698 matches found
RHEL 4 : ruby (RHSA-2006:0427)
Updated ruby packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for object-oriented programming. A bug was found in the way Ruby creates its...
Network box netbox let the rookie easily have their own Super http Backdoor-vulnerability warning-the black bar safety net
A: Preface in today's Microsoft power era, looking for broilers has been not what difficult matter, a variety of fool tools greatly convenient for newbies in the invasion, but often the invasion is successful, how to do a good job the back door, put the broiler as long as the catch is often...
[BuHa-Security] Multiple Vulnerabilities in Mantis 1.00rc4
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 --------------------------------------------------- | BuHa Security-Advisory 7 | Feb 14th, 2006 | --------------------------------------------------- | Vendor | Mantis BT | | URL | http://www.mantisbt.org/ | | Version | = Mantis 1.00rc4 | | Risk ...
Mandrake Linux Security Advisory : ruby (MDKSA-2005:191)
Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C...
irb, ruby security update
CentOS Errata and Security Advisory CESA-2005:799-01 Updated ruby packages that fix an arbitrary command execution issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 25 Oct 2005 Errata has been updated to include...
Moderate: Red Hat Security Advisory: ruby security update
Updated ruby packages that fix an arbitrary command execution issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 25 Oct 2005 Errata has been updated to include missing packages for Red Hat Enterprise Linux 3. Ruby ...
Debian DSA-862-1 : ruby1.6 - programming error
Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The following matrix lists the fixed versions in our distributions : old stable woody...
RHEL 4 : php (RHSA-2005:748)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:748 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RPC Server package...
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RP...
Gaim < 1.2.1 Multiple Vulnerabilities
Binary data 2793.prm...
iDEFENSE Security Advisory 03.31.05: PHP getimagesize() Multiple Denial of Service Vulnerabilities
PHP getimagesize Multiple Denial of Service Vulnerabilities iDEFENSE Security Advisory 03.31.05 www.idefense.com/application/poi/display?id=222&type=vulnerabilities March 31, 2005 I. BACKGROUND PHP is a widely-used general-purpose scripting language that is especially suited for Web development a...
[Full-Disclosure] iDEFENSE Security Advisory 06.07.04: PHP Win32 escapeshellcmd() and escapeshellarg() Input Validation Vulnerability
PHP Win32 escapeshellcmd and escapeshellarg Input Validation Vulnerability iDEFENSE Security Advisory 06.07.04: www.idefense.com/application/poi/display?id=108&type=vulnerabilities June 7, 2004 I. BACKGROUND PHP is a widely-used general-purpose scripting language that is especially suited for Web...
PHP fails to filter ASCII control characters from string arguments of mail() function
Overview PHP does not properly filter parameters to its mail function. Description PHP is a scripting language widely used in web application development. PHP includes a function called mail that takes message parameters such as recipient address and sends mail using sendmail. PHP does not filter...
mIRC 6.0 - Scripting ASCTime Buffer Overflow
source: https://www.securityfocus.com/bid/5576/info mIRC is a chat client for the IRC protocol, designed for Microsoft Windows based operating systems. mIRC includes support for a scripting language. A buffer overflow vulnerability has been reported in the $asctime identifier, a function in the...
Php variables passed from the browser are stored in global context
Overview Php is a dynamic scripting language used by programmers to develop webservers, message boards, chat applications and a variety of programs. By default php stores variables passed from the URL in a global context. Programmers often fail to change this setting which can allow serious...
PHP remote format string vulnerabilities
OVERVIEW PHP is a commonly used HTML-embedded scripting language. Format string vulnerabilities exist in the error logging routines of PHP versions 3 and 4, allowing remote users to execute arbitrary code under the web server's user id. A web server having PHP installed and one or more PHP script...
PHP 3.04.0 - Error Logging Format String
PHP 3.04.0 - Error Logging Format String // source: https://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The...
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
source: https://www.securityfocus.com/bid/713/info The PHP/FI package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language...