2293 matches found
SasCam 2.6.5 - Remote HTTP Server Crash
SasCam 2.6.5 - Remote HTTP Server Crash / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! Also the free software programs provided by fl0 fl0w may be freely distributed and that the disclaimer below is always attached to it...
CVE-2010-1764
CVE-2010-1764 affects WebKit in Apple Safari prior to 5.0 on Mac OS X 10.5–10.6 and Windows, and prior to 4.1 on Mac OS X 10.4. The vulnerability arises from following multiple redirections during form submission, enabling remote servers to record form data and access sensitive information. Conne...
PHP expose_php Information Disclosure
The PHP install on the remote server is configured in a way that allows disclosure of potentially sensitive information to an attacker through a special URL. Such a URL triggers an Easter egg built into PHP itself. Other such Easter eggs likely exist, but Nessus has not checked for them...
Arbitrary UNC file read in IE 8
Internet Explorer is vulnerable to a drive-by arbitrary UNC file read, with the usual consequences local account password disclosure, etc. as in IE6 before SP1. It is in ICMFilter, which is accessible via the CSS filter property. Sample exploit code: div...
Mandriva Linux Security Advisory : cpio (MDVSA-2010:065)
A vulnerability has been found and corrected in cpio and tar : Heap-based buffer overflow in the rmtread function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service memory corruption or possibly...
Novell eDirectory DHost Predictable Session ID
The eDirectory DHost web server running on the remote host generates predictable session IDs. A remote attacker could exploit this by predicting the session ID of a legitimately logged-in user, which could lead to the hijacking of administrative sessions. C Tenable Network Security, Inc...
CVE-2010-0624
Heap-based buffer overflow in the rmtread function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service memory corruption or possibly execute arbitrary code by sending more data than was requested,...
DEBIAN-CVE-2009-4652
The 1 ConnGetCipherInfo and 2 ConnUsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service application crash by sending the MOTD command from another server in the same IRC...
Publique! Framework 2.3 SQL Injection
===== Tempest Security Intelligence - Advisory 01 / 2010 ============= SQL injection vulnerability in Publique! Framework -------------------------------------------------- Authors: Christophe de la Fuente Gustavo Pimentel Bittencourt ===== Table of Contents ================================= 1...
Security Best Practice: Protect Yourself from Multiple SMTP Vulnerabilities
Simple Mail Transfer Protocol SMTP is an Internet standard for electronic mail e-mail transmission across Internet Protocol IP networks. SMTP is specified for outgoing mail transport and uses TCP port 25. There are several serious security limitations with the SMTP protocol that allow malicious...
Security Best Practice: Protect Yourself from Multiple IMAP Vulnerabilities
The Internet Message Access Protocol IMAP is one of the two most prevalent Internet standard protocols for e-mail retrieval, the other being the Post Office Protocol POP.Virtually all modern e-mail clients and mail servers support both protocols as a means of transferring e-mail messages from a...
BigAnt 2.52 Buffer Overflow
!/usr/bin/python BigAnt Server 2.52 remote buffer overflow exploit 2 Author: DouBleZer0 Vulnerability discovered by Lincoln a another version of the original exploit by Lincoln application is little hazy.. import sys,socket host = sys.argv1 buffer= "\x90" 20 ./msfpayload...
HP WEB JETADMIN Denial of Service (CVE-2004-1856)
HP Web JetAdmin is an enterprise tool that allows administrator to install, configure, and administer Hewlett Packard as well as non-HP peripherals, such as a printer, through a web-based interface. There are three separate vulnerabilities within HP Web JetAdmin that will allow a malicious attack...
WebKit资源装载回调信息泄漏漏洞
Bugraq ID: 36996 CVE ID:CVE-2009-2841 WebKit是一款开放源代码的web浏览器引擎。 当WebKit处理指向外部资源的HTML 5媒体元素时,它不提交资源装载回调以判断资源是否已装载,结果可导致发送某些请求到远程服务器上。如HTML格式的EMAIL消息发送者可以利用这个漏洞用于判断消息是否读取。 WebKit Open Source Project WebKit r38566 WebKit Open Source Project WebKit 0 Apple Safari 4.0.3 Apple Safari 4.0.2 Apple Safari...
Joomla 1.5.12 TinyBrowser File Upload Code Execution
This module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 1.5.12 of joomla and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system. This modu...
Ubuntu 6.06 LTS : devscripts vulnerability (USN-847-2)
USN-847-1 fixed vulnerabilities in devscripts. This update provides the corresponding updates for Ubuntu 6.06 LTS. Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a...
USN-847-2: devscripts vulnerability
USN-847-1 fixed vulnerabilities in devscripts. This update provides the corresponding updates for Ubuntu 6.06 LTS. Original advisory details: Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted...
USN-847-1: Devscripts vulnerability
Raphael Geissert discovered that uscan, a part of devscripts, did not properly sanitize its input when processing pathnames. If uscan processed a crafted filename for a file on a remote server, an attacker could execute arbitrary code with the privileges of the user invoking the program...
CGI Generic SSI Injection
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. They seem to be vulnerable to an 'SSI injection' attack. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, In...
Stack overflow
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command...