DEBIAN-CVE-2011-4064

Cross-site scripting XSS vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value...

CVE-2011-4064

Cross-site scripting XSS vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value...

CVE-2011-4064

Cross-site scripting XSS vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value...

Mandriva Update for phpmyadmin MDVSA-2011:158 (phpmyadmin)

Check for the Version of phpmyadmin OpenVAS Vulnerability Test Mandriva Update for phpmyadmin MDVSA-2011:158 phpmyadmin Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

rtsp-methods NSE Script

Determines which methods are supported by the RTSP real time streaming protocol server. Script Arguments rtsp-methods.path the path to query, defaults to "" which queries the server itself, rather than a specific url. Example Usage nmap -p 554 --script rtsp-methods Script Output PORT STATE SERVIC...

UBUNTU-CVE-2011-3878

Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization...

Toshiba e-Studio (Multiple Devices) - Security Bypass

Toshiba e-Studio Multiple Devices - Security Bypass source: https://www.securityfocus.com/bid/50168/info Multiple Toshiba e-Studio devices are prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions and gain access in the context ...

XSS in setup.

PMASA-2011-16 Announcement-ID: PMASA-2011-16 Date: 2011-10-17 Summary XSS in setup. Description Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Severity We consider this...

Information disclosure

PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php...

ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

Fedora 16 : setup-2.8.36-1.fc16 (2011-10889)

dropped suplemental root's groups Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...

[SECURITY] Fedora 16 Update: setup-2.8.36-1.fc16

The setup package contains a set of important system configuration and setup files, such as passwd, group, and profile...

SSDownloader : 50 Free Essential Security Tools

SSDownloader : 50 Free Essential Security Tools SSDownloader is an easy-to-use tool which allows you to download up to 50 major security applications in just a few clicks. If you're setting up a new PC, for instance, then normally you might visit the websites of your favourite security vendors,...

SSDownloader : 50 Free Essential Security Tools

SSDownloader : 50 Free Essential Security Tools SSDownloader is an easy-to-use tool which allows you to download up to 50 major security applications in just a few clicks. If you're setting up a new PC, for instance, then normally you might visit the websites of your favourite security vendors,...

Fedora Update for system-config-firewall FEDORA-2011-9652

Check for the Version of system-config-firewall OpenVAS Vulnerability Test Fedora Update for system-config-firewall FEDORA-2011-9652 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

VulnCheck KEV: CVE-2009-1151

Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

CVE-2011-2506

setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal...

2Wire Password Reset

require 'msf/core' class Metasploit3 '2Wire Password Reset', 'Version' = '$Revision: 1 $', 'Description' = %Q This module will reset the admin password on a 2wire wireless router. This works by using a setup wizard page that fails to check if a user is authenicated and doesn't remove or block aft...

kernel: setup_arg_pages: diagnose excessive argument size

The setupargpages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIGSTACKGROWSDOWN is used, does not properly restrict the stack memory consumption of the 1 arguments and 2 environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of...

Nmap NSE net: netbus-info

Opens a connection to a NetBus server and extracts information about the host and the NetBus service itself. The extracted host information includes a list of running applications, and the hosts sound volume settings. The extracted service information includes it's access control list acl, server...