Inso DynaWeb HTTPd 3.1/4.0.2/4.1 - Format String

// source: https://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely exploitable format-string...

security flaw

split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / slash in the Host: header...

SonicWALL SOHO3 6.3 - Content Blocking Script Injection

SonicWALL SOHO3 6.3 - Content Blocking Script Injection source: https://www.securityfocus.com/bid/4755/info The Sonicwall SOHO3 is an Internet security appliance that provides firewall security solutions. Reportedly, a vulnerability exists in the product that allows for a script injection attack ...

Security holes : XMB Magic Lantern forum & DevBB

Hi all : Product 1 : XMB Magic Lantern forum 1.6b final http://www.xmbforum.com http://www.aventure-media.co.uk Problems : - Reading of logs files - XSS - Path Disclosure - Access to users/admins accounts - Logs distortion Exploits : - /indexlog.log - /cplogfile.log - If indexlog not chmod 777 =...

XMB Forum 1.6 - Magic Lantern Log File

source: https://www.securityfocus.com/bid/4722/info XMB Forum 1.6 Magic Lantern allows remote users to conduct activities in the forum while bypassing normal logging functions. This is accomplished by submitting an arbitrary string as the "analized" variable to index.php. Log information is writt...

Buffer overflow in webalizer

Buffer overflow in host name resolution during log analizing...

SWS Vuln (small but important to those using it.)

-------------------------------------------------------------------- Dear Bugtraq Readers, I wasn't sure if this advisory deserved space on the bugtraq mailing list but as a friend of mine helped me to remember. "All security flaws are important no matter what their size". I guess ill go ahead, h...

AOL Instant Messenger saves code embedded in image tag to conversation log which could be viewed/executed by a browser

Overview Certain Alpha versions of AOL Instant Messenger AIM, that were leaked, would log errors to a log file. By sending a crafted image file, it may be possible to execute arbitrary script/HTML on a victims browser when they view the log files. Description AOL Instant Messenger has the ability...

CVE-2002-0114

EMC NetWorker formerly Legato NetWorker before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform...

CVE-2001-1170

The CVE concerns AmTote International’s homebet program. The vulnerability arises because homebet.log is stored in the homebet/ virtual directory, enabling remote attackers to access sensitive data and potentially disclose account and PIN numbers. The description does not specify affected version...

CVE-1999-1188

mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database...

DEBIAN-CVE-2001-1494

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command...

Доступ к пользовательским учетным записям в CentraOne (information leakage)

Учетный записи пользователей содержатся в открытом на чтение лог-файле...

HP-UX setuid rlpdaemon induced to make illicit file writes

This may have gone AWOL before. If there was a reason for the moderator dropping it I'd be interested to know. G.B. THE PROBLEM /usr/sbin/rlpdaemon in HP-UX is setuid root. Switches include "-l" to enable logging and "-L /some/thing" to select a logfile other than the default. When run by a...

PT-2001-1854 · Microsoft · Internet Explorer +2

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 6 and earlier Description: The issue allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later...

Vulnerability in Amtote International homebet self service wagering system.

Product Description: Internet-based account wagering interface utilizing HTML and JAVA web based applications. The HTML functionality includes viewing current account balances, viewing current odds by track, placing wagers, reviewing wagers, and viewing official results/prices by track. The JAVA...

Несанкционированный доступ в Homebet (unauthorized access)

Для авторизации пользователя применяется 4-х символьный pin-код. Сообщения об ошибке для неправильного пин-кода и имени пользователя различаются. Лог-файл содержащий всю информацию доступен через веб...

AmTote Homebet - World Accessible Log

source: https://www.securityfocus.com/bid/3370/info AmTote Homebet is an Internet-based account wagering interface. Homebet stores all account and corresponding PIN numbers in the homebet.log file stored in the Homebet virtual directory. On a default installation, the homebet.log file is world...

CVE-1999-1256

Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file...

CVE-1999-1322

The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext...