330 matches found
samba security update
CentOS Errata and Security Advisory CESA-2007:0354-01 Updated samba packages that fix several security flaws are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIFS clients...
dotnet-bypass.txt
FYI, The following are the technical details for the Microsoft .NET request filtering bypass vulnerability BID 20753: ProCheckUp Security Bulletin This advisory has been published following consultation with UK CPNI formally known as NISCC Title: Microsoft ASP.NET request filtering can be bypasse...
FreeBSD : coppermine -- File Inclusion Vulnerabilities (77cceaef-e9a4-11da-b9f4-00123ffe8333)
Secunia reports : Coppermine Photo Gallery have a vulnerability, which can be exploited by malicious people and by malicious users to compromise a vulnerable system. 1 Input passed to the 'lang' parameter in include/init.inc.php isn't properly verified, before it is used to include files. This ca...
Cross site scripting
Cross-site scripting XSS vulnerability in Interact 2.1.1 allows remote attackers to inject arbitrary web script or HTML via 1 the searchterms parameter to a search.php, and 2 the firstname, 3 lastname, 4 email, 5 password, and 6 confirmpassword parameters to b userinput.php. NOTE: the provenance ...
[SA18926] Quirex convert.cgi File Disclosure Vulnerability
TITLE: Quirex convert.cgi File Disclosure Vulnerability SECUNIA ADVISORY ID: SA18926 VERIFY ADVISORY: http://secunia.com/advisories/18926/ CRITICAL: Moderately critical IMPACT: Exposure of system information, Exposure of sensitive information WHERE: From remote SOFTWARE: Quirex 2.x...
Kayako SupportSuite v3.00.x Full path Disclosure .
Kayako SupportSuite v3.00.x Full path Disclosure . Vuln. dicovered by : r0t Date: 25 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/kayako-supportsuite-v300x-full-path.html Vendor:kayako.com affected vesion:v3.00.12 and prior Vuln. Description: Due invalid input parameters or not...
CVE-2005-2686
Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the 1 SITEPath parameter to menudx.php or 2 CONTENTSDir parameter to menusx.php...
CVE-2005-0266
Cross-site scripting XSS vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the 1 returnmodule, 2 returnaction, 3 name, 4 module, or 5 record parameter...
CVE-2001-0937
PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 recipient or 2 pgpuserid parameters...
Buffer overflows in Microsoft SQL Server 7.0 and SQL Server 2000
Overview There is a buffer overflow in Microsoft SQL Server 2000 and SQL Server 7.0 which could allow an intruder to execute arbitrary code on vulnerable systems. Description Microsoft Windows SQL Server 2000 and SQL Server 7.0 contain a buffer overflow in functions associated with text messages...