Mailmarshal mail gateway directory traversal

Vulnerable outdated ported version of 'tar' utility is used, making it's possible to overwrite system files via directory traversal vulnerability...

Subversion (SVN) < 1.4.5 Directory Traversal Privilege Escalation (deprecated)

Binary data 4198.prm...

irc/bitchx -- multiple vulnerabilities

bannedit reports: Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable. Nico Golde reports: There is a security issue in ircii-pana in bitchx' hostname command. The ehostname function...

Adonis TFTP directory traversal

User with privileges to manage TFTP configuration can upload system files...

NCTAudioStudio2 - ActiveX DLL 2.6.1.148 CreateFile() Insecure Method

NCTAudioStudio2 - ActiveX DLL 2.6.1.148 CreateFile Insecure Method -------------------------------------------------------------------------------------------------- NCTAudioStudio2 ActiveX DLL NCTWavChunksEditor2.dll v. 2.6.1.148 "CreateFile"Insecure Method url:...

TFTPdWin 0.4.2 Server Directory Traversal Vulnerability

Title ----- TFTPdWin 0.4.2 Server Directory Traversal Vulnerability Severity -------- High Date Discovered --------------- 3/15/2007 Vendor Notified --------------- 3/26/2007 - No Response Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team - r@b13s Vulnerability...

Directory traversal

Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. dot dot in the resource parameter...

CVE-2007-2048

CVE-2007-2048 affects webMethods Glue prior to and including 6.5.1, specifically the Management Console’s /console. The vulnerability arises from insufficient validation of the resource parameter, allowing a directory traversal via .. to read arbitrary server files. Impact is reading sensitive fi...

LedgerSMB/SQL-Ledger login本地文件包含和验证绕过漏洞

SQL-Ledger/LedgerSMB是开源的ERP系统。 SQL-Ledger/LedgerSMB不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是'am.pl'脚本对用户提交的'login'参数缺少过滤，提交恶意脚本代码作为参数数据，并诱使用户访问，可导致获得目标用户敏感信息。 SQL-Ledger SQL-Ledger 2.6.26 SQL-Ledger SQL-Ledger 2.6.25 SQL-Ledger SQL-Ledger 2.6.21 SQL-Ledger SQL-Ledger 2.6.19 SQL-Ledger SQL-Ledge...

Microsoft Internet Explorer 6 - Local File Access

Microsoft Internet Explorer 6 - Local File Access source: https://www.securityfocus.com/bid/22621/info Microsoft Internet Explorer is reportedly prone to multiple local file-access weaknesses because the application fails to properly handle HTML tags. These issues are triggered when an attacker...

[Full-disclosure] Arbitrary file disclosure vulnerability in IP3 NetAccess &lt; 4.1.9.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I - TITLE Security advisory: Arbitrary file disclosure vulnerability in IP3 NetAccess leads to full system compromise II - SUMMARY Description: Arbitrary file disclosure vulnerability in IP3 NetAccess leads to full system compromise Author: Sebastian...

CVE-2007-0469 RubyGems: Specially-crafted Gem archive can overwrite system files

The extractfiles function in installer.rb in RubyGems before 0.9.1 does not check whether files exist before overwriting them, which allows user-assisted remote attackers to overwrite arbitrary files, cause a denial of service, or execute arbitrary code via crafted GEM packages...

avm-traversal.txt

Description The "AVM IGD CTRL Service", a Universal Plug and Play UPNP service for windows, which is part of the software package "Fritz!DSL Software 02.02.29" provides the possibility to read any file on the windows system partition for any user - no matter how much restricted rights the user...

Total Commander任意文件删除漏洞

Total Commander是一款磁盘文件管理软件。 Total Commander存在输入验证错误，本地攻击者可以利用漏洞删除任意系统文件。 问题是Total Commander处理恶意构建的RAR文件存在问题，由于输入验证问题，可导致删除或者破坏系统文件，造成拒绝服务攻击。 Total Commander Total Commander 升级程序： Total Commander Total Commander 0 Total Commander Total Commander 6.56 http://www.ghisler.com/download.htm...

Php Download Download.PHP目录遍历漏洞

Php Download是一款基于PHP的WEB应用程序，如提供下载管理。 Php Download不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限查看系统文件内容。 问题是由于'Download.PHP'脚本对用户提交的WEB参数缺少过滤，提交包含多个"../"字符作为参数数据，可绕过WEB ROOT限制，以WEB进程权限查看系统文件内容。 Php download http://www.threesquared.net/index.php?page=portfolio&i=dllscript...

PHPBB2多个本地文件包含漏洞

PHPBB2是一款基于PHP的论坛程序。 PHPBB2不充分过滤用户提交的URI输入，远程攻击者可以利用漏洞以WEB进程权限查看系统文件内容。 问题是多个脚本对用户提交的WEB参数缺少过滤，提交包含多个"../"字符作为参数数据，可绕过WEB ROOT限制，以WEB进程权限查看系统文件内容。 phpBB2 phpBB2 Plus 2.0.13 + phpBB Group phpBB 2.0.13 + phpBB Group phpBB 2.0.12 http://www.phpbb2.de/...

IBM AIX cfgmgr工具本地权限提升及任意文件覆盖漏洞

IBM AIX是一款商业性质的UNIX操作系统。 AIX的cfgmgr工具的实现上存在缓冲区漏洞，本地攻击者可能利用此漏洞提升权限或导致文件覆盖。 如果system组的用户提交了大于长度2K的目录路径字符串做为参数的话，就会触发这个漏洞，导致覆盖任意系统文件或以root用户权限执行任意指令。 IBM AIX 5.3 IBM AIX 5.2 厂商补丁： IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： ftp://aix.software.ibm.com/aix/efixes/security/cfgmgrifix.tar.Z...

Adobe Version Cue 1.0/1.0.1 Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl Adobe Version Cue VCNativeOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program writes data to a log file in the current working directory while running as setuid root. the logfile is formated...

Mac OS X Panther Internet Connect Local Root Exploit

No description provided by source. Date: 25.07.2004 Author: B-r00t. 2004. Email: B-r00t br00t blueyonder co uk Vendor: Apple Operating System: OSX Panther Possibly Previous Versions. Application: Internet Connect.app Tested: Panther 10.3.4 Internet Connect v1.3 Problem: Internet Connect allows an...

ipcheck.txt

Directory Traversal vulnerability in IPCheck Monitor Server -------------------------------------- Overview A directory traversal vulnerability has been identified in IPCheck Server Monitor Free/Trial/Professional, which may be exploited by potential attackers to retrieve files from the underlyin...