6654 matches found
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities Original Advisory: http://www.wisec.it/vulns.php?page=9 Original Discovery and Research: Stefano Di Paola Contribution: Giorgio Fedon IE Dos, UXSS Analysis Elia Florio Poc and Code Execution analysis Status: Vendor Informed on 15 October 2006...
TorrentFlux startpop.php torrent Script Insertion
http://www.stevenroddis.com.au/2006/10/13/torrentflux-startpopphp-torrent-script-insertion/ TITLE: TorrentFlux “startpop.php” “torrent” Script Insertion CRITICAL: Not Critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: TorrentFlux 2.x DESCRIPTION: I have discovered a vulnerability ...
[CAID 34616, 34617, 34618]: CA eSCC and eTrust Audit vulnerabilities
Title: CAID 34616, 34617, 34618: CA eTrust Security Command Center and eTrust Audit vulnerabilities CA Vulnerability ID CAID: 34616, 34617, 34618 CA Advisory Date: 2006-09-20 Discovered By: Patrick Webster of aushack.com Impact: Remote attacker can read/delete files, or potentially execute replay...
FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:21.gzip Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in gzip Category: contrib Module: gzip Announced: 2006-09-19 Credits: Tavis...
phpLocal.txt
Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...
SquirrelMail 1.4.8 released - fixes variable overwriting attack
Hello all, Today SquirrelMail version 1.4.8 has been released with a collection of bugfixes and an important security fix. It was possible for an authenticated user to overwrite random variables in the compose.php script. This may open up possible attack vectors like reading or overwriting a user...
Tips: using Ubuntu to crack WEP-key-vulnerability warning-the black bar safety net
See this article, anyone can install and run Linux, and crack the WEP key. I've spent the whole two days, and read a lot of information before they make this thing, now out and share. I'm not a Linux expert. All you need is a wireless card old notebook and a Ubuntu Linux copy, which is currently...
Patching non-exported, non-system-service kernel functions
Patching non-exported, non-system-service kernel functions KAV's kernel patching is not limited to just system services, however. One of the most dangerous hooks that KAV installs is one in the middle of the nt!SwapContext function, which is neither exported nor a system service and thus has no...
Allowing User-mode Code to Access Kernel Memory
Allowing User-mode Code to Access Kernel Memory One of the most important principles of the kernel/user division that modern operating systems enforce is that user mode is not allowed to directly access kernel mode memory. This is necessary to enforce system stability, such as to prevent a buggy...
DSA-1073-1 mysql-dfsg-4.1 - several vulnerabilities
Bulletin has no description...
Oracle 10g Release 2 - 'DBMS_EXPORT_EXTENSION' SQL
/ 0day, description is wrong. /str0ke / / Fucking NON-0 day$ exploit for Oracle 10g 10.2.0.2.0 Patch your database now! by N1V1Hd $3c41r3 / CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENTUSER IS FUNCTION ODCIIndexGetMetadata oindexinfo SYS.odciindexinfo,P3 VARCHAR2,p4 VARCHAR2,env SYS.odcie...
Multiple vulnerabilities in Linux based Cisco products
Assurance.com.au - Vulnerability Advisory ----------------------------------------------- Release Date: 19-Apr-2006 Software: Cisco Wireless Lan Solution Engine WLSE Cisco Hosting Solution Engine HSE Cisco Ethernet Subscriber Solution Engine ESSE Cisco User Registration Tool URT CiscoWorks2000...
FreeBSD-SA-06:14.fpu
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:14.fpu Security Advisory The FreeBSD Project Topic: FPU information disclosure Category: core Module: sys Announced: 2006-04-19 Credits: Jan Beulich Affects:...
PHPKIT >= 1.6.1r2 arbitrary local/remote inclusion (unproperly patched in previous versions)
---------- PHPKit = v.1.6.1 release 2 remote code execution ------------------- software: site: www.phpkit.de description: a Content Management / homepage / community building software written in PHP language --------------------------------------------------------------------------------...
EasyCMS vulnerable to XSS injection.
The Norwegian web-publishing system EasyCMS www.easycms.no contains multiple input flaws letting users conduct successful XSS attacks. Both in the admin section, and the webpage that uses the system is vulnerable to XSS. It does not filter script tags and simple scripting like...
FreeBSD-SA-06:01.texindex
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:01.texindex Security Advisory The FreeBSD Project Topic: Texindex temporary file privilege escalation Category: contrib Module: texinfo Announced: 2006-01-11...
2 0 0 3 terminal encounter weirdness-loophole warning-the black bar safety net
The day before yesterday a new installation of a single server, plan to install a 2 0 0 3 system is installed, patched, open a terminal, but the strange things, the landing terminal when a den is automatically logged off. Create a new account, and then login is the same. In desperation did a...
Not shelling directly crack Software-bug warning-the black bar safety net
| --- To achieve shell software direct patch, need some skill and luck, although this seems to be very not easy to achieve, in fact, not like everyone thought so difficult, the following listen to me slowly road to. To achieve this with shell patches of the object, of course, you need to make ful...
FreeBSD-SA-05:17.devfs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:17.devfs Security Advisory The FreeBSD Project Topic: devfs ruleset bypass Category: core Module: devfs Announced: 2005-07-20 Credits: Robert Watson Affects:...
sile002adv.txt
---- sile002 advisory + PoC PRODUCT: PHP-Nuke VERSION: 7.5 but others versions maybe either vulnerables VENDOR: http://www.phpnuke.org VULNERABILITY: Multiple vulnerability RISK: Hight Found by: Silentium of Anacron Group Italy date: 02/05/2005 e-mail: anacrongroupitalyatautisticidotorg myhome:...