2293 matches found
Gallery 1.4.4 - Remote Server-Side Script Execution
Gallery 1.4.4 - Remote Server-Side Script Execution source: https://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the...
apache2 -- SSL remote DoS
The Apache HTTP Server 2.0.51 release notes report that the following issues have been fixed: A segfault in modssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. CAN-2004-0751 A potential infinite loop in modssl which could be triggered given...
[UNIX] Singapore MD5 Administrative Password Disclosure
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
CVE-2004-1077
Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive...
CVS Client Traversal Arbitrary File Retrieval
According to its version number, the remote CVS server has a directory directory traversal vulnerability. This could allow a malicious client to read files outside of the CVS root. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12212; scriptversion "1.16";...
security flaw
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...
YabbSE (3 on 1)
Summary YaBB SE is a PHP/MySQL port of the popular forum software YaBB yet another bulletin board. This time we discovered three new holes. That ranges from extracting information to deleting information and files in the remote web server. Details Vulnerable Systems: YaBB SE versions 1.5.4, 1.5.5...
Remote server crash in Team Factor <= 1.25
Luigi Auriemma Application: Team Factor aka US Special Forces http://www.teamfactor.co.uk/ http://ms7fx.iccc.cz/teamfactor/ Versions: = 1.25 note: 1.25 and 1.25m uses the same vulnerable exe Platforms: Windows and Linux Bug: reading of unallocated memory crash Risk: high Exploitation: remote,...
DSA-447 hsftp - format string
Bulletin has no description...
GoodTech Telnet Server 4.0 - Remote Denial of Service
GoodTech Telnet Server 4.0 - Remote Denial of Service source: https://www.securityfocus.com/bid/9337/info GoodTech Telnet Server is reportedly prone to a denial of service vulnerability. This condition occurs prior to authentication when excessive data is received by the server. Exploitation coul...
SGDynamo sgdynamo.exe HTNAME Parameter Path Disclosure
The CGI 'sgdynamo.exe' can be tricked into giving the physical path to the remote web root. This information may be useful to an attacker who can use it to launch more effective attacks against the remote server. %NASLMINLEVEL 70300 This script written by Scott Shebby 12/2003 See the Nessus Scrip...
Apache Double Slash GET Request Forced Directory Listing
It is possible to obtain the listing of the content of the remote web server root by sending the request 'GET // HTTP/1.0' This vulnerability usually affects the default Apache configuration which is shipped with Red Hat Linux, although it might affect other Linux distributions or other web serve...
PHP < 4.3.3 Multiple Vulnerabilities
The remote host is running a version of PHP that is older than 4.3.3. All versions of PHP 4 older than 4.3.3 contain multiple integer overflow vulnerabilities that may allow an attacker to execute arbitrary commands on this host. Another problem may also invalidate safemode. %NASLMINLEVEL 70300 C...
MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
According to its banner, the version of MySQL installed on the remote host fails to validate the length of a user-supplied password in the 'User' table in the 'getsaltfrompassword' function. Using a specially crafted value for a new password, an authenticated attacker with the 'ALTER DATABASE'...
Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun
Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun source: https://www.securityfocus.com/bid/8566/info A vulnerability has been reported for various Roger Wilco server releases. The problem occurs server-side, and can be triggered when processing malformed client packets. Specifically, when...
Proxy Authentication Header Information Leakage
When curl connected to a site via an HTTP proxy with the CONNECT request, the user and password used for the proxy connection was also sent off to the remote server...
CURL-CVE-2003-1605 Proxy Authentication Header Information Leakage
When curl connected to a site via an HTTP proxy with the CONNECT request, the user and password used for the proxy connection was also sent off to the remote server...
WU-FTPD fb_realpath() Function Off-by-one Overflow
The remote WU-FTPD server seems to be vulnerable to an off-by-one overflow when dealing with huge directory structures. An attacker may exploit this flaw to obtain a shell on this host. Note that Nessus has solely relied on the banner of the remote server to issue this warning so it may be a...
Psunami.CGI Command Execution
The remote host is hosting Psunami.CGI There is a flaw in this CGI which allows an attacker to execute arbitrary commands with the privileges of the HTTP server by making a request like : /psunami.cgi?action=board&board=1&topic=|id| %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2003-0322
Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service crash...