Novell eDirectory MS-DOS Device Name Denial of Service (CVE-2005-1729)

Novell eDirectory is a Lightweight Directory Access Protocol LDAP server intended for use as a part of an identity management solution. The product is made available for multiple platforms including NetWare, Unix-like systems, and Windows. The product includes a web server component that is used...

Update Protection against Novell eDirectory dhost Buffer Overflow

A remote code execution vulnerability has been reported in Novell eDirectory. Novell eDirectory is a Lightweight Directory Access Protocol LDAP server, intended for use as a part of an identity management solution.The vulnerability is due to a buffer overflow error in the dhost service when...

Microsoft SharePoint <= 12.0.0.6219 Team Services Information Disclosure Vulnerability (KB976829)

Microsoft SharePoint Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MCshoutbox Multiple <= 1.1 Multiple Vulnerabilities - Active Check

MCshoutbox is prone to multiple SQL injection SQLi and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Boxalino 09.05.25-0421 Directory Traversal

Exploit for unknown platform in category web applications ========================================== Boxalino 09.05.25-0421 Directory Traversal ========================================== Product: Boxalino Vendor: Boxalino AG www.boxalino.com CVD ID: CVE-2009-1479 Subject: Directory Traversal...

[CVE-2009-1479] Boxalino - Directory Traversal Vulnerability

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Boxalino Vendor: Boxalino AG www.boxalino.com CVD ID: CVE-2009-1479 Subject: Directory Traversal Vulnerabilities Risk: High Effect: Remotely exploitable Author: Axel Neumann [email protected] Date: 2009-10-20...

boxalino 09.05.25-0421 - Directory Traversal

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Boxalino Vendor: Boxalino AG www.boxalino.com CVD ID: CVE-2009-1479 Subject: Directory Traversal Vulnerabilities Risk: High Effect: Remotely exploitable Author: Axel Neumann Date: 2009-10-20 Introduction ----------...

Novell eDirectory Management Console Accept-Language Buffer Overflow (CVE-2009-0192)

Novell eDirectory is an X.500 and LDAP compatible directory service software product. It is developed by Novell, Inc. for centrally managing access to resources on multiple servers and computers within a given network. The product is made available for multiple platforms including NetWare,...

CVE-2009-2699

The vulnerability CVE-2009-2699 affects the Solaris pollset feature in the Event Port backend (poll/unix/port.c) of the Apache Portable Runtime (APR) library prior to 1.3.9, as used by Apache HTTP Server prior to 2.2.14 and other products. The issue arises from improper error handling in the Sola...

EZRecipeZee CMS 91 - Remote File Inclusion

EZRecipeZee CMS 91 - Remote File Inclusion !/usr/bin/perl + Author : kaMtiEz [email protected] + Date : September 30, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.jdtmmsm.com/ + Download : http://www.jdtmmsm.com/downloads/index.php?setFilter=11232 + version : v91 + Meth...

openSUSE 10 Security Update : ruby (ruby-6339)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

TWiki rev Parameter Shell Command Injection (CVE-2005-2877)

TWiki is a flexible enterprise collaboration platform developed in Perl. The software is a set of CGI programs that are loaded and executed by an HTTP server. TWiki is a structured, community developed documentation framework. It typically runs as a document management system, or a knowledge base...

Information disclosure

Cisco ACE XML Gateway AXG and ACE Web Application Firewall WAF before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by 1 an OPTIONS request or 2 a crafted GET request, leading to a Message-handling Errors message containing a...

CVE-2009-2865

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

Buffer overflow

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

CVE-2009-2865

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

Cisco ACE XML Gateway information leakage

Internal address of server is leaked on some HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

CVE-2009-2629 affects the nginx HTTP server, originating from a buffer underflow in ngx_http_parse.c used when processing request URIs. Public sources in the provided documents specify that versions 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 are vulner...