Lucene search
+L

860 matches found

Cvelist
Cvelist
added 2005/06/21 4:0 a.m.23 views

CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

6.7AI score0.01069EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/10/01 12:0 a.m.22 views

Silent-Storm Portal Multiple Input Validation Vulnerabilities

The remote host is running Silent-Storm, a web-based forum management software written in PHP. There are multiple input validation flaws in the remote version of this software : - There is a cross-site scripting vulnerability involving the 'module' parameter of the 'index.php' script. - The...

7.5CVSS5.4AI score0.06765EPSS
Exploits2References3
securityvulns
securityvulns
added 2004/09/06 12:0 a.m.40 views

OpenCA Security Advisory: Cross Site Scripting vulnerability

OpenCA Security Advisory: Cross Site Scripting vulnerability Authors Martin Bartosch [email protected] Michael Bell [email protected] 2004-09-01 Initial revision 2004-09-06 Public release Summary ------- The OpenCA Project is a collaborative effort to develop a robust, full-feature...

4.3CVSS0.4AI score0.01177EPSS
Exploits0
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.23 views

CVE-2002-1256

The SMB signing capability in the Server Message Block SMB protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying gro...

6.1AI score0.05385EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.14 views

Ximian Evolution < 1.2.3 UUEncoding Overflow DoS / Data Injection

Binary data 1307.prm...

5CVSS7.3AI score0.16522EPSS
Exploits3References3
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1746

Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...

5CVSS6.7AI score0.01069EPSS
Exploits0References2
OSV
OSV
added 2002/12/31 5:0 a.m.5 views

CVE-2002-1755

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...

7AI score
Exploits0References2
OSV
OSV
added 2002/12/31 5:0 a.m.5 views

DEBIAN-CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

5CVSS7.1AI score0.01069EPSS
Exploits0References1
NVD
NVD
added 2002/12/31 5:0 a.m.23 views

CVE-2002-1755

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...

5CVSS6.7AI score0.01096EPSS
Exploits0References2
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

5CVSS6.7AI score0.01069EPSS
Exploits0References2
OSV
OSV
added 2002/12/31 5:0 a.m.5 views

DEBIAN-CVE-2002-1755

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...

5CVSS7AI score0.01096EPSS
Exploits0References1
OSV
OSV
added 2002/12/31 5:0 a.m.7 views

CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

7AI score
Exploits0References2
OSV
OSV
added 2002/12/31 5:0 a.m.7 views

CVE-2002-1746

Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...

7AI score
Exploits0References2
NVD
NVD
added 2002/12/23 5:0 a.m.20 views

CVE-2002-1256

The SMB signing capability in the Server Message Block SMB protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying gro...

5CVSS6.1AI score0.05385EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/01/10 12:0 a.m.42 views

Внедрение данных в tinc &#40;data injection&#41;

Протокол не защищает от вставки данных...

1.2AI score
Exploits0References1
securityvulns
securityvulns
added 2002/01/03 12:0 a.m.44 views

Проблемы с encrypted loop device под linux &#40;data injection&#41;

Данные предохраняются от несанкционированного доступа, но возможно несанкционированное добавление данных...

1.4AI score
Exploits0References1
NVD
NVD
added 2001/12/31 5:0 a.m.18 views

CVE-2001-1505

tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets...

5CVSS6.7AI score0.01372EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2000/08/01 12:0 a.m.27 views

Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution

source: https://www.securityfocus.com/bid/1525/info In February of 2000 CERT Coordination Center released an advisory titled "Malicious HTML Tags Embedded in Client Web Requests" advisory attached in 'Credit' section". This advisory was a joint release by the CERT Coordination Center, DoD-CERT, t...

7.4AI score
Exploits0
security_vulns
security_vulns
added 1999/10/15 12:0 a.m.28 views

FTP client/server and listen() implementation

Here is exploit. It works as described in NAI 1996 bulletin http://www.nai.com/nailabs/aspset/advisory/ftp-paper.asp but.... there are two points i'm disagree with NAI. 1. ftp console client under FreeBSD 2.2.x IS vulnerable 2. Inspite I don't treat FTP as secured protocol IMHO it's OS/software...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 1999/08/23 12:0 a.m.41 views

GNU glibc 2.1/2.1.1 -6 - &#039;pt_chown&#039; Local Privilege Escalation

// source: https://www.securityfocus.com/bid/597/info // ptchown is a program included with glibc 2.1.x that exists to aid the proper allocation of terminals for non-suid programs that don't have devpts support. It is installed setuid root, and is shipped with RedHat Linux 6.0. As it stands,...

7.4AI score
Exploits0
Rows per page
Query Builder