WinGate IMAP Server Directory Traversal Vulnerabilities

The remote host appears to be running WinGate, a Windows application for managing and securing Internet access. The version of WinGate installed on the remote host fails to remove directory traversal sequences from the 'CREATE', 'SELECT', 'DELETE', 'RENAME', 'COPY', 'APPEND', and 'LIST' commands...

Directory traversal

Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the 1 CREATE, 2 SELECT, 3 DELETE, 4...

CVE-2006-2633

The CVE-2006-2633 entry describes an absolute path traversal in ByteHoard 2.1 and earlier, where the copy action in index.php can be exploited by remote authenticated users to create or overwrite files in other users’ directories by supplying the absolute directory path in infolder and the filena...

SUSE-SA:2006:024: php4,php5

The remote host is missing the patch for the advisory SUSE-SA:2006:024 php4,php5. This update fixes the following security issues in the scripting languages PHP4 and PHP5: - copy and tempnam functions could bypass openbasedir restrictions CVE-2006-1494 - Cross-Site-Scripting XSS bug in phpinfo...

Opera Web Browser 8.52 - Stylesheet Attribute Buffer Overflow

source: https://www.securityfocus.com/bid/17513/info Opera is prone to a buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before using it in a string-copy operation. This issue allows remote attackers to crash affected web...

adv28-K-159-2006.txt

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure...

Clever Copy connect.inc Direct Request Information Disclosure

The remote host is running Clever Copy, a free web portal written in PHP. The version of Clever Copy installed on the remote host fails to limit access to the 'admin/connect.inc' include file, which contains information used by the application to connect to a database. An unauthenticated attacker...

CVE-2006-1718

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc...

CVE-2006-1718

CVE-2006-1718 affects Magus Perde Clever Copy 3.0 and earlier. The application stores database credentials under the web root and does not enforce access control for connect.inc, allowing an unauthenticated remote attacker to view the file contents via a direct HTTP request. This information disc...

CVE-2006-1718

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc...

Clever Copy 3.0 - Connect.INC Information Disclosure

Clever Copy 3.0 - Connect.INC Information Disclosure source: https://www.securityfocus.com/bid/17461/info Clever Copy is prone to an information-disclosure vulnerability. A remote attacker could leverage this issue to gain access to sensitive configuration information. The attacker could then use...

Clever Copy 3.0 - 'Connect.INC' Information Disclosure

source: https://www.securityfocus.com/bid/17461/info Clever Copy is prone to an information-disclosure vulnerability. A remote attacker could leverage this issue to gain access to sensitive configuration information. The attacker could then use this information to launch further attacks against t...

CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...

CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...

CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...

[ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure

/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure ---------------------------------------------------------------------------...

Clever Copy 2.x Multiple Vulnerabilities - Active Check

Clever Copy is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2006-1129 · Linux +2 · Netfilter +3

Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.6.16-rc3 Description: The issue is related to an integer overflow in the do replace function in netfilter for Linux. This can be exploited by local users with CAP NET ADMIN rights to cause a buffer overflow in the co...

Copy protection scheme SafeDisc allows privilege escalation

I have a found a serious flaw in the well-known and widely deployed copy protection scheme SafeDisc. The issues arrises from the how the installation of the driver secdrv.sys is managed. When installed, the associated driver service is assigned the SECHANGECONFIG flag, which means that any user i...

PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow (1)

PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow 1 / GNU PeerCast include include include include include include include include include struct target char name; int retaddr...