4638 matches found
AWStats fails to properly handle "\\" when specifying a configuration file directory
Overview AWStats fails to properly handle "\" when specifying a configuration file directory. This could allow an attacker to specify an arbitrary configuration file located on an SMB share. Description From the AWStats project website: "AWStats is a free powerful and featureful tool that...
Security A Hidden Benefit of iOS 4.2 Update
Apple iPhone and iPad users are buzzing about the new features that come with the latest update to the company’s iOS mobile operating system. But the update also contains dozens of fixes for security holes that could have allowed attackers to compromise the popular devices using malicious PDF...
CVE-2010-4167
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCOREINSTALLEDSUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory...
DEBIAN-CVE-2010-4167
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCOREINSTALLEDSUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory...
CVE-2010-4167
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCOREINSTALLEDSUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory...
Discuz! 7.2 the following versions and various uc products api interface to Get webshell vulnerability-vulnerability warning-the black bar safety net
For dz, we are more concerned about is to get the shell, but the dz stuff want to take the shell too hard too difficult, on an article at the end of the bedding the next, so this article is also not on the horse after cannon....this vulnerability has been in the discuz! x1 version quietly give up...
Trojan Exploiting Adobe Flash Bug Has Some Odd Traits
The piece of malware that’s being used to exploit the unpatched Adobe Flash bug that was disclosed Thursday looks like sort of a run-of-the-mill Trojan, but an analysis shows that it does have some unique features. The Trojan is known by a couple of names, including Sykipot, and its infection...
Prevx 3.0.5.210 config file Vulnerability
Exploit for windows platform in category local exploits ========================================= Prevx 3.0.5.210 config file Vulnerability ========================================= Author : STRELiTZIA Software : Prevx 3.0.5.210 and old Tested on : Windows All ============================ =...
Barracuda Multiple Product "locale" Directory Traversal
This module exploits a directory traversal vulnerability present in several Barracuda products, including the Barracuda Spam and Virus Firewall, Barracuda SSL VPN, and the Barracuda Web Application Firewall. By default, this module will attempt to download the Barracuda configuration file. This...
[SECURITY] Fedora 13 Update: slim-1.3.2-2.fc13
SLiM Simple Login Manager is a graphical login manager for X11. It aims to be simple, fast and independent from the various desktop environments. SLiM is based on latest stable release of Login.app by Per Lid=C3=A9n. In the distribution, slim may be called through a wrapper, slim-dynwm, which...
[SECURITY] Fedora 12 Update: slim-1.3.2-2.fc12
SLiM Simple Login Manager is a graphical login manager for X11. It aims to be simple, fast and independent from the various desktop environments. SLiM is based on latest stable release of Login.app by Per Lid=C3=A9n. In the distribution, slim may be called through a wrapper, slim-dynwm, which...
Cable Modem Termination System Authentication Bypass - Cisco Systems
Two issues are described in this security advisory. The first issue involves cable modems not manufactured by Cisco that allow a configuration file to be downloaded from an interface that is not connected to the network of the cable modem's service provider. This historical behavior allows an...
phpMyAdmin 'CVE-2010-3055' Configuration File PHP Code Injection Vulnerability
phpMyAdmin is prone to a remote PHP code injection vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
phpMyAdmin setup.php Arbitrary PHP Code Execution (PMASA-2010-4)
The setup script included with the version of phpMyAdmin installed on the remote host does not properly sanitize user-supplied input before using it to generate a config file for the application. Submitting a specially crafted POST request can result in arbitrary PHP code injection. A remote...
Fedora 13 : openldap-2.4.21-10.fc13 (2010-11343)
Tue Jul 20 2010 Jan Vcelak - 2.4.21-10 - CVE-2010-0211 openldap: modrdn processing uninitialized pointer free 605448 - CVE-2010-0212 openldap: modrdn processing IA5StringNormalize NULL pointer dereference 605452 - obsolete configuration file moved to /usr/share/openldap-servers 612602 - Thu Jul 1...
Insufficient output sanitizing when generating configuration file.
PMASA-2010-4 Announcement-ID: PMASA-2010-4 Date: 2010-08-20 Summary Insufficient output sanitizing when generating configuration file. Description The setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration...
rsaUnDumper[sql] – универсальный дампер SQL INJECTION
Версия 1.5 Нововведения по сравнению с версией 1.0: добавлена поддержка прокси http; socks4 и sokcs5 - с авторизацией возможно указывать приоритет для потоков фак по ним позже, щас можно почитать msdn теперь вы указываете не url, а HTTP запрос, т.е. есть возможность дампить sql inj с уюзвимым pos...
Immunity Canvas: CF_DIRECTORY_TRAVERSAL
Name| CFdirectorytraversal ---|--- CVE| CVE-2010-2861 Exploit Pack| CANVAS Description| ColdFusion Directory Traversal Notes| CVE Name: CVE-2010-2861 VENDOR: http://www.adobe.com Things to consider: 1 - A remote file i-test10-1.cfm will be left in the webroot as well as the CANVAS callback trojan...
Play! Framework <= 1.0.3.1 Directory Transversal Vulnerability
Exploit for multiple platform in category remote exploits ============================================================== Play! Framework = 1.0.3.1 Directory Transversal Vulnerability ============================================================== Exploit Title: Play! Framework = 1.0.3.1 Directory...
Akamai Download Manager arbitrary file download & execution
------------------------------------------------------------------------ Akamai Download Manager arbitrary file download & execution ------------------------------------------------------------------------ Yorick Koster, April 2009...