Lucene search
+L

359 matches found

Debian
Debian
added 2006/11/12 6:31 p.m.13 views

[SECURITY] [DSA 1209-1] New trac packages fix cross-site request forgery

-------------------------------------------------------------------------- Debian Security Advisory DSA 1209-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 12th, 2006 http://www.debian.org/security/faq -...

7AI score
Exploits0
OSV
OSV
added 2006/11/12 12:0 a.m.14 views

DSA-1209 trac

Bulletin has no description...

7.5CVSS6.3AI score0.02108EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.76 views

Debian DSA-1152-1 : trac - missing input sanitising

Felix Wiemann discovered that trac, an enhanced Wiki and issue tracking system for software development projects, can be used to disclose arbitrary local files. To fix this problem, python-docutils needs to be updated as well. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

6.8CVSS5.5AI score0.01864EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.24 views

Debian DSA-951-2 : trac - missing input sanitising

This update corrects the search feature in trac, an enhanced wiki and issue tracking system for software development projects, which broke with the last security update. For completeness please find below the original advisory text : Several vulnerabilities have been discovered in trac, an enhanc...

7.5CVSS5.7AI score0.03978EPSS
Exploits2References6
Debian
Debian
added 2006/08/18 9:19 a.m.36 views

[SECURITY] [DSA 1152-1] New trac packages fix information disclosure

-------------------------------------------------------------------------- Debian Security Advisory DSA 1152-1 [email protected] http://www.debian.org/security/ Martin Schulze August 18th, 2006 http://www.debian.org/security/faq -...

6.8CVSS6.3AI score0.01864EPSS
Exploits0
OSV
OSV
added 2006/08/18 12:0 a.m.20 views

DSA-1152 trac - missing input sanitising

Bulletin has no description...

6.8CVSS6.3AI score0.01864EPSS
Exploits0
PyPA
PyPA
added 2006/07/21 2:3 p.m.10 views

PYSEC-2006-2

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS6.3AI score0.01864EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2006/07/21 2:3 p.m.24 views

CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS6.2AI score0.01864EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2006/07/21 2:3 p.m.24 views

CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS5.9AI score0.01864EPSS
Exploits0References1
OSV
OSV
added 2006/07/21 2:3 p.m.3 views

DEBIAN-CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS6.3AI score0.01864EPSS
Exploits0References1
OSV
OSV
added 2006/07/21 2:3 p.m.11 views

CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.2AI score
Exploits0References9
OSV
OSV
added 2006/07/21 2:3 p.m.22 views

PYSEC-2006-2

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS5.2AI score0.01864EPSS
Exploits0References10
CVE
CVE
added 2006/07/19 1:0 a.m.65 views

CVE-2006-3695

Trac up to 0.9.5/0.9.6 era vulnerability: enabling reStructuredText functionality via docutils allows remote access to read arbitrary files, possible XSS, and denial of service due to not disabling the raw/include commands for untrusted users. No patch/version details are provided in the supplied...

6.8CVSS6.2AI score0.01864EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2006/07/19 1:0 a.m.44 views

CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS5.2AI score0.01864EPSS
Exploits0
Cvelist
Cvelist
added 2006/07/19 1:0 a.m.28 views

CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.2AI score0.01864EPSS
Exploits0References9
securityvulns
securityvulns
added 2006/07/11 12:0 a.m.33 views

[SA20958] Trac "reStructuredText" Directives Vulnerability

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Reversing must be a passion as your skills will be challenged on a daily basis and you will be working several hours everyday in IDA, Ollydbg, and with BinDiff. Often, it is also requir...

0.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/07/10 12:0 a.m.50 views

FreeBSD : trac -- reStructuredText breach of privacy and denial of service vulnerability (b0d61f73-0e11-11db-a47b-000c2957fdf1)

The Trac 0.9.6 Release Notes reports : Fixed reStructuredText breach of privacy and denial of service vulnerability found by Felix Wiemann. The discovered vulnerability requires docutils to be installed and enabled. Systems that do not have docutils installed or enabled are not vulnerable. As of...

7.5CVSS5.3AI score0.03978EPSS
Exploits2References6
FreeBSD
FreeBSD
added 2006/07/06 12:0 a.m.30 views

trac -- reStructuredText breach of privacy and denial of service vulnerability

The Trac 0.9.6 Release Notes reports: Fixed reStructuredText breach of privacy and denial of service vulnerability found by Felix Wiemann. The discovered vulnerability requires docutils to be installed and enabled. Systems that do not have docutils installed or enabled are not vulnerable. As of...

7.5CVSS6.4AI score0.03978EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.19 views

FreeBSD : trac -- Wiki Macro Script Insertion Vulnerability (400d9d22-d6c5-11da-a14b-00123ffe8333)

Secunia reports : A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed...

5.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.10 views

FreeBSD : trac -- search module SQL injection vulnerability (7289187b-66a5-11da-99f6-00123ffe8333)

Secunia reports : A vulnerability has been reported in Trac, which can be exploited by malicious people to conduct SQL injection attacks. Some unspecified input passed in the search module isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries b...

6AI score
Exploits0References2
Rows per page
Query Builder