[SECURITY] Fedora 7 Update: phpMyAdmin-2.11.2.2-1.fc7

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

[SECURITY] Fedora 7 Update: phpMyAdmin-2.11.2.1-1.fc7

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

MySQLDumper vulnerability: Bypassing Apache based access control possible

A critical security issue has been found in the Open Source PHP backup tool MySQLDumper 0. The issue allows to bypass an Apache based access control created with MySQLDumper. Through this an attacker can easily gain full control about all features of MySQLDumper. The authors of MySQLDumper were...

Use download the vulnerability database to initiate network attacks-vulnerability warning-the black bar safety net

As scripting vulnerability the number one killer-and database download vulnerabilities, now has been more and more people to the art. In this information technology update Fast of the era, the vulnerability produced after the attendant is to respond to the tricks, such as change the database...

Various sites program's default database-vulnerability warning-the black bar safety net

Action Network: The default database /data/dvbbs7. mdb BACKUP DATABASE /databackup/dvbbs7. mdb Front: Username: admin Key code: admin888 Background: Username: admin Key code: admin888 --------------- bbsxp: The default database database/bbsxp. mdb ＿＿＿＿＿＿＿＿＿＿＿＿＿＿＿ LeadBBS The default database...

JVN#34522909 Kahua vulnerable in allowing to share login sessions

Impact A remote attacker could possibly take over the user privileges and manipulate applications when several user databases are in use. If a multiple applications of Kahua refer to different user database, a user could log into multiple applications which results in a login session to be shared...

CVE-2006-3861

IBM Informix Dynamic Server IDS before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases...

FreeBSD-SA-06:15.ypserv

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:15.ypserv Security Advisory The FreeBSD Project Topic: Inoperative access controls in ypserv8 Category: core Module: ypserv Announced: 2006-05-31 Credits: Hoka...

FreeBSD : bogofilter -- heap corruption through malformed input (92140bc9-7bde-11da-8ec4-0002b3b60e4c)

Matthias Andree reports : When using Unicode databases default in more recent bogofilter installations, upon encountering invalid input sequences, bogofilter or bogolexer could overrun a malloc'd buffer, corrupting the heap, while converting character sets. Bogofilter would usually be processing...

Guppy <= 4.5.11 (Delete Databases) Remote Denial of Service Exploit

Exploit for unknown platform in category web applications =================================================================== Guppy Guppy Guppy by trueend5 Computer Security Science Researchers Institute KAPDA table width="90%...

The secondary discovery of Taoyuan Network Hard Disk vulnerability-vulnerability warning-the black bar safety net

Himself in the first 1 0-term on the Black anti was published in Taoyuan Network Hard Drive related vulnerabilities. Immediately notify the Taoyuan official fix for the related vulnerability. Recently, after work bored, just re-download the Taoyuan Network Hard Drive latest version 2. 5 to conduc...

[Full-disclosure] EZDatabase Directory Transversal, XSS and Path Disclosure Vulnerability

Synopsis: EZDatabase directory transversal, XSS and path disclosure vulnerability Product: EZDatabase http://www.ezdatabase.org Version: Confirmed on EZDatabase 2.1.2 Author: Josh Zlatin-Amishav Date: January 15, 2006 Background: Written in PHP and MySQL, ezDatabase is the foundation for your...

ezDatabase 2.0 and below

ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website...

Ubuntu 4.10 : mailman vulnerabilities (USN-78-1)

An path traversal vulnerability has been discovered in the 'private' module of Mailman. A flawed path sanitation algorithm allowed the construction of URLS to arbitrary files readable by Mailman. This allowed a remote attacker to retrieve configuration and password databases, private list archive...

CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...

CVE-2005-4591

CVE-2005-4591 describes a heap-based buffer overflow in bogofilter (and bogolexer during charset conversion) when using Unicode databases. The vulnerability arises from invalid input sequences that trigger heap corruption, allowing remote attackers to cause a crash and potentially execute arbitra...

CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...

CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...

CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...

CVE-2005-4591

Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via "invalid input sequences" that lead to heap...