PHP Subscriber远程密码泄露漏洞

PHP Subscriber是一款基于PHP的WEB应用程序。 PHP Subscriber不正确过滤用户提交的输入，远程攻击者可以利用漏洞获得密码敏感信息。 攻击者可以请求http://www.site.com/path/pwd.txt连接获得密码文件信息，然后使用BASE64解码密码信息。 PHP Subscriber 目前没有详细漏洞细节提供...

arsdigita-traverse.txt

SUMMARY ======= A directory traversal vulnerability exists in the Ars Digita Community System. A remote attacker could exploit this vulnerability to read arbitrary files with the permissions of the web server. AFFECTED SOFTWARE ================= Ars Digita Community System ACS 3.4.9, 3.4.10, and...

Fedora Core 6 : mutt-1.4.2.2-3.fc6 (2006-1063)

Tue Oct 24 2006 Miroslav Lichvar 5:1.4.2.2-3 - fix insecure temp file creation on NFS 211085, CVE-2006-5297 - Thu Aug 3 2006 Miroslav Lichvar 5:1.4.2.2-2 - fix a SASL authentication bug 199591 - Mon Jul 17 2006 Miroslav Lichvar 5:1.4.2.2-1 - update to 1.4.2.2 - fix directories in manual.txt...

WordPress Trackback Charset Decoding SQL Injection

The version of WordPress on the remote host supports trackbacks in alternate character sets and decodes them after escaping SQL parameters. By specifying an alternate character set and encoding input with that character set while submitting a trackback, an unauthenticated, remote attacker can...

Advisory 02/2007: WordPress Trackback Charset Decoding SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: WordPress Trackback Charset Decoding SQL Injection Vulnerability Release Date: 2007/01/05 Last Modified: 2007/01/05 Author: Stefan Esser [email protected] Application:...

The breakthrough first-class information surveillance system, etc. IIS firewall to achieve injection-vulnerability warning-the black bar safety net

Prior to URL encoding, percent-plus the two bits 1 to 6 hexadecimal representation of a character, such as’after the after encoding is%2 7, This is everyone knows the URL encoding rules, UrlUnescapeInPlace like the API function even programmers write their own URL decoding function that are based...

Microsoft Internet Explorer UTF-8解码堆溢出漏洞（MS06-021）

Microsoft Internet Explorer是微软发布的非常流行的WEB浏览器。 IE在将UTF-8字符翻译为Unicode时错误地计算了内存的大小，堆分配和内存拷贝直接的大小偏差可能导致堆破坏。攻击者可以创建特制的WEB页面，如果用户受骗访问了该页面的话就会导致执行任意代码。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 5.0 SP4 临时解决方法： 如果正在使用Outlook 2002或之后版本，或Outlook Express...

DEBIAN-CVE-2006-4337

Buffer overflow in the maketable function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive...

multiple vulnerabilities in lha

Buffer overflow in the maketable function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive...

DSA-1168-1 imagemagick

Bulletin has no description...

Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

Heap-based buffer overflow in the JPEG decoder in the TIFF library libtiff before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size TiffScanLineSize...

Avoid UTF8/tolower

UTF8 Safe, tolower Safe Encoder This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework NOTE: Read this if you plan on using this encoder: This encoder has some limitations that must be considered. First, this encoder cannot ...

Reverse thinking about the Google search URL and decryption-bug warning-the black bar safety net

Google each of the search sequences linked by a plurality of instruction parts, these instructions carry out their duties, constitute the full search results of“filter”. If we mastered the whole Google search URL in the configuration mode, it is possible to very easily feel free to create we need...

security flaw

The snmptrapdecode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service crash via unspecified remote attack vectors that cause failures in snmptrapdecode that trigger 1 frees of random memory or 2 frees of previously-freed memory...

CVE-2006-3392

CVE-2006-3392 affects Webmin (pre-1.290) and Usermin (pre-1.220). The issue arises when the server’s miniserv.pl sanitization path uses the simplify_path function before HTML decoding, allowing a remote attacker to read arbitrary files via specially crafted URLs (eg, using ..%01 sequences that b...

libgd /libwmf graphics library infinite loop

Infinite loop in GIF data LZW decoding...

Mandrake Linux Security Advisory : tetex (MDKSA-2006:113)

Integer overflows were reported in the GD Graphics Library libgd 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow ...

[Full-disclosure] [ MDKSA-2006:113 ] - Updated tetex packages fix embedded GD vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:113 http://www.mandriva.com/security/ Package : tetex Date : June 27, 2006 Affected: 10.2, 2006.0 Problem Description: Integer overflows were reported in the GD Graphics Library libgd 2.0.28, and possibly...

CVE-2006-2382

Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability."...