Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/9944/info It has been reported that Invision Gallery may be prone to multiple sql injection vulnerabilities, allowing an attacker to influence SQL query logic. The issues exist due to insufficient sanitization of user-supplied data via the 'img', 'cat',...

PWebServer 0.3.x - Directory Traversal

source: https://www.securityfocus.com/bid/9817/info It has been reported that PWebServer is prone to a remote directory traversal vulnerability. This issue is due to a failure of the server process to properly filter user supplied URI requests. Information acquired by exploiting this issue may be...

[SECURITY] [DSA 450-1] New Linux 2.4.19 packages fix several local root exploits (mips)

-------------------------------------------------------------------------- Debian Security Advisory DSA 450-1 [email protected] http://www.debian.org/security/ Martin Schulze February 27th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 450-1] New Linux 2.4.19 packages fix several local root exploits (mips)

-------------------------------------------------------------------------- Debian Security Advisory DSA 450-1 [email protected] http://www.debian.org/security/ Martin Schulze February 27th, 2004 http://www.debian.org/security/faq -...

DSA-450 linux-kernel-2.4.19-mips - several vulnerabilities

Bulletin has no description...

Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow

/================CRPT - FrenchTeam ================= Coromputer Security Advisory - CRPTSA-01 =================== Summary ===================== Software : GateKeeper Pro 4.7 Platforms : win32 Risk : High Impact : Buffer overflow Release Date : 2004-02-23 =================== Description...

smallftpd 1.0.3 Multiple DoS

The remote host seems to be running a version of Smallftpd that is 1.0.3 or earlier. Such versions are reportedly affected by denial of service and directory traversal vulnerabilities. This script was written by Audun Larsen Changes by Tenable: - Revised plugin title, changed family 2/03/2009 -...

Jigsaw < 2.2.4 Unspecified URI Parsing Unspecified Vulnerability

According to its banner, the remote version of Jigsaw web server has an unspecified vulnerability related to the way it parses URIs. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12071; scriptversion"1.16"; scriptcveid"CVE-2004-2274"; scriptbugtraqid9711;...

[SECURITY] [DSA 442-1] New Linux 2.4.17 packages fix local root exploits and more (s390)

-------------------------------------------------------------------------- Debian Security Advisory DSA 442-1 [email protected] http://www.debian.org/security/ Martin Schulze February 19th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 442-1] New Linux 2.4.17 packages fix local root exploits and more (s390)

-------------------------------------------------------------------------- Debian Security Advisory DSA 442-1 [email protected] http://www.debian.org/security/ Martin Schulze February 19th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 440-1] New Linux 2.4.17 packages fix several local root exploits (powerpc/apus)

-------------------------------------------------------------------------- Debian Security Advisory DSA 440-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 440-1] New Linux 2.4.17 packages fix several local root exploits (powerpc/apus)

-------------------------------------------------------------------------- Debian Security Advisory DSA 440-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 439-1] New Linux 2.4.16 packages fix several local root exploits (arm)

-------------------------------------------------------------------------- Debian Security Advisory DSA 439-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 439-1] New Linux 2.4.16 packages fix several local root exploits (arm)

-------------------------------------------------------------------------- Debian Security Advisory DSA 439-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2004 http://www.debian.org/security/faq -...

DSA-440 linux-kernel-2.4.17-powerpc-apus - several vulnerabilities

Bulletin has no description...

DSA-439 linux-kernel-2.4.16-arm - several vulnerabilities

Bulletin has no description...

Crob FTP Server Connection Saturation Remote DoS

According to its version number, the remote Crob FTP server has a denial of service vulnerability. Repeatedly connecting and disconnecting causes the service to crash. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12060; scriptversion "1.20";...

mnGoSearch buffer overflow in UdmDocToTextBuf()

Jedi/Sector One reported the following on the full-disclosure list: Every document is stored in multiple parts according to its sections description, body, etc in databases. And when the content has to be sent to the client, UdmDocToTextBuf concatenates those parts together and skips metadata...

Moderate: Red Hat Security Advisory: netpbm security update

Updated NetPBM packages are available that fix a number of temporary file vulnerabilities in the netpbm libraries. The netpbm package contains a library of functions that support programs for handling various graphics file formats, including .pbm portable bitmaps, .pgm portable graymaps, .pnm...

Cisco Personal Assistant User Password Bypass Vulnerability

...