5450 matches found
RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is Paul Oxman with Cisco PSIRT. For mitigations and workarounds, please consult the Cisco Security Response available at: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml Regards From: showrun.lee mailto:[email protected]...
Cisco ONS Control Card远程拒绝服务漏洞
BUGTRAQ ID: 33261 CVE ID:CVE-2008-3818 CNCVE ID:CNCVE-20083818 Cisco 15310-CL, 15310-MA, ONS 15327, ONS 15454, ONS 15454 SDH和ONS 15600硬件通过CTX, CTX2500, XTC, TCC/TCC+/TCC2/TCC2P, TCCi/TCC2/TCC2P和TSC控制卡管理,这些控制卡通常连接数据通信网络DCN,DCN用于在管理端点和网络实体进行管理信息传送。DCN的定义有时又叫为Management Communication Network...
Cisco VLAN Trunking Protocol Denial of Service Exploit
Exploit for hardware platform in category dos / poc ====================================================== Cisco VLAN Trunking Protocol Denial of Service Exploit ====================================================== /DoS code for Cisco VLAN Trunking Protocol Vulnerability vulerability discriptio...
Cisco - VLAN Trunking Protocol Denial of Service
Cisco - VLAN Trunking Protocol Denial of Service /DoS code for Cisco VLAN Trunking Protocol Vulnerability vulerability discription: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml To Known: 1.the switch must in Server/Client Mode. 2.the port ,attacker connected,must be in trunk...
Cisco VLAN Trunking Protocol Denial Of Service
/DoS code for Cisco VLAN Trunking Protocol Vulnerability vulerability discription: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml To Known: 1.the switch must in Server/Client Mode. 2.the port ,attacker connected,must be in trunk Mode. Cisco Ethernet ports with no configuration a...
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with t...
Hardcoded credentials
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with t...
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with t...
roundcube -- remote execution of arbitrary code
Entry for CVE-2008-5619 says: html2text.php in RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with the eval switch...
About Token Kidnapping Exp combat small mind-vulnerability warning-the black bar safety net
Is mainly for 0 to 3, 0 8, didn't get a chance during the installation. NET 2 0 0 0 on the test 2. Affected is your ASP. NET code is based on Full Trust to run, if permissions than Full Trust, it will not be affected 3. Combat can be a multi-script type: asp, aspx, php test, is actually to...
KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit
!-- KVIrc 3.4.2 Shiny uri handler remote command execution exploit by Nine:Situations:Group::strawdog Tested against IE8beta/WINxpsp3 software site: http://www.kvirc.net/?lang=en description: "KVIrc is a Multilanguage, graphical IRC-Client for Windows, Linux, Unix and Mac OS..." A command line...
Code injection
Unspecified vulnerability in the VLAN Trunking Protocol VTP implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service device reload or hang via a crafted VTP packet sent to a switch interface configured as a trunk...
kernel: local denial of service due to NT bit leakage
Linux kernel before 2.6.18, when running on x8664 systems, does not properly save or restore EFLAGS during a context switch, which allows local users to cause a denial of service crash by causing SYSENTER to set an NT flag, which can trigger a crash on the IRET of the next task...
Code injection
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router GSR devices aka 12000 Series routers allows remote attackers to cause a denial of service device crash via a malformed Protocol Independent Multicast PIM packet...
CVE-2008-3809
CVE-2008-3809 affects Cisco IOS on Gigabit Switch Router (GSR) devices; two PIM packet–driven DoS flaws may cause device reload/crash when PIM is enabled. Cisco released fixes; affected trains include 12.0 through 12.4, with listed First Fixed Release per train in the advisory. Workarounds exist ...
ICONICS Vessel / Gauge / Switch 8.02.140 ActiveX BOF Exploit (meta)
Exploit for unknown platform in category remote exploits =================================================================== ICONICS Vessel / Gauge / Switch 8.02.140 ActiveX BOF Exploit meta =================================================================== $Id: iconicsdlgwrapper.rb 1 2008-09-21...
ICONICS Vessel Gauge Switch 8.02.140 - ActiveX Buffer Overflow (Metasploit)
ICONICS Vessel Gauge Switch 8.02.140 - ActiveX Buffer Overflow Metasploit $Id: iconicsdlgwrapper.rb 1 2008-09-21 22:43:00Z kf $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
nss_ldap randomly replying with wrong user's data
Race condition in nssldap, when used in applications that are linked against the pthread library and fork after a call to nssldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong...
nss_ldap randomly replying with wrong user's data
Race condition in nssldap, when used in applications that are linked against the pthread library and fork after a call to nssldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong...
CVE-2008-1778
CVE-2008-1778 : The vulnerability is described as an unspecified issue in the floating point context switch implementation on Sun Solaris 9/10 for x86, potentially allowing a local user to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown ve...