8591 matches found
SUSE-SA:2006:024: php4,php5
The remote host is missing the patch for the advisory SUSE-SA:2006:024 php4,php5. This update fixes the following security issues in the scripting languages PHP4 and PHP5: - copy and tempnam functions could bypass openbasedir restrictions CVE-2006-1494 - Cross-Site-Scripting XSS bug in phpinfo...
Opera Web Browser 8.52 - Stylesheet Attribute Buffer Overflow
source: https://www.securityfocus.com/bid/17513/info Opera is prone to a buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before using it in a string-copy operation. This issue allows remote attackers to crash affected web...
adv28-K-159-2006.txt
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure...
Clever Copy connect.inc Direct Request Information Disclosure
The remote host is running Clever Copy, a free web portal written in PHP. The version of Clever Copy installed on the remote host fails to limit access to the 'admin/connect.inc' include file, which contains information used by the application to connect to a database. An unauthenticated attacker...
CVE-2006-1718
Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc...
CVE-2006-1718
CVE-2006-1718 affects Magus Perde Clever Copy 3.0 and earlier. The application stores database credentials under the web root and does not enforce access control for connect.inc, allowing an unauthenticated remote attacker to view the file contents via a direct HTTP request. This information disc...
CVE-2006-1718
Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc...
Clever Copy 3.0 - Connect.INC Information Disclosure
Clever Copy 3.0 - Connect.INC Information Disclosure source: https://www.securityfocus.com/bid/17461/info Clever Copy is prone to an information-disclosure vulnerability. A remote attacker could leverage this issue to gain access to sensitive configuration information. The attacker could then use...
Clever Copy 3.0 - 'Connect.INC' Information Disclosure
source: https://www.securityfocus.com/bid/17461/info Clever Copy is prone to an information-disclosure vulnerability. A remote attacker could leverage this issue to gain access to sensitive configuration information. The attacker could then use this information to launch further attacks against t...
CVE-2006-1608
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...
CVE-2006-1608
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...
CVE-2006-1608
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...
[ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure
/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure ---------------------------------------------------------------------------...
Clever Copy 2.x Multiple Vulnerabilities - Active Check
Clever Copy is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2006-1129 · Linux +2 · Netfilter +3
Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.6.16-rc3 Description: The issue is related to an integer overflow in the do replace function in netfilter for Linux. This can be exploited by local users with CAP NET ADMIN rights to cause a buffer overflow in the co...
Copy protection scheme SafeDisc allows privilege escalation
I have a found a serious flaw in the well-known and widely deployed copy protection scheme SafeDisc. The issues arrises from the how the installation of the driver secdrv.sys is managed. When installed, the associated driver service is assigned the SECHANGECONFIG flag, which means that any user i...
PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow (1)
PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow 1 / GNU PeerCast include include include include include include include include include struct target char name; int retaddr...
local to local copy uses shell expansion twice
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...
CVE-2006-0796
Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
Cross site scripting
Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...