162 matches found
Mail.ru: touch.mail.ru XSS via message id
Š²Š¾ŃŠæŃоизвоГиŃŃŃ Š² IE11 ŃŃŠ·Š²ŠøŠ¼Ń ŃŠ»ŠµŠ¼ŠµŠ½ŃŃ ŠæŃŠøŠ½ŠøŠ¼Š°ŃŃŠøŠµ Š·Š½Š°ŃŠµŠ½ŠøŠµ id пиŃŃŠ¼Š°. Šŗ ŠæŃŠøŠ¼ŠµŃŃ https://touch.mail.ru/cgi-bin/msglistreadmsg/14112810510000000915"...
dedecms5. 7 latest sql injection exploit guestbook. php-vulnerability warning-the black bar safety net
Impact version 5. 7 Vulnerability file edit. inc. php specific code: ExecuteNoneQuery" DELETE FROM @guestbook WHERE id='$id' "; ShowMsg"successfully deleted a message!", $GUESTBOOKPOS; exit; else if$job=='check' && $gisadmin $dsql-ExecuteNoneQuery" UPDATE @guestbook SET ischeck=1 WHERE id='$id' "...
Magic magiclink-vulnerability warning-the black bar safety net
Magic control MagicLink1. 4 remote control software Version 1.4 update 1.ī„ Using a more complex encryption algorithm, the encrypted message information. 2.ī„ You can set the Message ID to make the connection more secure,1.4ī„the previous Server version, the message identity is set toī„CMJSPY2INFO 1....
Mozilla Foundation Security Advisory 2007-15
Title: Security Vulnerability in APOP Authentication Impact: Moderate Announced: May 30, 2007 Reporter: Gatan Leurent Products: Thunderbird, SeaMonkey Fixed in: Thunderbird 1.5.0.12 Thunderbird 2.0.0.4 SeaMonkey 1.0.9 SeaMonkey 1.1.2 Description Gatan Leurent informed us of a weakness in APOP...
SECURITY.NNOV: The Bat! 2.x message headers spoofing
Title: The Bat! 2.x message headers spoofing Author: 3APA3A [email protected] Homepage: http://www.security.nnov.ru/ Advisory URL: http://www.security.nnov.ru/advisories/thebatspoof.asp Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable:...
CVE-2005-0127
Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine...
Apple Mac OS X vulnerable to information disclosure in "Message-ID" header
Overview The Mail application supplied with Apple's Mac OS X operating system identifies the system from which any electronic mail is sent. Description Mac OS X includes the Mail application for handling electronic mail. This application does include the Media Access Control MAC address of a...
CVE-2005-0127
CVE-2005-0127 affects Mac OS X 10.3.7 Mail: the Message-ID header includes a GUUID that reveals the MAC address of the sending machine, enabling remote attackers to correlate mail with a specific system. Impact is system identification via email; exploitation details are not provided in the conne...
CVE-2005-0127
Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine...
CVE-2004-2677
Format string vulnerability in qwik-smtpd.c in QwikMail SMTP qwik-smtpd 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the 1 clientRcptTo array, and the 2 Received and 3 messageID variables, possibly involving HELO and hostname arguments...
Mandrake Linux Security Advisory : leafnode (MDKSA-2003:005)
A vulnerability was discovered by Jan Knutar in leafnode that Mark Brown pointed out could be used in a Denial of Service attack. This vulnerability causes leafnode to go into an infinite loop with 100% CPU use when an article that has been crossposed to several groups, one of which is the prefix...
Leafnode CPU exhaustion
If message is crossposted to few groups where one is prefix for another and then requested by message id programs goes into infinite loop...
leafnode denial-of-service triggered by article request
The leafnode NNTP server may go into an unterminated loop with 100% CPU use when an article is requested by Message-ID that has been crossposted to several news groups when one of the group names is the prefix of another group name that the article was cross-posted to. Found by Jan Knutar...
CVE-2001-1174
Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header...
CVE-2001-1174
Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header...
CVE-2000-0472
CVE-2000-0472 describes a buffer overflow in INN (innd) 2.2.2 that allows a remote attacker to execute arbitrary commands via a cancel request containing a long message ID. Documents indicate the impact is remote code execution and that remediation is to upgrade to version 2.2.3 or disable the ve...
ISC innd 2.x - Remote Buffer Overflow
ISC innd 2.x - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid...
ISC innd 2.x - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid Message-ID but the From/Sender fields diff...
innd 2.2.2 remote buffer overflow
Newest innd 2.2.2, probably the most popular usenet news server as well as previous versions contain remotely exploitable, trivial on-stack buffer overflow in control articles handler. Offending piece of code in innd/art.c, function ARTcancelverify: if !EQlocal, p files = NULL; voidsprintfbuff,...
innd-2.2.2.txt
Newest innd 2.2.2, probably the most popular usenet news server as well as previous versions contain remotely exploitable, trivial on-stack buffer overflow in control articles handler. Offending piece of code in innd/art.c, function ARTcancelverify: if !EQlocal, p files = NULL; voidsprintfbuff,...