Lucene search
K

1853 matches found

Cent OS
Cent OS
added 2007/05/17 4:28 p.m.57 views

vixie security update

CentOS Errata and Security Advisory CESA-2007:0345 Updated vixie-cron packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron...

2.1CVSS5.7AI score0.00383EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2007/05/17 2:25 p.m.22 views

Moderate: Red Hat Security Advisory: vixie-cron security update

Updated vixie-cron packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified...

2.1CVSS5.7AI score0.00383EPSS
Exploits0References3
NVD
NVD
added 2007/04/30 11:19 p.m.19 views

CVE-2007-2370

SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings...

7.5CVSS8.3AI score0.02879EPSS
Exploits0References2
Cvelist
Cvelist
added 2007/04/30 11:0 p.m.21 views

CVE-2007-2370

SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings...

8.3AI score0.02879EPSS
Exploits0References2
CVE
CVE
added 2007/04/30 11:0 p.m.46 views

CVE-2007-2370

CVE-2007-2370 : Concrete details across connected documents show a SQL injection in the XOOPS Jobs module (John Mordo Jobs) for XOOPS, affecting version 2.4 and earlier. The vulnerability resides in index.php (modules/jobs/index.php) where user input in the cid parameter of a jobsview action is n...

7.5CVSS8.3AI score0.02879EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2007/04/17 12:0 a.m.29 views

Gentoo Linux Vixie cron denial of service

Weak file permissions allows to prevent cron jobs from running via hard links...

2.1CVSS2.1AI score0.00383EPSS
Exploits0References1Affected Software1
Oracle linux
Oracle linux
added 2007/04/16 12:0 a.m.43 views

Moderate: cups security update

1.1.22-0.rc1.9.18 - REVERTED these changes: - Applied patch from STR 1301 bug 195354. - Patch pdftops to understand 'includeifexists', and use that in the pdftops.conf file bug 188583. - Clear the printer's statemessage and statereasons after successful job completion bug 187457. - Include...

5CVSS9.1AI score0.05321EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/04/06 12:0 a.m.23 views

XOOPS Jobs Module index.php cid Parameter SQL Injection

The remote host is running the Jobs module, a third-party module for XOOPS. The version of this module installed on the remote host fails to properly sanitize user-supplied input to the 'cid' parameter of the 'modules/jobs/index.php' script before using it to build a database query. Regardless of...

7.5CVSS5.6AI score0.02879EPSS
Exploits0References1
seebug.org
seebug.org
added 2007/04/05 12:0 a.m.29 views

XOOPS Module Jobs <= 2.4 (cid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: XOOPS Module Jobs = 2.4 cid Remote BLIND SQL Injection Exploit Coded by : ajann Author : ajann Contact : : Dork : "inurl:/modules/jobs/" S.Page : http://www.jlmzone.com/ $$ : Free .. : ajann,Turkey use IO::Socket; if@ARGV 1 print "...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/04/05 12:0 a.m.26 views

XOOPS Module Jobs 2.4 - cid SQL Injection

XOOPS Module Jobs 2.4 - cid SQL Injection !/usr/bin/perl Script Name: XOOPS Module Jobs : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2006/11/08 12:0 a.m.30 views

Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation

Xcode OpenBase 10.0.0 OSX - Symlink Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $ret = pack"l", $retval; $a,$...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.21 views

Ubuntu 5.04 / 5.10 : gdm vulnerabilitiy (USN-278-1)

Marcus Meissner discovered a race condition in gdm's handling of the /.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts like cron jobs, the attacker could eventually...

3.7CVSS5.8AI score0.00272EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/03/16 12:0 a.m.37 views

RHEL 3 : vixie-cron (RHSA-2006:0117)

An updated vixie-cron package that fixes a bug and security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified program...

2.1CVSS5.4AI score0.00539EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2005/11/29 12:0 a.m.22 views

DRZES Hms 3.2 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/15644/info DRZES HMS is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before it is used in SQL queries. Successful exploitation could result in a compromise of the application...

7AI score
Exploits0
CVE
CVE
added 2005/06/28 4:0 a.m.52 views

CVE-2002-1834

CVE-2002-1834 concerns the default configuration of Xerox DocuTech 6110 and 6115, where the web server allows remote attackers to (1) submit print jobs directly into the “print now” queue or (2) read the scanner job history. The connected sources repeat this description but do not provide additio...

6.4CVSS7.1AI score0.01351EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2005/02/14 12:0 a.m.38 views

GLSA-200501-30 : CUPS: Stack overflow in included Xpdf code

The remote host is affected by the vulnerability described in GLSA-200501-30 CUPS: Stack overflow in included Xpdf code The Decrypt::makeFileKey2 function in Xpdf's Decrypt.cc insufficiently checks boundaries when processing /Encrypt /Length tags in PDF files GLSA 200501-28. Impact : This issue...

7.5CVSS5.9AI score0.07217EPSS
Exploits1References3
Gentoo Linux
Gentoo Linux
added 2005/01/22 12:0 a.m.34 views

CUPS: Stack overflow in included Xpdf code

Background The Common UNIX Printing System CUPS is a cross-platform print spooler. It makes use of Xpdf code to handle PDF files. Description The Decrypt::makeFileKey2 function in Xpdf's Decrypt.cc insufficiently checks boundaries when processing /Encrypt /Length tags in PDF files GLSA 200501-28...

7.5CVSS7.2AI score0.07217EPSS
Exploits1
OSV
OSV
added 2004/12/31 5:0 a.m.3 views

DEBIAN-CVE-2004-2687

distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks...

9.3CVSS7.8AI score0.80978EPSS
Exploits9References1
RedHat Linux
RedHat Linux
added 2003/06/17 7:47 p.m.20 views

Important: Red Hat Security Advisory: ghostscript security update

A ghostscript package fixing a command execution vulnerability is now available. GNU Ghostscript is an interpreter for the PostScript language, and is often used when printing to printers that do not have their own built-in PostScript interpreter. A flaw has been discovered in the way Ghostscript...

7.5CVSS6AI score0.0187EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.28 views

CVE-2002-0542

mail in OpenBSD 2.9 and 3.0 processes a tilde escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron...

6.6AI score0.01532EPSS
Exploits1References6
Rows per page
Query Builder