CVE-2004-2268

PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php...

CVE-2002-2032

sqllayer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sqldebug parameter to 1 index.php and 2 modules.php...

FreeBSD : perl -- vulnerabilities in PERLIO_DEBUG handling (a5eb760a-753c-11d9-a36f-000a95bc6fae)

Kevin Finisterre discovered bugs in perl's I/O debug support : - The environmental variable PERLIODEBUG is honored even by the set-user-ID perl command usually named sperl or suidperl. As a result, a local attacker may be able to gain elevated privileges. CVE-2005-0155 - A buffer overflow may occ...

druppy461.pl.txt

!/usr/bin/perl Mon Jul 4 18:19:35 CEST 2005 [email protected] DRUPAL-SA-2005-002 php injection in comments yes, its lame Hax0r code here, read before execute Run without arguments to show the help. BLINK! BLINK! BLINK! BLINK! Feel free to port to another stupid script language mIRC, python, TCL ...

CVE-2005-2027

The affected product is Enterasys Vertical Horizon VH-2402S. Vulnerable component: firmware handling of debugging commands. Root cause: firmware prior to 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account. Impact: attackers could obtain sensitive information or ...

[Full-disclosure] Undocumented account vulnerability in Enterasys Vertical Horizon switches

Problem Description An undocumented account with a default password exists, additionally guest users can DoS the switch. 2. Tested systems The following versions were tested and found vulnerable: Vertical Horizon VH-2402S with firmware 02.05.00 Vertical Horizon VH-2402S with firmware 02.05.09.07...

CVE-2005-1830

The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 allows remote attackers to cause a denial of service application crash via an invalid Debug Message pointer...

CVE-2005-1830

The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 allows remote attackers to cause a denial of service application crash via an invalid Debug Message pointer...

[Full-disclosure] Compuware Softice (DbgMsg driver) Local Denial Of Service

Compuware Softice DbgMsg driver Local Denial Of Service by Piotr Bania [email protected] http://pb.specialised.info Original location: http://pb.specialised.info/all/adv/sice-adv.txt Severity: Low / Medium - BSOD Blue Screen Of Death DOS Software affected: Tested on Softice from DriverStudio...

Compuware SoftIce debugger debug message driver DoS

BSOD on invalid debug message pointer...

Invision Power Board 2.0.3 - 'login.php' SQL Injection

!/usr/bin/perl -w This one actually works : Just paste the outputted cookie into your request header using livehttpheaders or something and you will probably be logged in as that user. No need to decrypt it! Exploit coded by "Tony Little Lately" and "Petey Beege" use LWP::UserAgent; $ua = new...

security flaw

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LDDEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program...

CVE-2005-1148

calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid 1 year or 2 month parameters, which leaks the full pathname and debug information...

CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0866

cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2005-0464

grosview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error...

DEBIAN-CVE-2005-0241

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...

DEBIAN-CVE-2005-0438

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter...