Lucene search
+L

162 matches found

Hacker One
Hacker One
•added 2014/09/21 6:53 a.m.•51 views

Mail.ru: touch.mail.ru XSS via message id

Š²Š¾ŃŠæŃ€Š¾ŠøŠ·Š²Š¾Š“ŠøŃ‚ŃŃ в IE11 ŃƒŃŠ·Š²ŠøŠ¼Ń‹ ŃŠ»ŠµŠ¼ŠµŠ½Ń‚Ń‹ ŠæŃ€ŠøŠ½ŠøŠ¼Š°ŃŽŃ‰ŠøŠµ значение id письма. Šŗ ŠæŃ€ŠøŠ¼ŠµŃ€Ńƒ https://touch.mail.ru/cgi-bin/msglistreadmsg/14112810510000000915"...

0.4AI score
Exploits0
myhack58
myhack58
•added 2012/11/13 12:0 a.m.•33 views

dedecms5. 7 latest sql injection exploit guestbook. php-vulnerability warning-the black bar safety net

Impact version 5. 7 Vulnerability file edit. inc. php specific code: ExecuteNoneQuery" DELETE FROM @guestbook WHERE id='$id' "; ShowMsg"successfully deleted a message!", $GUESTBOOKPOS; exit; else if$job=='check' && $gisadmin $dsql-ExecuteNoneQuery" UPDATE @guestbook SET ischeck=1 WHERE id='$id' "...

0.7AI score
Exploits0
myhack58
myhack58
•added 2007/10/06 12:0 a.m.•23 views

Magic magiclink-vulnerability warning-the black bar safety net

Magic control MagicLink1. 4 remote control software Version 1.4 update 1.ī—„ Using a more complex encryption algorithm, the encrypted message information. 2.ī—„ You can set the Message ID to make the connection more secure,1.4ī—„the previous Server version, the message identity is set toī—„CMJSPY2INFO 1....

6.8AI score
Exploits0
securityvulns
securityvulns
•added 2007/06/01 12:0 a.m.•74 views

Mozilla Foundation Security Advisory 2007-15

Title: Security Vulnerability in APOP Authentication Impact: Moderate Announced: May 30, 2007 Reporter: Gatan Leurent Products: Thunderbird, SeaMonkey Fixed in: Thunderbird 1.5.0.12 Thunderbird 2.0.0.4 SeaMonkey 1.0.9 SeaMonkey 1.1.2 Description Gatan Leurent informed us of a weakness in APOP...

2.6CVSS1.2AI score0.02423EPSS
Exploits1
securityvulns
securityvulns
•added 2006/02/06 12:0 a.m.•92 views

SECURITY.NNOV: The Bat! 2.x message headers spoofing

Title: The Bat! 2.x message headers spoofing Author: 3APA3A [email protected] Homepage: http://www.security.nnov.ru/ Advisory URL: http://www.security.nnov.ru/advisories/thebatspoof.asp Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable:...

0.6AI score
Exploits0
NVD
NVD
•added 2005/05/02 4:0 a.m.•21 views

CVE-2005-0127

Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine...

5CVSS6.4AI score0.0271EPSS
Exploits0References5
CERT
CERT
•added 2005/01/31 12:0 a.m.•35 views

Apple Mac OS X vulnerable to information disclosure in "Message-ID" header

Overview The Mail application supplied with Apple's Mac OS X operating system identifies the system from which any electronic mail is sent. Description Mac OS X includes the Mail application for handling electronic mail. This application does include the Media Access Control MAC address of a...

5CVSS6.3AI score0.0271EPSS
Exploits0References2
CVE
CVE
•added 2005/01/29 5:0 a.m.•84 views

CVE-2005-0127

CVE-2005-0127 affects Mac OS X 10.3.7 Mail: the Message-ID header includes a GUUID that reveals the MAC address of the sending machine, enabling remote attackers to correlate mail with a specific system. Impact is system identification via email; exploitation details are not provided in the conne...

5CVSS6.4AI score0.0271EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
•added 2005/01/29 5:0 a.m.•28 views

CVE-2005-0127

Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine...

6.3AI score0.0271EPSS
Exploits0References5
NVD
NVD
•added 2004/12/31 5:0 a.m.•19 views

CVE-2004-2677

Format string vulnerability in qwik-smtpd.c in QwikMail SMTP qwik-smtpd 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the 1 clientRcptTo array, and the 2 Received and 3 messageID variables, possibly involving HELO and hostname arguments...

7.5CVSS7.8AI score0.06436EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
•added 2004/07/31 12:0 a.m.•21 views

Mandrake Linux Security Advisory : leafnode (MDKSA-2003:005)

A vulnerability was discovered by Jan Knutar in leafnode that Mark Brown pointed out could be used in a Denial of Service attack. This vulnerability causes leafnode to go into an infinite loop with 100% CPU use when an article that has been crossposed to several groups, one of which is the prefix...

5CVSS5.5AI score0.02333EPSS
Exploits0References2
securityvulns
securityvulns
•added 2002/12/31 12:0 a.m.•22 views

Leafnode CPU exhaustion

If message is crossposted to few groups where one is prefix for another and then requested by message id programs goes into infinite loop...

1.9AI score
Exploits0References1Affected Software1
FreeBSD
FreeBSD
•added 2002/11/06 12:0 a.m.•21 views

leafnode denial-of-service triggered by article request

The leafnode NNTP server may go into an unterminated loop with 100% CPU use when an article is requested by Message-ID that has been crossposted to several news groups when one of the group names is the prefix of another group name that the article was cross-posted to. Found by Jan Knutar...

5CVSS6.5AI score0.02333EPSS
Exploits0References3
Cvelist
Cvelist
•added 2002/06/25 4:0 a.m.•16 views

CVE-2001-1174

Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header...

7.9AI score0.04226EPSS
Exploits0References4
NVD
NVD
•added 2002/04/01 5:0 a.m.•12 views

CVE-2001-1174

Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header...

7.5CVSS7.9AI score0.04226EPSS
Exploits0References4
CVE
CVE
•added 2000/10/13 4:0 a.m.•57 views

CVE-2000-0472

CVE-2000-0472 describes a buffer overflow in INN (innd) 2.2.2 that allows a remote attacker to execute arbitrary commands via a cancel request containing a long message ID. Documents indicate the impact is remote code execution and that remediation is to upgrade to version 2.2.3 or disable the ve...

3.6CVSS7.8AI score0.03721EPSS
Exploits0References7Affected Software1
exploitpack
exploitpack
•added 2000/06/12 12:0 a.m.•19 views

ISC innd 2.x - Remote Buffer Overflow

ISC innd 2.x - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid...

0.7AI score
Exploits0
Exploit DB
Exploit DB
•added 2000/06/12 12:0 a.m.•35 views

ISC innd 2.x - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid Message-ID but the From/Sender fields diff...

7.4AI score
Exploits0
securityvulns
securityvulns
•added 2000/06/07 12:0 a.m.•75 views

innd 2.2.2 remote buffer overflow

Newest innd 2.2.2, probably the most popular usenet news server as well as previous versions contain remotely exploitable, trivial on-stack buffer overflow in control articles handler. Offending piece of code in innd/art.c, function ARTcancelverify: if !EQlocal, p files = NULL; voidsprintfbuff,...

0.6AI score
Exploits0
Packet Storm
Packet Storm
•added 2000/06/06 12:0 a.m.•24 views

innd-2.2.2.txt

Newest innd 2.2.2, probably the most popular usenet news server as well as previous versions contain remotely exploitable, trivial on-stack buffer overflow in control articles handler. Offending piece of code in innd/art.c, function ARTcancelverify: if !EQlocal, p files = NULL; voidsprintfbuff,...

7.4AI score
Exploits0
Rows per page
Query Builder