pmachineExec.txt

This is a multi-part message in MIME format. ------=NextPart000000001C516AC.9C269F50 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit pMachine Pro / pMachine Free Remote Code Execution vendor website: http://www.pmachine.com I. BACKGROUND PMachine is one of the most...

postnuke.postwrap.txt

".,-'^'-,..,-'^'-,..,-'^'-,..,-'^'-,..,-'^'-,..,-'^'-,.." ".,--,. -.,--,." ".,--,. ALBANIA SECURITY CLAN -.,--,." ".,--,. -.,--,." ".,--,. ...::www.albanianhaxorz.org::... -.,--,." ".,--,.- -.,--,." ".,--,.- PROUD TO BE ALBANIAN -.,--,." ".,--,. -.,--,." ".,--,. Copyright c 2005 ASC...

CVE-2005-0462

Cross-site scripting XSS vulnerability in MercuryBoard 1.0.x and 1.1.x allows remote attackers to inject arbitrary HTML and web script via the f parameter...

BibORB 1.3.2 Login Module - Multiple SQL Injections

source: https://www.securityfocus.com/bid/12583/info BibORB is reported prone to multiple vulnerabilities arising from insufficient sanitization of user-supplied input. These issues can be exploited by a remote attacker to carry out cross-site scripting, HTML injection, SQL injection, directory...

CVE-2005-0269

The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters...

CVE-2004-0940

Buffer overflow in the gettag function in modinclude for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI XSSI documents that trigger a length calculation error...

RHEL 2.1 / 3 : ethereal (RHSA-2005:011)

Updated Ethereal packages that fix various security vulnerabilities are now available. Ethereal is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigge...

MSN Messenger Service Popup Messages (CAN-1999-0630)

...

CVE-2005-0034

An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service named server exit via crafted DNS packets that cause an internal consistency test self-check to fail...

Microsoft Windows NetDDE buffer overflow

No description provided...

Darwin Kernel Vulnerability

"moderator: resending this mail since it appears to of got dropped, if not, please ignore this message. ,'| .-''-.....--'; / '. ..-' , ,--...--''' .--''' /' -';' ; ; ; ...--'' ...--..' .;.' fL ,....----''' ,..--'' felinemenace.org Program: Darwin Kernel 7.1 Impact: DoS, Possible local privilege...

konversation irc client 0.15 - Multiple Vulnerabilities

konversation irc client 0.15 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/12312/info Konversation is a freely available IRC client for KDE windows environments on Linux platforms. Multiple remote vulnerabilities affect the Konversation IRC client. These issues are due to...

H2005-01.txt

Hyperdose Security Advisory Name: Cross Site Scripting holes found in Horde 3.0 Systems Affected: Horde 3.0 installations Severity: Moderate Author: Robert Fly - [email protected] Advisory URL: http://www.hyperdose.com/advisories/H2005-01.txt --Horde Description-- The Horde Application Framewo...

RHEL 3 : cups (RHSA-2005:013)

Updated CUPS packages that fix several security issues are now available. The Common UNIX Printing System provides a portable printing layer for UNIXR operating systems. A buffer overflow was found in the CUPS pdftops filter, which uses code from the Xpdf package. An attacker who has the ability ...

AIX 5.1/5.2/5.3 local root exploits

hi, i found some local security holes in IBM's AIX versions 5.1, 5.2 and 5.3 unix for IBM RS/6000 powerpc. 1 the first is a bug in all setuid diag related tools that use an environment variable as a prefix to an external binary executed as root. 2 the second is a classical stack overflow in a too...

WordPress 1.2.11.2.2 - moderation.php?item_approved Cross-Site Scripting

WordPress 1.2.11.2.2 - moderation.php?itemapproved Cross-Site Scripting source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization ...

WordPress Core 1.2.1/1.2.2 - '/wp-admin/templates.php?file' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site scripting and HTML injection issue...

WordPress Core 1.2.1/1.2.2 - 'link-add.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site scripting and HTML injection issue...

Kreed <= 1.05 Format String and Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================= Kreed include include include / Read/Write bits to buffer 0.1.1 by Luigi Auriemma e-mail: email protected web: http://aluigi.altervista.org max 32 bits numbers supported from 0 to...

Cyrus IMAP Server: Multiple remote vulnerabilities

Background The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server. Description Multiple vulnerabilities have been discovered in the argument parsers of the 'partial' and 'fetch' commands of the Cyrus IMAP Server CAN-2004-1012, CAN-2004-1013. There are also buffer overflows in t...