5315 matches found
CVE-2008-1111
modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...
CVE-2008-1111
CVE-2008-1111 affects lighttpd 1.4.18 through the mod_cgi path. When a fork failure occurs, lighttpd may return the source code of the CGI script instead of a 500 error, potentially allowing remote attackers to obtain sensitive information (information disclosure). Connected documents indicate re...
DESlock+ <= 3.2.6 local kernel ring0 link list zero SYSTEM Exploit
Exploit for unknown platform in category local exploits ================================================================== DESlock+ DESlock+ include include include define DLMFENCIOCTL 0x0FA4204C define DLMFENCFLAG 0xC001D00D define DLKFDISKRIOCTL 0x80002008 define DLKFDISKSLOT 0x00000C5C define...
DSA-1494-1 linux-2.6 - privilege escalation
Bulletin has no description...
IPSwitch WS_FTP Server Manager / Whats Up unauthorized access
It's possible to access script files with localhostnull account without password. Scripts source code leak...
bcoosexoops-xss.txt
bcoos & E-xoops DevTracker module two variables XSS vendor url: http://www.bcoos.net Vendor url: http://www.e-xoops.com Advisore: http://lostmon.blogspot.com/2008/02/ bcoos-and-e-xoops-devtracker-module-two.html vendor notify:yes exploits available: YES bcoos and E-xoops are two content-community...
Safenet IPSecDrv.sys <= 10.4.0.12 Local kernel ring0 SYSTEM Exploit
No description provided by source. / safenet-ipsec-call.c Copyright c 2008 by [email protected] Safenet IPSecDrv.sys = 10.4.0.12 local kernel ring0 indirect call SYSTEM exploit by mu-b - Thu 03 Jan 2008 - Tested on: IPSecDrv.sys 10.4.0.12...
bloofox-multi.txt
WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! -...
Bloofox CMS SQL Injection (Authentication bypass) , Source code disclosure
WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! -...
Bloofox 0.3 (SQL/FD) Multiple Remote Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected...
bloofox 0.3 - SQL Injection / File Disclosure
WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! -...
Bloofox 0.3 (SQL/FD) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ==================================================== Bloofox 0.3 SQL/FD Multiple Remote Vulnerabilities ==================================================== WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilitie...
Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)
The remote host is missing an update to kernel-source-2.4.17, kernel-patch-2.4.17-mips announced via advisory DSA 332-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Debian Security Advisory DSA 114-1 (gnujsp)
The remote host is missing an update to gnujsp announced via advisory DSA 114-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1199-1 (webmin)
The remote host is missing an update to webmin announced via advisory DSA 1199-1. Several vulnerabilities have been identified in webmin, a web-based administration toolkit. CVE-2005-3912 A format string vulnerability in miniserv.pl could allow an attacker to cause a denial of service by crashing...
Debian Security Advisory DSA 169-1 (tomcat4)
The remote host is missing an update to tomcat4 announced via advisory DSA 169-1. OpenVAS Vulnerability Test $Id: deb1691.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 169-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-1064-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
miniweb-multi.txt
MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a single thread, supporting GET and POS...
Debian Security Advisory DSA 1064-1 (cscope)
The remote host is missing an update to cscope announced via advisory DSA 1064-1. Jason Duell discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through speciall...
Miniweb 0.8.19 - Multiple Vulnerabilities
MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a single thread, supporting GET and POS...