Lucene search
K

2293 matches found

OSV
OSV
added 2008/06/13 6:41 p.m.6 views

CVE-2008-2364

The approxyhttpprocessresponse function in modproxyhttp.c in the modproxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service memory consumption via a large number of interim...

7.3AI score
Exploits0References78
Tenable Nessus
Tenable Nessus
added 2008/05/28 12:0 a.m.18 views

FreeBSD : spamdyke -- open relay (555ac165-2bee-11dd-bbdc-00e0815b8da8)

Spamdyke Team reports : Fixed smtpfilter to reject the DATA command if no valid recipients have been specified. Otherwise, a specific scenario could result in every spamdyke installation being used as an open relay. If the remote server connects and gives one or more recipients that are rejected...

6.4CVSS5.5AI score0.01359EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2008/03/25 12:0 a.m.989 views

PHP 5.x < 5.2 Multiple Vulnerabilities

According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2. Such versions may be affected by several buffer overflows. To exploit these issues, an attacker would need the ability to upload an arbitrary PHP script on the remote server or to manipulate several...

10CVSS6.1AI score0.15011EPSS
Exploits7References17
seebug.org
seebug.org
added 2008/03/15 12:0 a.m.29 views

win32 Download and Execute Shellcode Generator (browsers edition)

No description provided by source. !/usr/bin/perl $loadingurl=$ARGV0; chomp $loadingurl; my @buffer; if $loadingurl eq "" $sco = 'ERROR!!! Enter url to remote exe.'; buffergen$sco; print @buffer; exit; $c= generatechar0; $sco= "\xE8\x56\x00\x00\x00\x53\x55\x56\x57\x8B\x6C\x24\x18\x8B\x45"...

7.1AI score
Exploits0
Fedora
Fedora
added 2008/02/13 5:0 a.m.16 views

[SECURITY] Fedora 8 Update: duplicity-0.4.9-1.fc8

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...

4.6CVSS6.3AI score0.00371EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/02/12 12:0 a.m.26 views

MS08-003: Vulnerability in Active Directory Could Allow Denial of Service (946538)

The remote version of Active Directory contains a flaw in the LDAP request handler code that allows an attacker to crash the remote Active Directory server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31037; scriptversion"1.28"; scriptcvsdate"Date: 2018/11/15...

6.8CVSS5.6AI score0.28948EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
added 2007/12/06 12:0 a.m.31 views

Hewlett-Packard OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities

These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP OpenView Network Node Manager NNM. Authentication is not required to exploit these vulnerabilities. The specific flaws exists within the CGI applications that handle the...

10CVSS3AI score0.69613EPSS
Exploits9
Cvelist
Cvelist
added 2007/12/05 11:0 a.m.23 views

CVE-2007-5355

The Web Proxy Auto-Discovery WPAD feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct...

6.5AI score0.16629EPSS
Exploits2References6
Exploit DB
Exploit DB
added 2007/11/29 12:0 a.m.42 views

Seditio CMS 121 - SQL Injection

= 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific user id default 1\n\n"; echo "examples:\n"; echo "php $argv0 http://site.com/ -p=cms\n"; echo "php $argv0...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/10/23 12:0 a.m.32 views

smf-blind.txt

SMF is a very hardened php application. If anyone wants an example of some interesting PHP security SMF is a good place to look. Even after being able to injection SQL I had to take another step and bypass some difficult filters found in the dbquery function. Ultimately i was able to do so. This...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/10/08 8:11 a.m.5 views

FTP protocol PASV design flaw affects konqueror

The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

6.8CVSS5.9AI score0.03778EPSS
Exploits0References4
seebug.org
seebug.org
added 2007/10/03 12:0 a.m.11 views

Microsoft Internet Explorer 文件上传处理漏洞

BUGTRAQ ID: 25836 Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer在处理文件上传时存在漏洞,恶意网站可能利用此漏洞窃取用户系统上的文件。 通常由于安全限制JavaScript是不允许设置焦点或在文件上传字段中设置值,以防从用户机器上传任意文件。浏览器厂商在表单的文件字段中实施这个限制,计算机用户只有选择了文件才能上传。但如果用户使用IE访问了恶意网页的话,就可能窃取用户的焦点,绕过浏览器安全限制,在用户不知情的情况下向远端服务器上传任意文件 Microsoft Internet Explorer 6.0 SP1...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/09/28 12:0 a.m.2432 views

Web Server Transmits Cleartext Credentials

The remote web server contains several HTML form fields containing an input of type 'password' which transmit their information to a remote web server in cleartext. An attacker eavesdropping the traffic between web browser and server may obtain logins and passwords of valid users. C Tenable Netwo...

5.5AI score
Exploits0
Prion
Prion
added 2007/09/17 5:17 p.m.13 views

Design/Logic Flaw

Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file transfers with a remote server via file-transfer commands in the final portion of a 1 scp, and possibly a 2 sftp or 3 ftp, URL, as demonstrated by a URL specifying login to the remote server with a...

9.3CVSS7.4AI score0.06335EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2007/09/17 5:0 p.m.54 views

CVE-2007-4909

WinSCP (before 4.0.4) is affected by an interpretation conflict in its URL handler that lets remote attackers perform arbitrary file transfers via certain scp/sftp/ftp URLs, by abusing a login-as-username on the URL which is parsed differently by the protocol handler. The issue is described as a ...

9.3CVSS7.1AI score0.03522EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2007/08/31 1:17 a.m.9 views

CVE-2007-4625

Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service daemon crash by aborting the response to a POST request...

6.8AI score
Exploits0References5
Prion
Prion
added 2007/08/21 12:17 a.m.18 views

Buffer overflow

Multiple buffer overflows in the client in Toribash 2.71 and earlier allow remote attackers to 1 execute arbitrary code via a long game command in a replay .rpl file and 2 cause a denial of service application crash via a long SAY command that omits a required LF character; and allow remote...

7.5CVSS8.6AI score0.0395EPSS
Exploits1References6Affected Software1
seebug.org
seebug.org
added 2007/06/22 12:0 a.m.23 views

BitchX 1.1-final (EXEC) Remote Command Execution Exploit

No description provided by source. / Name: PBXS - Pointless BitchX Sploit Author: clarity Infected Versions: 1.1-final and others? Synopsis: BitchX suffers from a unchecked bounds in a hash table in hook.c where one can inject data structures allowing for the remote execution of commands! Usage:...

7.1AI score
Exploits0
Fedora
Fedora
added 2007/06/06 5:22 p.m.44 views

[SECURITY] Fedora Core 6 Update: postgresql-8.1.9-1.fc6

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

6CVSS0.9AI score0.03184EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/05/19 12:0 a.m.372 views

OS Identification : SNMP

Nessus was able to identify the operating system type and version by examining the SNMP data returned by the remote server. C Tenable, Inc. Nessus was able to identify the operating system type and version by examining the SNMP data returned by the remote server. include"compat.inc"; if descripti...

5.6AI score
Exploits0
Rows per page
Query Builder