178 matches found
CVE-2008-5754
Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file aka Session-File with a long second line, possibly a related issue to CVE-2008-5753...
BulletProof FTP Client - .bps Local Stack Overflow (PoC)
BulletProof FTP Client - .bps Local Stack Overflow PoC !/usr/bin/perl Bug : BulletProof FTP Client .bps Local Stack Overflow PoC Founded by : Mountassif Moad Greetz : All Freind Str0ke HOw to use = go to file after Load BP session & Enter and boom :d overflowing :d use warnings; use strict; my...
Hiki arbitrary file deletion vulnerability
Overview Hiki, a Wiki clone software developed by Hiki Development Team, contains a vulnerability that allows a remote attacker to delete arbitrary files. Hiki contains a vulnerability that allows an arbitrary file to be deleted on a server running Hiki. This is caused by the improper handling of...
CVE-2008-1657
OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file...
DEBIAN-CVE-2008-1657
OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file...
CVE-2008-1657
OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file...
Information disclosure
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
CVE-2008-1567
CVE-2008-1567 affects phpMyAdmin; version prior to 2.11.5.1 stores the MySQL username, password, and the Blowfish secret key in cleartext in a Session file under /tmp, enabling local users to obtain sensitive information. Connected advisories show patches upgrading to phpMyAdmin 2.11.9.4 (e.g., o...
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
PT-2008-3126 · Mysql Server · Phpmyadmin
Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions prior to 2.11.5.1 Description: The issue allows local users to obtain sensitive information, including the MySQL username, password, and the Blowfish secret key, which are stored in cleartext in a Session file under /tmp...
CVE-2006-6596
HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session HAW file, which can be automatically opened using Internet Explorer...
Grep with web vulnerability discovery-vulnerability warning-the black bar safety net
Grep with web vulnerability mining Text/SuperHeiAtph4nt0m.org 2006-03-08 a. The following grephttp://www.interlog.com/tcharron/grep.htmldoes not support the-r parameter,you can use the following format: grep-in "\include|require\" C:\test\. php C:\test\admin\. php You can also use cygwin...
[SA19211] CGI::Session Insecure Default Session File Permissions
TITLE: CGI::Session Insecure Default Session File Permissions SECUNIA ADVISORY ID: SA19211 VERIFY ADVISORY: http://secunia.com/advisories/19211/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CGI::Session 4.x http://secunia.com/product/8688/...
moodle142.txt
+------------------------------------------------------------------------------+ | | | Multiple Vulnerabilities in Moodle | | ================================== | | | | Author: Bartek Nowotarski | | Published: 2004-12-27 |...
CVE-2004-1425
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. dot dot in the file parameter...