4509 matches found
[SA12692] MediaWiki "raw" Page Output Mode Cross-Site Scripting Vulnerability
TITLE: MediaWiki "raw" Page Output Mode Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA12692 VERIFY ADVISORY: http://secunia.com/advisories/12692/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: MediaWiki 1.x http://secunia.com/product/2546/ DESCRIPTIO...
[SA12609] YaBB Input Validation Vulnerabilities
TITLE: YaBB Input Validation Vulnerabilities SECUNIA ADVISORY ID: SA12609 VERIFY ADVISORY: http://secunia.com/advisories/12609/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: YaBB 1.x http://secunia.com/product/541/ DESCRIPTION: Two...
Apache 2, mod_dav: Multiple vulnerabilities
Background The Apache HTTP server is one of most popular web servers on the internet. modssl provides SSL v2/v3 and TLS v1 support for it and moddav is the Apache module for Distributed Authoring and Versioning DAV. Description A potential infinite loop has been found in the input filter of modss...
gnu-radius -- SNMP-related denial-of-service
An iDEFENSE security advisory reports: Remote exploitation of an input validation error in version 1.2 of GNU radiusd could allow a denial of service. The vulnerability specifically exists within the asndecodestring function defined in snmplib/asn1.c. When a very large unsigned number is supplied...
[Full-Disclosure] iDEFENSE Security Advisory 09.13.04a: Samba nmbd Invalid Length Denial of Service Vulnerability
Samba nmbd Invalid Length Denial of Service Vulnerability iDEFENSE Security Advisory 09.13.04a www.idefense.com/application/poi/display?id=138&type=vulnerabilities September 13, 2004 I. BACKGROUND Samba is a software suite that provides file and print services to SMB/CIFS clients, such as Microso...
[SA12511] Twin FTP Server Directory Traversal Vulnerability
TITLE: Twin FTP Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA12511 VERIFY ADVISORY: http://secunia.com/advisories/12511/ CRITICAL: Highly critical IMPACT: Manipulation of data, Exposure of system information, Exposure of sensitive information WHERE: From remote SOFTWARE: Twin F...
[Full-Disclosure] iDEFENSE Security Advisory 09.09.04: F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability
F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability iDEFENSE Security Advisory 09.09.04 www.idefense.com/application/poi/display?id=137&type=vulnerabilities September 9, 2004 I. BACKGROUND F-Secure Internet Gatekeeper is an antivirus and content filtering solution...
CVE-2002-1141
The CVE-2002-1141 issue is a vulnerability in the Sun Microsystems RPC library Services for Unix 3.0 Interix SD, executed on Windows NT4/2000/XP. It stems from an input validation error that can be exploited by malformed fragmented RPC client packets, enabling a remote denial of service. The docu...
FreeBSD Ports : rsync < 2.6.2_2
The remote host has an old version of rsync installed. There is a flaw in this version of rsync which, due to an input validation error, would allow a remote attacker to gain access to the remote system. An attacker, exploiting this flaw, would need network access to the TCP port. Successful...
Important: Red Hat Security Advisory: acroread security update
An updated Adobe Acrobat Reader package that fixes multiple security issues is now available. The Adobe Acrobat Reader browser allows for the viewing, distributing, and printing of documents in portable document format PDF. iDEFENSE has reported that Adobe Acrobat Reader 5.0 contains a buffer...
RHEL 3 : acroread (RHSA-2004:432)
An updated Adobe Acrobat Reader package that fixes multiple security issues is now available. The Adobe Acrobat Reader browser allows for the viewing, distributing, and printing of documents in portable document format PDF. iDEFENSE has reported that Adobe Acrobat Reader 5.0 contains a buffer...
[Full-Disclosure] iDEFENSE Security Advisory 08.12.04a: Adobe Acrobat Reader (Unix) Shell Metacharacter Code Execution Vulnerability
Adobe Acrobat Reader Unix Shell Metacharacter Code Execution Vulnerability iDEFENSE Security Advisory 08.12.04a www.idefense.com/application/poi/display?id=124&type=vulnerabilities August 12, 2004 I. BACKGROUND Adobe Acrobat Reader is a program for viewing Portable Document Format PDF documents...
FreeBSD : acroread uudecoder input validation error (78348ea2-ec91-11d8-b913-000c41e2cdad)
An iDEFENSE security advisory reports : Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader Unix 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded...
acroread uudecoder input validation error
An iDEFENSE security advisory reports: Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader Unix 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded...
CORE-2004-0714: Cfengine RSA Authentication Heap Corruption
Core Security Technologies Advisory http://www.coresecurity.com Cfengine RSA Authentication Heap Corruption Date Published: 2004-08-09 Last Update: 2004-08-09 Advisory ID: CORE-2004-0714 Bugtraq ID: None currently assigned. CVE Name: None currently assigned. Title: Cfengine RSA Authentication Hea...
RHEL 2.1 : openssh (RHSA-2002:131)
Updated openssh packages are now available for Red Hat Linux Advanced Server. These updates fix an input validation error in OpenSSH. OpenSSH provides an implementation of the SSH secure shell protocol used for logging into and executing commands on remote machines. Versions of the OpenSSH server...
FreeBSD-SA-04:13.linux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:13.linux Security Advisory The FreeBSD Project Topic: Linux binary compatibility mode input validation error Category: core Module: kernel Announced: 2004-06-3...
Linux binary compatibility mode input validation error
A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation. It may be possible for a local attacker to read and/or overwrite portions of kernel memory, resulting in disclosure of sensitive information or potential privile...
Multiple Vulnerabilities in Invision Power Board v1.3.1 Final.
Description: Multiple Vulnerabilities in Invision Power Board v1.3.1 Final. Compromise: SQL Injection, Cross site Scripting. Vulnerable Systems: Invision Power Board v1.3.1 Final. Details: An Input Validation Error exists in ssi.php. $sqlfields is vulnerable to An Input Validation Error. How to...
Rit Research Labs TinyWeb 1.9.2 - Unauthorized Script Disclosure
source: https://www.securityfocus.com/bid/10445/info TinyWeb Server is affected by an unauthorized script disclosure vulnerability. This issue is due to an input validation error that allows malicious users to bypass standard web server rules. This issue will allow an attacker to download or view...