CVE-2005-1372

nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu...

CVE-2005-1372

nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu...

Security fix for the ALT Linux 9 package wireshark version 0.10.9-alt1

Jan. 22, 2005 Sir Raorn 0.10.9-alt1 - 0.10.9 - Fixed: + CAN-2004-1139 + CAN-2004-1140 + CAN-2004-1141 + CAN-2004-1142 + CAN-2005-0006 + CAN-2005-0007 + CAN-2005-0008 + CAN-2005-0009 + CAN-2005-0010 + CAN-2005-0084 - Debian fixes: Fixed dissectcmipInvokeIDType declaration FTBFS with gcc-4.0...

carboncopy.txt

The only reason this was never disclosed was originally in hopes of proper vendor response... I spoke to their tech support about 5 times but they were just total morons. I eventually gave up. I was going to write a shatter like attack so this could be exploited ala .exe file but I never had time...

CVE-2004-0078

Affected software: Mutt up to version 1.4.1 and earlier. Root cause: buffer overflow in the index menu code (menu_pad_string in menu.c). Impact: remote denial of service (crash) and possible arbitrary code execution via certain mail messages. Evidence: CVE-2004-0078 references across multiple adv...

CVE-2003-0023

The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu...

Mandrake Linux Security Advisory : pine (MDKSA-2001:047-1)

Versions of the Pine email client prior to 4.33 have various temporary file creation problems, as does the pico editor. These issues allow any user with local system access to cause any files owned by any other user, including root, to potentially be overwritten if the conditions were right. Upda...

[Full-Disclosure] backdoor menu on conexant chipset dsl router (Zoom X3)

i have just installed an adsl modem sold under the brand of Zoom X3 http://www.zoom.com/products/adsloverview.html and was apalled to find that an nmap scan of the external address immediately came up with the following: PORT STATE SERVICE 23/tcp open telnet 80/tcp open http 254/tcp open unknown...

Colin McRae Rally 2004 - Multiplayer Denial of Service

source: https://www.securityfocus.com/bid/10464/info It is reported that Colin McRae Rally 2004 has a flaw handling server responses when entering the multiplayer menu of the game. When entering the multiplayer menu, the game client sends a broadcast message requesting information from all server...

Microsoft Windows Utility Manager - Local Privilege Escalation (MS04-011)

Microsoft Windows Utility Manager - Local Privilege Escalation MS04-011 // By Cesar Cerrudo cesar appsecinc com // Local elevation of priviliges exploit for Windows Utility Manager // Gives you a shell with system privileges // If you have problems try changing Sleep values. include include inclu...

DEBIAN-CVE-2004-0078

Buffer overflow in the index menu code menupadstring of menu.c for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain mail messages...

security flaw

Buffer overflow in the index menu code menupadstring of menu.c for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain mail messages...

FVWM 2.42.5 - fvwm-menu-Directory Command Execution

FVWM 2.42.5 - fvwm-menu-Directory Command Execution source: https://www.securityfocus.com/bid/9161/info It has been reported that FVWM may be prone to a command execution vulnerability that may allow an attacker to execute malicious commands on a vulnerable system. It has been reported that the...

CVE-2002-0009

In Bugzilla versions before 2.14.1, a user with Bugs Access privileges could trigger information disclosure by submitting a bug and reading the resulting Product pulldown menu, revealing other products not accessible to them. The root cause is insufficient access controls around the Product pulld...

Important: Red Hat Security Advisory: rxvt security update

Updated rxvt packages are available which fix a number of vulnerabilities in the handling of escape sequences. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS Rxvt is a color VT102 terminal emulator for the X Window System. A number of issues...

SECURITY vulnerability in ECS-K7S5A(L) boards

A repost, my previous one seem to have failed. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY vulnerability in ECS-K7S5AL boards DESCRIPTION =========== The administrator-password set in the BIOS of the K7S5AL locks out BIOS-access from the console. However, it does not disable access to...

X_holes

Products : xstat v2.3 and less xnews v1.1 Website : http://www.xqus.com/ problems : xstat : - Recovery of numerous data about the computer phpinfo . - Cross Site Scripting - Path disclosure xnews : - Access to the admin menu More details in french : http://www.ifrance.com/kitetoua/tuto/xholes.txt...

OS/400 - User Account Name Disclosure

source: https://www.securityfocus.com/bid/4059/info AS/400 is a midrange computer platform developed by IBM. It is designed to be highly reliable and efficient, and uses the OS/400 operating system. An information disclosure vulnerability has been reported to exist in OS/400 systems. An...

CVE-2001-0953

Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root...

CVE-2000-0802

The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR...