HP-UX Security Patch : PHCO_31921

cumulative 10.20 libc compatibility support %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26293; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Debian DSA-1378-2 : linux-2.6 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3731 Evan Teran discovered a potential local...

phpnukemobile-lfi.txt

Nuke Mobile Entartainment AsbMay's Group ... Vuln. Code : include 'modules/'.$modulename.'compatibility/data/marque.data.php'; ExploiT : path/data/compatible.php?modulename=Local File%00 Greetings 2 : str0ke - Dr.2 - AsbMay's Group - GoLdM - KuWaiT SeCuriTy...

Microsoft Agent agentdpv.dll ActiveX控件畸形URL栈溢出漏洞（MS07-051）

BUGTRAQ ID: 25566 CVECAN ID: CVE-2007-3040 Microsoft Windows是微软发布的非常流行的操作系统。 Windows操作系统所安装的Microsoft Agent ActiveX控件用于使用动画字符引导用户了解如何使用计算机，该ActiveX控件注册如下： 文件：agentdpv.dll ProgID：Agent.Control CLASSID：D45FD31B-5C6E-11D1-9EC1-00C04FD7081F Microsoft...

Intuit QuickBooks Online Edition ActiveX control stack buffer overflows

Overview The Intuit QuickBooks Online Edition ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Intuit QuickBooks Online Edition is a version of QuickBooks that functions withi...

USN-469-2: Enigmail regression

USN-469-1 fixed vulnerabilities in the Mozilla Thunderbird email client. The updated Thunderbird version broken compatibility with the Enigmail plugin. This update corrects the problem. We apologize for the inconvenience...

oops in compat_sys_mount() when data pointer is NULL

The compatsysmount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service NULL pointer dereference and oops by mounting a smbfs file system in compatibility mode "mount -t smbfs"...

oops in compat_sys_mount() when data pointer is NULL

The compatsysmount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service NULL pointer dereference and oops by mounting a smbfs file system in compatibility mode "mount -t smbfs"...

[SECURITY] Fedora 7 Update: openoffice.org-2.2.0-14.11

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

[SECURITY] Fedora Core 6 Update: squirrelmail-1.4.10a-1.fc6

SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 with no Javascript for maximum compatibility across browsers. It has very few requirements and is very easy to configure and instal...

[SECURITY] [DSA 1289-1] New Linux 2.6.18 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1289-1 [email protected] http://www.debian.org/security/ Dann Frazier May 13th, 2007 http://www.debian.org/security/faq -...

Microsoft Security Bulletin MS07-023 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)

Microsoft Security Bulletin MS07-023 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution 934233 Published: May 8, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Excel Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...

[SECURITY] Fedora Core 6 Update: openoffice.org-2.0.4-5.5.17

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

Trend Micro OfficeScan客户端ActiveX控件远程栈溢出漏洞

Trend Micro OfficeScan是一种针对整个网段的分布式杀毒软件。 OfficeScan企业版Web部署SetupINI ActiveX控件（OfficeScanSetupINI.dll）在显示配置设置列表时存在栈溢出漏洞，远程攻击者可能利用此漏洞控制客户端。 如果用户受骗访问了恶意站点传送超长属性的话，就会触发这个溢出，导致执行任意指令。 Trend Micro Client/Server/Messaging Security 3.5 Trend Micro Client/Server/Messaging Security 3.0 Trend Micro...

Unfixed XSS vulnerability at www.tis-edu.com

Security researcher RoMeO, has submitted on 02/12/2007 a cross-site-scripting XSS vulnerability affecting www.tis-edu.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/12/2007. It is currently...

Buffer overflows ten years of attack and defence weakness-vulnerability warning-the black bar safety net

In the past ten years, buffer overflow is a type of security vulnerability accounted for is the most common form. Even more serious is that buffer overflow vulnerabilities account for a remote network attack the majority of, this attack can be such that an anonymous Internet user have access to a...

With Phoenix universal boot disk to resolve local/domain administrator password lost-vulnerability warning-the black bar safety net

The local administrator password is lost, by deleting the SAM file, or by NTPASSWORD software solution. But to solve the domain administrator password is lost, they can not do anything. Then you need to use“Phoenix universal boot disk”, this article will discuss in detail the use of this disk to...

WinZip 10.0 - FileView ActiveX Controls Remote Overflow

WinZip 10.0 - FileView ActiveX Controls Remote Overflow / ---=== winzip-exploit.html XiaoHui : 76693223at163com HomePage: www.nipc.org.cn c 2006 All rights reserved. note:Because of the prior vuln in FileView ActiveX Control,Micorsoft has disabled this ActiveX Controls, To test this vuln,You can...

Microsoft Agent Active控件缓冲区溢出漏洞（MS06-068）

Microsoft Windows是微软发布的非常流行的操作系统。 Windows的Microsoft Agent ActiveX控件在处理.ACF文件时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 攻击者可能通过构建特制网页来利用此漏洞，如果用户查看了该网页，则可能允许远程执行代码。 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 Microsoft Windows 2000SP4 临时解决方法：...

Solaris 9 (x86) : 115615-28

Sun JavaTM System Directory Server 5.2 patch 6 : Solarisx86. Date this patch was last updated by Sun : Sep/21/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...