Lucene search
+L

1908 matches found

Tenable Nessus
Tenable Nessus
added 2004/10/21 12:0 a.m.39 views

SUSE-SA:2004:037: kernel

The remote host is missing the patch for the advisory SUSE-SA:2004:037 kernel. An integer underflow problem in the iptables firewall logging rules can allow a remote attacker to crash the machine by using a handcrafted IP packet. This attack is only possible with firewalling enabled. We would lik...

7.5CVSS5.4AI score0.11508EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2004/09/24 12:0 a.m.23 views

GLSA-200409-32 : getmail: Filesystem overwrite vulnerability

The remote host is affected by the vulnerability described in GLSA-200409-32 getmail: Filesystem overwrite vulnerability David Watson discovered a vulnerability in getmail when it is configured to run as root and deliver mail to the maildirs/mbox files of untrusted local users. A malicious local...

2.1CVSS5.9AI score0.00392EPSS
Exploits0References5
seebug.org
seebug.org
added 2004/08/24 12:0 a.m.21 views

MusicDaemon <= 0.0.3 v2 Remote DoS and /etc/shadow Stealer

No description provided by source. / MusicDaemon = 0.0.3 v2 Remote /etc/shadow Stealer / DoS Vulnerability discovered by: Tal0n 05-22-04 Exploit code by: Tal0n 05-22-04 Greets to: atomix, vile, ttl, foxtrot, uberuser, d4rkgr3y, blinded, wsxz, serinth, phreaked, h3x4gr4m, xaxisx, hex, phawnky,...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.18 views

Cfengine CAUTH Command Remote Format String

Cfengine is running on this remote host. Cfengine contains a component, cfd, which serves as a remote-configuration client to cfengine. This version of cfd contains several flaws in the way that it calls syslog. As a result, trusted hosts and valid users if access controls are not in place can...

10CVSS6.2AI score0.02525EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/17 12:0 a.m.41 views

WU-FTPD ABOR Command Arbitrary File Access

The version of WU-FTPD running on the remote host contains a flaw that may allow a malicious user to gain access to unauthorized privileges. Specifically, there is a flaw in the way that the server handles an ABOR command after a data connection has been closed. The flaw is within the dologout...

5CVSS6AI score0.01522EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2004/08/04 12:0 a.m.39 views

OpenFTPd 0.30.1 - message system Remote Shell

/ shouts to mitakeet :D exploit for openftpd format string bug. tested on most current version only. -infamous42md AT hotpop DOT com is real email only tricky part is find a place to stick the shell, as there isn't enough room to send it with the format string. thankfully when using the 'site msg...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.19 views

SuSE-SA:2004:019: dhcp/dhcp-server

The remote host is missing the patch for the advisory SuSE-SA:2004:019 dhcp/dhcp-server. The Dynamic Host Configuration Protocol DHCP server is used to configure clients that dynamically connect to a network WLAN hotspots, customer networks, .... The CERT informed us about a buffer overflow in th...

6.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.26 views

RHEL 2.1 : pam (RHSA-2003:028)

Updated PAM packages are now available. These packages correct a bug in pamxauth's handling of authorization data for the root user. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS The pamxauth module is used to forward xauth information from...

7.2CVSS5.6AI score0.00431EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/06/30 4:0 a.m.27 views

CVE-2004-0622

Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login aka Loginwindow.app, Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory...

5.7AI score0.00356EPSS
Exploits0References5
securityvulns
securityvulns
added 2004/06/15 12:0 a.m.52 views

IRIX syssgi system call vulnerability and other security fixes

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: syssgi system call vulnerability and other security fixes Number: 20040601-01-P Date: June 14, 2004 Reference: SGI BUG 914420, CVE CAN-2004-0135 Reference: SGI BUG 912601, CVE CAN-2004-0136 Reference: SGI BUG 907407, CVE CAN-2004-013...

7.2CVSS0.4AI score0.00355EPSS
Exploits0
Exploit DB
Exploit DB
added 2004/04/23 12:0 a.m.41 views

Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Memory Read

/ source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user to obtain kernel memory contents. Additionally it is reported that a root use...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/03/17 12:0 a.m.20 views

AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow (2)

AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow 2 // source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/25 12:0 a.m.11 views

MTools 3.9.x - MFormat Local Privilege Escalation

MTools 3.9.x - MFormat Local Privilege Escalation source: https://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/02/23 12:0 a.m.44 views

Proofpoint protection server unauthorized access

User root with empty password can access mySQL...

4.2AI score
Exploits0References1
securityvulns
securityvulns
added 2004/02/23 12:0 a.m.32 views

[Full-Disclosure] Proofpoint Protection Server remote MySQL root user vulnerability

Product: Protection Server Version: unknown/Red Hat Linux Developer: Proofpoint URL: www.proofpoint.com Summary: The MySQL server may be remotely access by the "root" user without using a password. Details: The Proofpoint Protection Server is a software product to filter spam and other e-mail...

Exploits0
NVD
NVD
added 2004/02/06 5:0 a.m.12 views

CVE-2004-2073

Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command...

7.2CVSS6.6AI score0.03063EPSS
Exploits1References6
FreeBSD
FreeBSD
added 2003/12/01 12:0 a.m.15 views

pound remotely exploitable vulnerability

An unknown remotely exploitable vulnerability was disclosed. Robert Segall writes: a security vulnerability was brought to my attention many thanks to Akira Higuchi. Everyone running any previous version should upgrade to 1.6 immediately - the vulnerability may allow a remote exploit. No exploits...

1.2AI score
Exploits0References1
Core Security
Core Security
added 2003/09/18 12:0 a.m.31 views

Multiple IBM DB2 Stack Overflow Vulnerabilities

Advisory ID Internal CORE-2003-0531 Vulnerability Information: Date Published: 2003-09-18 Last Update: 2003-09-17 Advisory ID: CORE-2003-0531 Bugtraq ID:8552, 8553 CVE Name:CAN-2003-0758, CAN-2003-0759 Title: Multiple IBM DB2 Stack Overflow Vulnerabilities Class: Boundary Error Condition Buffer...

7.4AI score
Exploits0
NVD
NVD
added 2003/08/07 4:0 a.m.15 views

CVE-2003-0473

Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications...

10CVSS6.5AI score0.02345EPSS
Exploits0References4
securityvulns
securityvulns
added 2003/08/04 12:0 a.m.33 views

SRT2003-08-01-0126 - cdrtools local root exploit

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...

1AI score
Exploits0
Rows per page
Query Builder