6679 matches found
Nessus symbolic links problem
adduser temporayr files symlink problem...
CGI bugs
No description provided...
Verylost LostBook 1.1 - Message Entry HTML Injection
source: https://www.securityfocus.com/bid/10825/info Reportedly Verylost lostBook is affected by an HTML injection vulnerability in its message entry functionality. This issue is due to a failure of the application to properly validate and sanitize user-supplied input before including it in...
Fedora Core 1 : krb5-1.3.3-6 (2004-149)
Bugs have been fixed in the krb5anametolocalname library function. Specifically, buffer overflows were possible for all Kerberos versions up to and including 1.3.3. The krb5anametolocalname function translates a Kerberos principal name to a local account name, typically a UNIX username. This...
Solaris 8 (x86) : 110336-03
CDE 1.4x86: dtprintinfo patch. Date this patch was last updated by Sun : Dec/03/03 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CGI bugs
No description provided...
CVE-2004-0583
The account lockout functionality in 1 Webmin 1.140 and 2 Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords...
Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass
Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass source: https://www.securityfocus.com/bid/10540/info A vulnerability is reported to affect the Sygate Personal Firewall fail-closed functionality. It is reported that the kernel-space NDIS driver does not verify the origin of messages tha...
Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass
source: https://www.securityfocus.com/bid/10540/info A vulnerability is reported to affect the Sygate Personal Firewall fail-closed functionality. It is reported that the kernel-space NDIS driver does not verify the origin of messages that are received through the associated device. As a result o...
Belchior Foundry VCard 2.8 - Authentication Bypass
Belchior Foundry VCard 2.8 - Authentication Bypass source: https://www.securityfocus.com/bid/9910/info It has been reported that vCard is prone to a remote authentication bypass vulnerability. This issue is due to a design error that would allow a malicious user access to certain admin...
Nortel Wireless LAN Access Point 2200 Series - Denial of Service
// source: https://www.securityfocus.com/bid/9787/info Nortel Wireless LAN Access Point 2200 series appliances have been reported to be prone to a remote denial of service vulnerability. The issue is reported to present itself when a large network request is handled by one of the Wireless LAN...
CVE-2003-1302
The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a 1 To or 2 From header with an address that contains a large number of "" backslash characters...
CVE-2003-0813
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service crash or reboot by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a...
PeopleSoft <Control><J> Information Disclosure
Vendor: PeopleSoft Solution ID: 200749177 Product: People Tools Version: 8.42, Others? Platform: Solaris 8, BEA WebLogic, Others? Remote/Local: Remote, Authenticated Title: Information Gathering Impact: Disclosure of potentially sensitive information Description: ControlJ is a hot key that is use...
SuSE symbolic link problems
Symbolic link problems in /sbin/conf.d/SuSEconfig.susewm, /sbin/conf.d/SuSEconfig.javarunt...
Microsoft Internet Explorer showHelp crossite scripting
Subsequent calls to showHelp cause content to be displayed in the same security zone...
Knoppix symbolic links problem
No description provided...
DSA-310 xaos - improper setuid-root execution
Bulletin has no description...
(RHSA-2003:177) Updated up2date and rhn_register clients available
The rhnregister and up2date packages contain the software necessary to take advantage of Red Hat Network functionality. The up2date package incorporates improvements in handling package dependencies and "obsoletes" processing, along with many other bug fixes. This release also includes an updated...
OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
Exploit for linux platform in category remote exploits ==================================================== OpenSSH/PAM " exit 1 Verify the arguments. $ != 2 && usage Variables. USER="$1" HOST="$2" =-=-=-=-=-=-=-=-=-=-=-=-= Expect script functions =-=-=-=-=-=-=-...