Lucene search
+L

3756 matches found

cert
cert
added 2004/01/14 12:0 a.m.19 views

Whale Communications e-Gap security appliance discloses source code via HTTP TRACE Method

Overview Whale communications e-Gap security appliance is a tool to provide a secure remote web access platform. A vulnerability exists that may permit a remote attacker to gain access to the source code of the login page. Description Whale communications e-Gap security appliance version 2.5...

7.2AI score
Exploits0References1
nvd
nvd
added 2003/12/31 5:0 a.m.14 views

CVE-2003-1127

Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor...

5CVSS6.9AI score0.02026EPSS
Exploits1References4
cert
cert
added 2003/01/24 12:0 a.m.28 views

Web servers enable HTTP TRACE method by default

Overview The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. Attackers could leverage this behavior to access sensitive information, such as cookies or authentication data, contained in the HTTP headers of the request. Description The HTTP...

6.8AI score
Exploits0References14
atlassian
atlassian
added 2002/05/22 12:31 p.m.26 views

Problem when signing up for new user Account from login page

I signed up for a new user account from the login page, filled in a username, password, name and e-mail. Then I tried to login with the new username and got this exception: java.lang.NullPointerException at com.opensymphony.module.user.User.getGroupsUser.java:94 at...

0.4AI score
Exploits0Affected Software1
cve
cve
added 2002/03/09 5:0 a.m.47 views

CVE-2000-0615

CVE-2000-0615 : LPRng 3.6.x improperly installs lpd as setuid root, allowing local users to append lpd trace and logging messages to files. The connected documents confirm the vulnerability is a local privilege issue tied to the lpd binary running with root privileges. No explicit exploit details...

2.1CVSS6.8AI score0.00477EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2002/02/02 5:0 a.m.25 views

CVE-2001-1041

oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace .trc file that is created in an alternate home directory identified by the ORACLEHOME environment variable...

6AI score0.00584EPSS
Exploits0References4
exploitpack
exploitpack
added 2001/12/18 12:0 a.m.18 views

QPopper 4.0.x - PopAuth Trace File Shell Command Execution

QPopper 4.0.x - PopAuth Trace File Shell Command Execution source: https://www.securityfocus.com/bid/3710/info Qpopper is a freely available, open source Post Office Protocol server. It is maintained and distributed by Qualcomm. When popauth is executed with the trace option, it does not correctl...

0.2AI score
Exploits0
exploitdb
exploitdb
added 2001/12/18 12:0 a.m.31 views

QPopper 4.0.x - PopAuth Trace File Shell Command Execution

source: https://www.securityfocus.com/bid/3710/info Qpopper is a freely available, open source Post Office Protocol server. It is maintained and distributed by Qualcomm. When popauth is executed with the trace option, it does not correctly handle user-supplied input. A user can supply data to the...

7.4AI score
Exploits0
nvd
nvd
added 2001/08/31 4:0 a.m.22 views

CVE-2001-1041

oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace .trc file that is created in an alternate home directory identified by the ORACLEHOME environment variable...

2.1CVSS6AI score0.00584EPSS
Exploits0References4
exploitpack
exploitpack
added 2001/08/17 12:0 a.m.11 views

Sendmail 8.118.12 Debugger - Arbitrary Code Execution (2)

Sendmail 8.118.12 Debugger - Arbitrary Code Execution 2 // source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for...

0.1AI score
Exploits0
exploitdb
exploitdb
added 2001/08/17 12:0 a.m.31 views

Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (3)

source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments supplied from the command line with t...

7AI score
Exploits0
cve
cve
added 2001/05/07 4:0 a.m.48 views

CVE-2000-0309

Public technical details about CVE-2000-0309 are not provided in the connected documents. The initial entry notes a local DoS in OpenBSD 2.4 with DDB, but no further technical specifics or fixes are included here. Monitor for updates.

2.1CVSS6.6AI score0.00266EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2001/05/07 4:0 a.m.22 views

CVE-2000-0309

The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service...

6.2AI score0.00266EPSS
Exploits0References2
nvd
nvd
added 2001/03/12 5:0 a.m.19 views

CVE-2000-0309

The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service...

2.1CVSS6.2AI score0.00266EPSS
Exploits0References2
ptsecurity
ptsecurity
added 1970/01/01 12:0 a.m.6 views

PT-2009-6753 · Opensuse +2 · Pcfclock-Kmp-Trace +18

Name of the Vulnerable Software and Affected Versions: dazuko-kmp-debug affected versions not specified kvm-kmp-trace affected versions not specified aufs-kmp-debug affected versions not specified ofed-kmp-debug affected versions not specified kqemu-kmp-debug affected versions not specified...

7.8CVSS5.5AI score0.33491EPSS
Exploits9References156
mskb
mskb
added 1970/01/01 12:0 a.m.7 views

Update rollup 8.0.11049.0 for Microsoft Monitoring Agent (KB4015075)

None None...

5.8AI score
Exploits0
Rows per page
Query Builder