2293 matches found
OPeNDAP arbitrary command execution vulnerability
Overview The BES daemon in OPeNDAP server version 4 contains a vulnerability. This vulnerability may allow an attacker to execute arbitrary commands, or upload files to a remote server. Description OPeNDAP is a software package designed to help researchers exchange data sets that are stored in...
Flaw in about.r OS and Progress version disclosure
about.r OS and Progress version disclosure. Because of poor security in webutil/about.r it is possible to view the OS and the Progress version of a remote webspeed server. First you have to find the messenger execution url. For example: http://yourmachine.com/scripts/cgiip.exe/WService=wsbroker1...
ObieWebsite Mini Web Shop 2 - Sendmail.php?PATH_INFO Cross-Site Scripting
ObieWebsite Mini Web Shop 2 - Sendmail.php?PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit...
ObieWebsite Mini Web Shop 2 - order_form.php?PATH_INFO Cross-Site Scripting
ObieWebsite Mini Web Shop 2 - orderform.php?PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploi...
ObieWebsite Mini Web Shop 2 - 'order_form.php?PATH_INFO' Cross-Site Scripting
source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch...
ObieWebsite Mini Web Shop 2 - 'Sendmail.php?PATH_INFO' Cross-Site Scripting
source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch...
ProFTPD Auth API Multiple Auth Module Authentication Bypass
The remote host is running ProFTPd. Due to a bug in the way the remote server is configured and the way it processes the USER and PASS commands, it is possible to log into the remote system by supplying invalid credentials. C Tenable Network Security, Inc. include"compat.inc"; if description...
libero-xss.txt
Libero.it, one of the most important italian ISP www.libero.it is affected from a XSS vulnerability. The vulnerability can be found in the "Community" section of Libero portal, and the affected functionality is "add nick" http://digiland.libero.it/profilo.phtml?nick=. The implementation of this...
[SECURITY] Fedora Core 6 Update: postgresql-8.1.7-1.fc6
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
OpenLDAP 2.4.3 - KBIND Remote Buffer Overflow
OpenLDAP 2.4.3 - KBIND Remote Buffer Overflow / openldap-kbind-p00f.c - OpenLDAP kbind remote exploit Only works on servers compiled with --enable-kbind enable LDAPv2+ Kerberos IV bind deprecated no by Solar Eclipse Shoutouts to LSD for their l33t asm code and to all 0dd people Private 0dd code. ...
[NT] Selenium FTP Server Directory Traversal
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
r3mote_unix_wrapper.sh.txt
!/bin/sh Variables Ultra short URL where is located our additional code Max length : 8 chars SRC="zz.1.vg" Filename of the downloaded file Max length : 6 chars because of "-O" in wget FILE="./..." Target SAP server IP No restriction ;- TARGET="192.168.201.11" Set to /bin/echo to debug DEBUG="" So...
freewebshop222.txt
FreeWebshop '"alertdocument.cookie laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: [email protected]...
WarFTP Daemon < 1.82.00-RC13 Multiple Command Remote Format Strings
Binary data 3808.prm...
Sun Secure Global Desktop / Tarantella < 4.20.983 Multiple XSS
Sun Secure Global Desktop or Tarantella, a Java-based program for web-enabling applications running on a variety of platforms, is installed on the remote web server. According to the version reported in one of its scripts, the installation of the software on the remote host fails to sanitize...
Sun Secure Global Desktop / Tarantella < 4.20.983 Multiple XSS
Binary data 3760.prm...
OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service
OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service !/bin/bash OpenSSH CRC compensation attack detection DoS PoC. Tavis Ormandy Yes, I really did implement crc-32 in bash. usage: script victim hostname hostname=$1:-localhost port=$2:-22 where the fifo is created to communicate with netcat...
[SECURITY] [DSA 1169-1] New MySQL 4.1 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1169-1 [email protected] http://www.debian.org/security/ Martin Schulze September 5th, 2006 http://www.debian.org/security/faq -...
gtetrinet -- remote code execution
The Debian Security Team reports: Michael Gehring discovered several potential out-of-bounds index accesses in gtetrinet, a multiplayer Tetris-like game, which may allow a remote server to execute arbitrary code...
DSA-1163 gtetrinet - programming error
Bulletin has no description...