CVE-2007-6722

CVE-2007-6722 affects Vidalia bundle prior to 0.1.2.18 on Windows and macOS, where Privoxy is installed with a config.txt/config containing insecure enable-remote-toggle and enable-edit-actions. This configuration flaw can allow remote attackers to bypass access restrictions and modify Privoxy se...

CVE-2007-6724

Vidalia bundle prior to 0.1.2.18 on Windows installs Privoxy with a configuration file (config.txt or config) that contains an insecure enable-remote-http-toggle setting. This allows remote attackers to bypass intended access restrictions and modify the Privoxy configuration. Affected component: ...

[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure

------------------------------------------------------------------------ Debian Security Advisory DSA-1758-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 30, 2009 http://www.debian.org/security/faq -...

DSA-1758-1 nss-ldapd - information disclosure

Bulletin has no description...

pam-krb5 < 3.13 Local Privilege Escalation Exploit

No description provided by source. / cve-2009-0360.c pam-krb5 3.13 local privilege escalation Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360 pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly...

pam-krb5 < 3.13 Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits ================================================== pam-krb5 3.13 Local Privilege Escalation Exploit ================================================== / cve-2009-0360.c pam-krb5 3.13 local privilege escalation Information:...

Moodle: Sensitive File Disclosure

Moodle File Disclosure Vulnerability Systems Affected Moodle series 1.6.9+, 1.7.7+, 1.8.9, 1.9.5 Severity Critical Probability of being vulnerable Rather Low Vendor http://moodle.org/ Filed Bug MDL-18552 Author Christian J. Eibl Date 20090327 I. BACKGROUND Moodle is an open source webbased learni...

Moodle &lt; 1.6.9/1.7.7/1.8.9/1.9.5 - File Disclosure

Moodle File Disclosure Vulnerability Systems Affected Moodle series 1.6.9+, 1.7.7+, 1.8.9, 1.9.5 Severity Critical Probability of being vulnerable Rather Low Vendor http://moodle.org/ Filed Bug MDL-18552 Author Christian J. Eibl Date 20090327 I. BACKGROUND Moodle is an open source webbased learni...

Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability

Exploit for unknown platform in category web applications ============================================================== Moodle 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability ============================================================== Moodle File Disclosure Vulnerability Systems Affecte...

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

Code injection

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attack...

pam_krb5: Privilege escalation

Background pamkrb5 is a a Kerberos v5 PAM module. Description The following vulnerabilities were discovered: pamkrb5 does not properly initialize the Kerberos libraries for setuid use CVE-2009-0360. Derek Chan reported that calls to pamsetcred are not properly handled when running setuid...

Insufficient output sanitizing when generating configuration file.

PMASA-2009-3 Announcement-ID: PMASA-2009-3 Date: 2009-03-24 Summary Insufficient output sanitizing when generating configuration file. Description Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

phpmyadmin -- insufficient output sanitizing when generating configuration file

phpMyAdmin reports: Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

CVE-2009-0887

Integer signedness error in the pamStrTok function in libpam/pammisc.c in Linux-PAM aka pam 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with ...