation vulnerability in Mozilla 1.7.12 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

CVE-2007-3143

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

CVE-2007-3144

Visual truncation vulnerability in Mozilla 1.7.12 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

CVE-2007-3145

CVE-2007-3145 affects Galeon 2.0.1 and is described as a visual truncation vulnerability in which a long hostname can be truncated, allowing remote attackers to spoof the address bar and potentially conduct phishing attacks (demonstrated with HTTP Basic Authentication). The consolidated records i...

CVE-2007-3143

CVE-2007-3143 affects Konqueror 3.5.5. The issue is a visual truncation vulnerability in the address bar: when a long hostname is shown, it is truncated, which can allow remote attackers to spoof the URL and potentially conduct phishing attacks (notably demonstrated via HTTP Basic Authentication)...

CVE-2007-3142

Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

CVE-2007-3145

Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

CVE-2007-3143

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

CVE-2007-3144

Visual truncation vulnerability in Mozilla 1.7.12 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

[ISecAuditors Security Advisories] Microsoft IIS5 NTLM and Basic authentication bypass

============================================= INTERNET SECURITY AUDITORS ALERT 2006-013 - Original release date: December 15, 2006 - Last revised: May 22, 2007 - Discovered by: Jesus Olmos Gonzalez - Severity: 5/5 ============================================= I. VULNERABILITY...

Authentication flaw

The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services IIS Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile...

CVE-2007-2815

The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services IIS Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile...

CVE-2007-2815

The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services IIS Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile...

Nuked-klaN 1.7.6 Remote Code Execution Exploit

No description provided by source. ?php Nuked-klaN 1.7.6 Remote Code Execution Exploit ------------------------------------------------ Author: DarkFig [email protected] Website: http://www.acid-root.new.fr/ PHP conditions: None = Private since 2 months. errorreportingEALL ^ ENOTICE; This file...

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...