HP OpenView NNM nnmRptConfig.exe schd_select1 Remote Code Execution (CVE-2011-0269)

The Network Node Manager NNM is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. A buffer overflow vulnerability has been reported in the HP OpenView...

Xerox WorkCentre Command Injection (XRX11-001)

According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly allows an unauthenticated attacker to execute arbitrary code via specially crafted HTTP requests. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid51901;...

Fedora Update for perl-CGI FEDORA-2011-0654

Check for the Version of perl-CGI OpenVAS Vulnerability Test Fedora Update for perl-CGI FEDORA-2011-0654 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for perl-CGI FEDORA-2011-0640

Check for the Version of perl-CGI OpenVAS Vulnerability Test Fedora Update for perl-CGI FEDORA-2011-0640 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 13 Update: perl-CGI-3.51-1.fc13

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

CVE-2010-4690

The Mobile User Security MUS service on Cisco Adaptive Security Appliances ASA 5500 series devices with software before 8.32 does not properly authenticate HTTP requests from a Web Security appliance WSA, which might allow remote attackers to obtain sensitive information via a HEAD request, aka B...

CVE-2010-4690

The Mobile User Security MUS service on Cisco Adaptive Security Appliances ASA 5500 series devices with software before 8.32 does not properly authenticate HTTP requests from a Web Security appliance WSA, which might allow remote attackers to obtain sensitive information via a HEAD request, aka B...

Mongoose Web Server 'Content-Length' HTTP Header Remote DoS Vulnerability

Mongoose Web Server is prone to a remote denial of service DoS vulnerability because it fails to handle specially crafted input. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Elcom CommunityManager.NET Auth Bypass Vulnerability - Security Advisory - SOS-10-004

Elcom CommunityManager.NET Auth Bypass Vulnerability - Security Advisory - SOS-10-004 Release Date. 20-Dec-2010 Last Update. - Vendor Notification Date. 22-Jan-2010 Product. Elcom Technology's CommunityManager.NET Platform. IIS with ASP.NET Affected versions. v6.7 verified and possibly others...

Microsoft Windows ASP.NET Denial of Service Vulnerability (970957)

This host is missing a critical security update according to Microsoft Bulletin MS09-036. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 6657)

The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's modssl was vulnerable to this kind of...

Basic Web Server 1.0 Denial Of Service

------------------------------------------------------------------------ Software................Basic Web Server 1.0 Vulnerability...........Denial Of Service Download................http://www.bit4free.com/ Release Date............9/16/2010 Tested On...............Windows XP...

Important: Red Hat Security Advisory: tomcat5 security update

Updated tomcat5 packages that fix three security issues are now available for Red Hat Certificate System 7.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

Novell eDirectory dhost Buffer Overflow

Novell eDirectory is a Lightweight Directory Access Protocol LDAP server, intended for use as a part of an identity management solution. The product is made available for multiple platforms including NetWare, Unix-like systems, and Windows. A remote code execution vulnerability has been reported ...

Researchers Cripple Pushdo Botnet

Researchers have made a huge dent in a major variant of the Pushdo botnet, virtually crippling the network by working with hosting providers to take down about two thirds of the command-and-control servers involved in the botnet. Pushdo for years has been one of the major producers of spam and...

CVE-2010-2076

Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send...

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

Adobe ColdFusion 'locale' Parameter Directory Traversal

The version of Adobe ColdFusion running on the remote host is affected by a directory traversal vulnerability in the administrative web interface. Input to the 'locale' parameter of multiple pages is not properly sanitized. A remote, unauthenticated attacker can exploit this by sending specially...