Boa 0.93.15 - HTTP Basic Authentication Bypass

Boa 0.93.15 - HTTP Basic Authentication Bypass / Boa HTTP Basic Authentication Bypass Vuln: Boa/0.93.15 with Intersil Extensions Original Advisory: http://www.securityfocus.com/archive/1/479434 http://www.ikkisoft.com/stuff/SN-2007-02.txt Luca "ikki" Carettoni http://www.ikkisoft.com / ----...

Boa 0.93.15 HTTP Basic Authentication Bypass Exploit

Exploit for linux platform in category remote exploits ==================================================== Boa 0.93.15 HTTP Basic Authentication Bypass Exploit ==================================================== / Boa HTTP Basic Authentication Bypass Vuln: Boa/0.93.15 with Intersil Extensions...

Boa 0.93.15 - HTTP Basic Authentication Bypass

/ Boa HTTP Basic Authentication Bypass Vuln: Boa/0.93.15 with Intersil Extensions Original Advisory: http://www.securityfocus.com/archive/1/479434 http://www.ikkisoft.com/stuff/SN-2007-02.txt Luca "ikki" Carettoni http://www.ikkisoft.com / ---- !/usr/bin/env python import urllib2 SERVERIPADDRESS ...

Code injection

Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service multiple application hang via unspecified vectors...

CVE-2007-5368

Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service multiple application hang via unspecified vectors...

CVE-2007-5368

Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service multiple application hang via unspecified vectors...

CVE-2007-5368

CVE-2007-5368 affects Sun Solaris 10 with Trusted Extensions labeld, causing local denial of service (multiple application hangs). Concrete details in connected documents show affected architectures and patches: Solaris 10 x86 (patch 126449-05) and Solaris 10 SPARC (patch 126448-05). No explicit ...

Solaris 10 (sparc) : 126448-05

SunOS 5.10: Trusted Extensions labeld, chk. Date this patch was last updated by Sun : Nov/16/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

CVE-2004-2700

Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx...

Boa (with Intersil Extensions) - HTTP Basic Authentication Bypass

Secure Network - Security Research Advisory Vuln name: HTTP Basic Authentication Bypass Systems affected: Boa/0.93.15 with Intersil Extensions based systems i.e. FreeLan 802.11g Wireless Access Point RO80211G-AP Severity: High Local/Remote: Remote Vendor URL: http://www.boa.org -...

DEBIAN-CVE-2007-4894

Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user MU before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the posttype parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and other unspecified parameters...

Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass

Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass source: https://www.securityfocus.com/bid/25676/info Boa is prone to an authentication-bypass vulnerability because the application fails to ensure that passwords are not overwritten by specially crafted HTTP Requests. An attack...

CIFS should honor umask

The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges...

Denial of service

OpenOffice.org OOo 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service...

CVE-2007-4251

OpenOffice.org OOo 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service...

CVE-2007-4251

OpenOffice.org OOo 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service...

Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:152)

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.6 for older products. %NASLMINLEVEL 70300 C Tenable Network Security,...

CVE-2007-4057

Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with 1 .php.gif, 2 .php.jpg, or 3 .php.png...

CVE-2007-4026

epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information...

Design/Logic Flaw

MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information script source code via a modified extension, as demonstrated by post.mscgI...