2294 matches found
FTP Desktop 3.5 FTP 331 Server Response Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8560/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response...
SPlayer <= 3.7 (build 2055) Buffer Overflow Exploit
No description provided by source. !/usr/bin/python Exploit Title: SPlayer = 3.7 build 2055 Buffer Overflow Exploit Date: May 04, 2011 Author: xsploitedsec xsploitedsecurity at gmail dot com Software Link: http://www.splayer.org/index.en.html Versions: = 3.7 build 2055 Tested On: WinXP SP3 Eng /...
UnrealIRCd 3.x Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17057/info UnrealIRCd is prone to a remote denial-of-service vulnerability. A remote attacker may exploit this issue to deny service for legitimate users. !/usr/bin/perl Denial of Service exploit for UnrealIRCd 3.2.3...
Mantis 0.19 Remote Server-Side Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10993/info Mantix is reportedly susceptible to a remote server-side script execution vulnerability. This vulnerability only presents itself when PHP is configured on the hosting computer with 'registerglobals = on'. When...
Nukebrowser 2.x Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6731/info Nukebrowser is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in the nukebrowser.php script file. Under some circumstances, it is possible fo...
PHPNuke 4.x/5.x Remote Arbitrary File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3889/info PHPNuke is a website creation/maintenance tool. The 'index.php' script has a feature which allows users to include files. Due to insufficent input validation, it is possible to include files located on a remote...
ObieWebsite Mini Web Shop 2 sendmail.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...
Cedric Email Reader 0.2/0.3 Skin Configuration Script Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6818/info It has been reported that Cedric Email Reader is prone to an issue that may allow remote attackers to include malicious files located on remote servers. This issue is present in the 'email.php' script. Under som...
Profense Web Application Firewall 2.6.2 - CSRF/XSS Vulnerabilities
No description provided by source. Written By Michael Brooks Special thanks to str0ke! Affects: Profense Web Application Firewall XSRF and XSS Version: 2.6.2 download http://www.armorlogic.com/downloadsoftware.html Defenses against all OWASP Top Ten vulnerabilities Too bad it doesn't defend its...
Gossamer Threads DBMan 2.0.4 DBMan Information Leakage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1178/info Requesting an invalid database file from a web server implementing Gossamer Threads DBMan scripts will return a CGI error message containing environmental variables to a remote user without any authorization. Th...
YaPiG 0.92 Remote Server-Side Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10891/info A vulnerability is reported to exist in YaPiG that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack if sanitization of user-supplied data. It is...
ca3de Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12727/info Ca3DE is reported prone to multiple remote vulnerabilities. An attacker can exploit these issues to carry out format string and denial of service attacks. The following specific issues were identified: It is...
davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit
No description provided by source. davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723034...
MS IE 4/5/5.5/5.0.1 external.NavigateAndFind() Cross-Frame Vulnerability
No description provided by source. Microsoft Internet Explorer 4.0 for WfW/Windows 3.1/Windows 95/Windows NT 3/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.5,Internet Explorer 5.0.1,Internet Explorer for Unix 5.0 external.NavigateAndFi...
COOL! Remote Control <= 1.12 Remote Denial of Service Exploit
No description provided by source. !usr/bin/perl COOL! Command Execution DOS Exploit -------------------------------------------- Infam0us Gr0up - Securiti Research Info: infamous.2hell.com Vendor URL: www.yaosoft.com If Remote ControlClient application is running then already connected to server...
KTH Kerberos 4 Arbitrary Proxy Usage Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2090/info Kerberos is a widely used network service authentication system. The version of Kerberos developed and maintained by KTH Swedish Royal Institute of Technology contains a vulnerability that may allow/assist in a...
OpenSSH 1.2 scp File Create/Overwrite Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1742/info A vulnerability exists in the 1.2.x releases of scp which, if properly exploited using a modified scp binary on the server end, can permit the remote server to spoof local pathnames and overwrite files belonging...
PAExec - The Redistributable PsExec (Launch Remote Windows Apps)
PAExec lets you launch Windows programs on remote Windows computers without needing to install software on the remote computer first. For example, you could launch CMD.EXE remotely and have the equivalent of a terminal session to the remote server. PAExec is useful for doing remote installs,...
Fedora 19 : libgadu-1.12.0-0.5.rc3.fc19 (2014-6645)
Security bug fix: remote Gadu-Gadu file relay servers could cause a denial of service memory overwrite or possibly execute arbitrary code via a crafted message CVE-2014-3775. - Fixes related to image transfers. - Regression test reliability fixes. Note that Tenable Network Security has extracted...
MGASA-2014-0246 Updated libgadu package fixes CVE-2014-3775
Updated libgadu packages fix security vulnerability: It was discovered that libgadu incorrectly handled certain messages from file relay servers. A malicious remote server or a man in the middle could use this issue to cause applications using libgadu to crash, resulting in a denial of service, o...