CVE-2008-4682

wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service application abort via a malformed Tamos CommView capture file aka .ncf file with an "unknown/unexpected packet type" that triggers a failed assertion...

CVE-2008-3996

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCIPUBLISH...

Design/Logic Flaw

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCIPUBLISH...

Design/Logic Flaw

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...

CVE-2008-3995

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...

CVE-2008-3996

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCIPUBLISH...

CVE-2008-3996

Oracle Database Change Data Capture vulnerability in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE allows SQL injection exploitable by any user with EXECUTE privilege on the package (10gR1, 10gR2, 11gR1). Remote attacker can execute injected SQL with SYS privileges; fix available via Octobe...

CVE-2008-3995

CVE-2008-3995 affects Oracle Database (10gR1/10gR2/11gR1) Change Data Capture component. The root cause is an SQL injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE, exploitable by any user with EXECUTE privilege on the package. Impact per sources: remote authenticated access that can ...

Authentication Capture: Telnet

This module provides a fake Telnet service that is designed to capture authentication credentials. DONTs and WONTs are sent to the client for all option negotiations, except for ECHO at the time of the password prompt since the server controls that for a bit more realism. This module requires...

Wireshark 1.0.x Malformed .ncf packet capture Local Denial of Service

No description provided by source. Wireshark 1.0.x .ncf local denial of service author: Shinnok Description Wireshark 1.0.x crashes as a result of a failed assertion when dealing with a malformed Tamosoft CommView .ncf packet capture: Err file wtap.c: line 620 wtapread: assertion failed:...

Wireshark 1.x Malformed .ncf packet capture Local Denial of Service PoC

No description provided by source. Wireshark 1.x .ncf local denial of service author: Shinnok Description Wireshark 1.0.x crashes as a result of a failed assertion when dealing with a malformed .ncf packet capture. http://sebug.net/paper/poc/2008-wireshark.ncf...

Wireshark 1.0.x - .ncf Packet Capture Local Denial of Service

Wireshark 1.0.x - .ncf Packet Capture Local Denial of Service Wireshark 1.0.x .ncf local denial of service author: Shinnok Description Wireshark 1.0.x crashes as a result of a failed assertion when dealing with a malformed Tamosoft CommView .ncf packet capture: Err file wtap.c: line 620 wtapread:...

Wireshark 1.0.x Malformed .ncf packet capture Local Denial of Service

Exploit for multiple platform in category dos / poc ===================================================================== Wireshark 1.0.x Malformed .ncf packet capture Local Denial of Service ===================================================================== Wireshark 1.0.x .ncf local denial o...

Wireshark 1.0.x - '.ncf' Packet Capture Local Denial of Service

Wireshark 1.0.x .ncf local denial of service author: Shinnok Description Wireshark 1.0.x crashes as a result of a failed assertion when dealing with a malformed Tamosoft CommView .ncf packet capture: Err file wtap.c: line 620 wtapread: assertion failed: wth-phdr.pktencap != WTAPENCAPPERPACKET...

CVE-2008-3102

Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie...

CVE-2008-3662

CVE-2008-3662 affects Gallery before 1.5.9 and 2.x before 2.2.6. Root cause: session cookies are not marked Secure in HTTPS sessions, allowing cookies to be sent over HTTP and potentially captured by remote attackers. Impact: information disclosure of the session cookie. Remediation: upgrade to G...

[SECURITY] Fedora 8 Update: wireshark-1.0.3-1.fc8

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

[SECURITY] Fedora 8 Update: wireshark-1.0.2-1.fc8

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

[SECURITY] Fedora 9 Update: wireshark-1.0.2-1.fc9

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

Directory traversal

Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI...