Clear iSpot / Clearspot 2.0.0.0 Cross Site Request Forgery

Trustwave's SpiderLabs Security Advisory TWSL2010-008: Clear iSpot/Clearspot CSRF Vulnerabilities https://www.trustwave.com/spiderlabs/advisories/TWSL2010-008.txt Published: 2010-12-10 Version: 1.0 Vendor: Clear http://www.clear.com Products: iSpot / ClearSpot 4G http://www.clear.com/devices...

Serv-U7 provide the right experience Essentials-vulnerability warning-the black bar safety net

Since the author is lazy, does not provide log cleanup feature, it will leave a log: One, the su7 is the right there are several? There are two forms to get rid of su7 in. 1, login to the Administrator Console page ==get the OrganizationId for Add User ==get the global user of the“next new user I...

RoarSmithinfo2www远程执行任意命令漏洞

BugCVE: CVE-1999-0266 BUGTRAQ: 1995 “info2www”是一个将GNU Info文本转化成HTML文件的CGI程序。 某些早期版本的info2www脚本实现上存在输入验证漏洞，远程攻击者可以利用此漏洞以Web进程的权限在主机上 执行任意系统命令。 问题在于程序脚本没有过滤用户输入中包含的一些shell元字符，远程攻击者可能以Web守护程序的权限（root或nobody）在主机上执行任意程序。 1.0-1.1 临时解决方法： 如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁：...

ls-exec.txt

Special Greetings To - Timq,Warpboy,The-Maggot File: index.php Affects: LS simple guestbook v1 Date: 15th April 2007 Issue Description: =========================================================================== LS simple guestbook fails to sanitize user input that it writes to the posts.txt file...

The Windows environment via the MySQL to the SYSTEM status perform system commands-bug warning-the black bar safety net

Some time ago two about MySQL vulnerabilities in the MySQL CREATE FUNCTION mysql. func table allows injecting arbitrary function library vulnerability, the MySQL CREATE FUNCTION libc library allows arbitrary code execution vulnerabilities of a careful study of these two vulnerabilities, you can...

Limbo CMS Multiple Vulnerabilities

The remote web server contains a PHP application that is affected by numerous vulnerabilities. Description : The remote host is running Limbo CMS, a content-management system written in PHP. The remote version of this software is vulnerable to several flaws including : - If registerglobals is off...

nbSMTP 0.99 - 'util.c' Client-Side Command Execution

/ nbSMTPfsexp.c nbSMTP v0.99 remote format string exploit by CoKi root@nosystem:/home/coki/audi ./nbSMTPfsexp nbSMTP v0.99 remote format string exploit by CoKi Use: ./nbSMTPfsexp options options: -t type of target system -r return address -s shellcode address -o offset -l targets list...

Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/13537/info A buffer overflow vulnerability exists in the htdigest utility included with Apache. The vulnerability is due to improper bounds checking when copying user-supplied realm data into local buffers. By supplying an overly long realm value to th...

Trillian Basic 3.0 - .png Image Processing Buffer Overflow

Trillian Basic 3.0 - .png Image Processing Buffer Overflow See-security Technologies ltd. http://www.see-security.com Trillian 3.0 PNG Image Processing Buffer overflow Exploit Discovered and coded by: Tal zeltzer import sys import struct Addresses are compatible with Windows XP Service Pack 1...

RHEL 2.1 : krb5 (RHSA-2003:021)

Updated packages fix a vulnerability found in the Kerberos FTP client distributed with the Red Hat Linux Advanced Server krb5 packages. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1. For Advanced Workstation 2.1 these packages also fix CVE-2002-1235 as described in...

JBoss 3.0.8/3.2.1 - HSQLDB Remote Command Injection

source: https://www.securityfocus.com/bid/8773/info A remote command-injection vulnerability has been reported in JBoss. The issue is reportedly exposed via the HSQLDB component, which is a SQL database server that manages JMS connections. Because of a number of flaws, an attacker can pass comman...

S8Forum 3.0 - Remote Command Execution

source: https://www.securityfocus.com/bid/6547/info S8Forum is prone to a remote command execution vulnerability. When a user registers with the forum, a file is created locally with the specified username. The contents of this file will be the data entered by the user. As a result, a malicious...

PHP-Nuke allows Command Execution & Much more

Hi All! I've found a serious security flaw in PHP-Nuke. It allows user to execute any PHP code. The flaw is in the index.php's include file feature. It allows including files like index.php?file=file It prevents users including ..'s in URL's, but it didn't prevent users from entering http://-urls...

IBM NetCommerce Security

hola friends, while i was participating on the openhack contest i found a couple of serious security-holes within ibm s so called "netcommerce" thing which seems to be a mixture of websphere, net.data, servlets, jsp s and db2? however..summary: class: input validation error remote: yes local: yes...

Technote 2000/2001 - 'Filename' Command Execution / File Disclosure

source: https://www.securityfocus.com/bid/2156/info Technote Inc. offers a multi-communication Package that includes a web board type of service. A script that ships with Technote, 'main.cgi', accepts a parameter called 'filename'. This remotely supplied variable is used as a filename when the op...

MDKSA-2000:041 - xpdf update

Linux-Mandrake Security Update Advisory Package name: xpdf Date: August 29th, 2000 Advisory ID: MDKSA-2000:041 Affected versions: 6.0, 6.1, 7.0, 7.1 Problem Description: There is a potential race condation when using tmpnam and fopen in xpdf versions prior to 0.91. This exploit can be only used a...

Corel Linux OS 1.0 - Dosemu Distribution Configuration

source: https://www.securityfocus.com/bid/1030/info A vulnerability exists in the configuration of Dosemu, the DOS emulator, as shipped with Corel Linux 1.0. Dosemu documentation cautions that the system.com binary should not be made available to users, as it implements the system libc call. User...