113 matches found
Windows secure channel remote code execution vulnerability, CVE-2 0 1 4-6 3 2 1)Analysis-vulnerability warning-the black bar safety net
I. background Windows secure channel Secure Channel, Schannel)surprise the reported vulnerability, Microsoft recently released as a major grade MS14-0 6 6 information security Bulletin, revealed in the Schannel remote code execution vulnerability, CVE-2 0 1 4-6 3 2 1 in. The affected Microsoft...
Mcafee FreeScan CoMcFreeScan Browser Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information...
CVE-2012-3325
IBM WebSphere Application Server WAS 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.5, and 8.5.x Full Profile before 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain administrative access via...
Sysax Multi Server 5.50 Create Folder Buffer Overflow
Title: Sysax Multi Server 5.50 Create Folder Remote Code Exec BoF MSF Module Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bitNo DEP Notes: My original exploit = http://www.exploit-db.com/exploits/18382/ did not automate the SID gathering process, but this one does...
afp-brute NSE Script
Performs password guessing against Apple Filing Protocol AFP. Script Arguments afp.password, afp.username See the documentation for the afp library. passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. Example Usage nmap -p 548 --scrip...
Debian Security Advisory DSA 1463-1 (postgresql-7.4)
The remote host is missing an update to postgresql-7.4 announced via advisory DSA 1463-1. OpenVAS Vulnerability Test $Id: deb14631.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1463-1 postgresql-7.4 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
Debian Security Advisory DSA 1460-1 (postgresql-8.1)
The remote host is missing an update to postgresql-8.1 announced via advisory DSA 1460-1. OpenVAS Vulnerability Test $Id: deb14601.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1460-1 postgresql-8.1 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
Debian DSA-1463-1 : postgresql-7.4 - several vulnerabilities
Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3278 It was discovered that the DBLink module performed insufficient credential validation. This iss...
Debian DSA-1460-1 : postgresql-8.1 - several vulnerabilities
Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3278 It was discovered that the DBLink module performed insufficient credential validation. This iss...
DSA-1460-1 postgresql-8.1 - several
Bulletin has no description...
OpenBB 1.0.x - Private Message Disclosure
OpenBB 1.0.x - Private Message Disclosure source: https://www.securityfocus.com/bid/10217/info It has been reported that OpenBB is affected by a private message disclosure vulnerability. This issue is due to a design error that fails to validate user credentials. This issue might allow an attacke...
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure
source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information access credentials. Successful...
CVE-1999-1214
The CVE-1999-1214 issue affects the 4.4 BSD kernel’s asynchronous I/O facility. It does not validate credentials when setting the recipient of I/O notification, allowing a local user to trigger a signal to an arbitrary process ID via specific ioctl/fcntl calls, causing a denial of service. The do...