444 matches found
krb5 -- MITKRB5-SA-2011-004, kadmind invalid pointer free() [CVE-2011-0285]
An advisory published by the MIT Kerberos team says: The password-changing capability of the MIT krb5 administration daemon kadmind has a bug that can cause it to attempt to free an invalid pointer under certain error conditions. This can cause the daemon to crash or induce the execution of...
CVE-2011-0046
Multiple cross-site request forgery CSRF vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to 1 adding a saved search in buglist.cgi, 2 voting in...
Boutique SudBox 1.2 - Cross-Site Request Forgery (Changer Login et Mot de Passe)
======================================================================================== | Title : Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com/vb | Tested on: windows SP2 Français V.Pnx2 2.0 ...
Boutique SudBox 1.2 - Cross-Site Request Forgery (Changer Login et Mot de Passe)
Boutique SudBox 1.2 - Cross-Site Request Forgery Changer Login et Mot de Passe ======================================================================================== | Title : Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF Vulnerability | Author : indoushka | email : [email protected]...
pam_krb5 security and bug fix update
2.2.14-15 - update backport for selecting which key to use for validation so that it prefers services with the local host name as the instance, from HEAD more of 450776 2.2.14-14 - backport the 'multipleccaches' option from HEAD, requiring that it be enabled to not immediately remove an old ccach...
Home Of AlegroCart 1.1 - Cross-Site Request Forgery (Change Administrator Password)
---------------------------------------------------------------- + Home Of AlegroCart v1.1 - Xsrf Change Administrator Password // Author Info x Author: The.Morpheus x Contact: [email protected] x Thanks: Türksec.nfo Nd And Tg Tayfa :P x Date : 01.02.2010...
Ez Blog 1.0 - Cross-Site Scripting / Cross-Site Request Forgery
----------------------------------------------------------------------------------------------- Title: Ez Blog XSS/XSRF Multiple Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 15. December 2009...
Acc PHP eMail 1.1 - Cross-Site Request Forgery
Acc PHP eMail 1.1 - Cross-Site Request Forgery /\ == \ /\ \ /\ \ \ \ // End of attack ------------------------------------------------------------------------------------------ EOF...
Google Reader Used in Koobface Attack
The attackers behind the insidious Koobface worm have taken to using Google Reader accounts that they control to spread the worm through shared Reader items. The infection method–which has been used before by Facebook worms–is another indication of the resilience and changing tactics the malware...
Amit Yoran on Cyberwar, Federal Cybersecurity and the Evolution of Threats
Dennis Fisher talks with Amit Yoran, former director of the National Cyber Security Division at DHS and CEO of NetWitness, about state-sponsored attacks, federal cybersecurity and the changing nature of security threats. Download Subscribe to the Digital Underground podcast on Podcast audio...
MiniTwitter 0.3-Beta (SQL/XSS) Multiple Remote Vulnerabilities
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ------------------...
minitwitter 0.3-beta - SQL Injection / Cross-Site Scripting
|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | MULTIPLE...
minitwitter 0.3-beta - SQL Injection Cross-Site Scripting
minitwitter 0.3-beta - SQL Injection Cross-Site Scripting || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...
MiniTwitter 0.3 Beta SQL Injection
------------------------------------------------------------ MULTIPLE REMOTE VULNERABILITIES --MiniTwitter ------------------------------------------------------------ CMS INFORMATION: --WEB: http://mt.bioscriptsdb.com/ --DOWNLOAD: http://sourceforge.net/projects/minitt/ --DEMO:...
MetaBBS 0.11 Password Changing Exploit
Metabbs 0.11 2008-08-06 19:56 Admin password Header file Footer File Site theme Language Always Use Default Language TimeZone...
Debian Security Advisory DSA 1694-2 (xterm)
The remote host is missing an update to xterm announced via advisory DSA 1694-2. OpenVAS Vulnerability Test $Id: deb16942.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1694-2 xterm Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian Security Advisory DSA 1694-1 (xterm)
The remote host is missing an update to xterm announced via advisory DSA 1694-1. OpenVAS Vulnerability Test $Id: deb16941.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1694-1 xterm Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian: Security Advisory (DSA-1694-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1694-2] New xterm packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1694-2 [email protected] http://www.debian.org/security/ Florian Weimer January 06, 2009 http://www.debian.org/security/faq -...
DSA-1694-1 xterm - remote code execution
Bulletin has no description...