849 matches found
With a Winsock implementation on the website of the database data injection-vulnerability warning-the black bar safety net
In writing this article before, it is necessary to"inject"one word describes it. The difference to the usualSQL injection, where the injection actually just construct an HTTP request packet to a program instead of a WEB page is submitted, data is automatically submitted. Hey, speaking of which, I...
CVE-2002-1755
The CVE-2002-1755 entry concerns tinc VPN versions 1.0pre3 and 1.0pre4 that do not authenticate forwarded packets, enabling remote attackers to inject data into user sessions and potentially alter contents via CBC-related cut-and-paste. The root cause appears to be lack of authentication for forw...
CVE-2002-1746
Affected software: Vtun 2.5b1. The CVE describes that remote attackers can inject data into user sessions by sniffing and replaying packets, enabling data injection into sessions. The provided documents do not specify a fix or patch version. No explicit exploitation details beyond the sniffing/re...
CVE-2001-1505
The CVE-2001-1505 entry covers tinc versions 1.0pre3 and 1.0pre4, where remote attackers can inject data into user sessions by sniffing and replaying packets. Affected component: tinc (specific versions cited). Underlying issue: packet sniffing/replay enables session data modification (integrity ...
CVE-2002-1747
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...
CVE-2001-1505
tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets...
CVE-2002-1747
Vulners notes CVE-2002-1747 affects Vtun 2.5b1, where lack of authentication for forwarded packets permits remote injection into user sessions and potential control of data contents via ECB-based cut-and-paste. This is the stated root cause and impact in connected sources; no remediation or patch...
CVE-2002-1755
tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...
CVE-2002-1746
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...
CVE-2002-1747
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...
Silent-Storm Portal Multiple Input Validation Vulnerabilities
The remote host is running Silent-Storm, a web-based forum management software written in PHP. There are multiple input validation flaws in the remote version of this software : - There is a cross-site scripting vulnerability involving the 'module' parameter of the 'index.php' script. - The...
OpenCA Security Advisory: Cross Site Scripting vulnerability
OpenCA Security Advisory: Cross Site Scripting vulnerability Authors Martin Bartosch [email protected] Michael Bell [email protected] 2004-09-01 Initial revision 2004-09-06 Public release Summary ------- The OpenCA Project is a collaborative effort to develop a robust, full-feature...
CVE-2002-1256
The SMB signing capability in the Server Message Block SMB protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying gro...
Ximian Evolution < 1.2.3 UUEncoding Overflow DoS / Data Injection
Binary data 1307.prm...
CVE-2002-1747
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...
CVE-2002-1755
tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...
CVE-2002-1746
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...
CVE-2002-1746
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...
CVE-2002-1747
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...
DEBIAN-CVE-2002-1755
tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...