6956 matches found
Serious vulnerability in glibc
PROBLEM DESCRIPTION A vulnerability exists in glibc versions up to version 2.1.3, ie. all released versions, allowing local users to get root access. Fix packages for most major Linux distributions have been released or will be released within a day or two. There's also a quick workaround describ...
PHP-Nuke 1.0/2.5 - Administrative Privileges
source: https://www.securityfocus.com/bid/1592/info PHP-Nuke is a website creation/maintainence tool written in PHP3. It is possible to elevate priviliges in this system from normal user to administrator due to a flaw in authentication code. The problem occurs here: $aid = variable holding author...
Дыры в FileMaker Pro
Различные дырки позволяют непривилегированному пользователю получить доступ к внутренней ифнормации сервера, а так же несанкционированно использовать его почтовые возможности...
CVE-2000-0271
In CVE-2000-0271, Emacs 20’s read-passwd and related Lisp functions do not properly clear the history of recently typed keys. This can allow an attacker to read unencrypted passwords stored in the command history. The issue is rooted in the Lisp password/history handling within Emacs 20. The prov...
RSA Security RSAREF 2.0 - Local Buffer Overflow
RSA Security RSAREF 2.0 - Local Buffer Overflow source: https://www.securityfocus.com/bid/843/info A buffer overflow vulnerability exists in the RSAREF cryptographic library which may possibly make any software using the library vulnerable. The vulnerability exists in four functions in the rsa.c...
CVE-1999-0834
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library...
BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Remote Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/614/info There is a remotely exploitable buffer overflow condition in the amd daemon under several operating systems. Amd is a daemon that automatically mounts filesystems whenever a file or directory within that filesystem is accessed. Filesystems are...
BSDOS 3.14.0.1 FreeBSD 3.03.13.2 RedHat Linux 6.0 - amd Remote Buffer Overflow (2)
BSDOS 3.14.0.1 FreeBSD 3.03.13.2 RedHat Linux 6.0 - amd Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/614/info There is a remotely exploitable buffer overflow condition in the amd daemon under several operating systems. Amd is a daemon that automatically mounts filesystems...
ms-excel-macros-dll.txt
Microsoft Excel macros can execute DLL functions. Microsoft Excel - a spreadsheet program created by Microsoft - is vulnerable to an exploit that allows the execution DLL functions without user intervention or knowledge. Microsoft Excel has a function named "CALL" which can be embedded in...
fts.find.du.bsd.txt
Date: Wed, 12 May 1999 14:32:42 +0400 From: Stas Kisel To: [email protected] Subject: fts, du, find Hi. I use FreeBSD-2.2.8 and FreeBSD-2.2.7 and I know that these versions are no longer supported, but: 1. There are many people still using 2.2 2. This bug probably applies to FreeBSD-3.1 and ev...
iishack.asm
; IIS 4.0 remote overflow exploit. ; c dark spyrit -- [email protected] ; ; greets & thanks to: neophyte/sacx/tree/everyone in mulysa and ; beavuh... and all the other kiwi's except ceo. ; ; credits to acp for the console stuff.. ; ; I don't want to go in too deeply on the process of exploiting buff...
Microsoft Windows NT 4.0SP 1SP 2SP 3SP 4SP 5 - Null Session Admin Name
Microsoft Windows NT 4.0SP 1SP 2SP 3SP 4SP 5 - Null Session Admin Name source: https://www.securityfocus.com/bid/494/info By establishing a Null session with an NT host, an intruder can gain the name of even a renamed Administrator account. This is because even Null sessions are added to the...
CVE-2021-23941
...
SQL Server LIMIT / OFFSET SQL Injection
Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. Patches This problem has been patched on Laravel...
Detectoid for Microsoft Office Communications Server 2007 R2
Detectoid for Microsoft Office Communications Server 2007 R2...
Security Update for SQL Server 2016 Service Pack 1 GDR (KB4505219)
A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account. To exploit the...