1394 matches found
IBM Cognos Express Server Backdoor Account Remote Code Execution
Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...
OneOrZero Helpdesk default_language Local File Inclusion
The remote host is running OneOrZero Helpdesk, a web-based helpdesk application written in PHP. The version of OneOrZero Helpdesk installed on the remote host fails to filter input to the 'defaultlanguage' variable in the 'common/login.php' script before using it to include PHP code. Provided PHP...
Preemptive Protection against HP OpenView Node Manager Remote Code Execution Vulnerability
HP OpenView Network Node Manager NNM is a software application designed for management, maintenance and monitoring of networks and network devices. The application fails to properly check crafted HTTP requests. By sending a specially-crafted overly long HTTP GET request, a remote unauthenticated...
Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities
WwW.BugReport.ir AmnPardaz Security Research Team Title: Web Wiz Rich Text EditorTM Vendor: http://www.webwizguide.com/ Bug: Directory traversal + HTM/HTML file creation on the server Vulnerable Version: 4.0 Exploit: Available Fix Available: No! Fast Solution is available. - Description: Web Wiz...
CVE-2007-5508
CVE-2007-5508 concerns the CTXSYS Intermedia/Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3. The vulnerability enables SQL injection via six procedures (THEMES, GIST, TOKENS, FILTER, HIGHLIGHT, MARKUP), with remote authenticated users able to execute arbitrary SQL comman...
krb5 security update
CentOS Errata and Security Advisory CESA-2007:0858 Updated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 07 Sep 2007 The initial fix for...
BASE Multiple Script BASE_path Parameter Remote File Inclusion
The remote host is running BASE, a web-based tool for analyzing alerts from one or more SNORT sensors. The version of BASE installed on the remote host fails to sanitize input to the 'BASEpath' parameter before using it in PHP includeonce function in several scripts. Provided PHP's...
MyServer HTTP POST Request Remote Overflow DoS
The remote host is running MyServer, an open source web server. The installed version is vulnerable to remote denial of service attack. Using a specially crafted HTTP POST request to 'index.html' when 'View' is set to 'Logon', an unauthenticated, remote attacker can cause the server to stop...
LPRng use_syslog() Remote Format String Arbitrary Command Execution
LPRng seems to be running on this port. Versions of LPRng prior to 3.6.24 are missing format string arguments in at least two calls to 'syslog' that handle user-supplied input. Using specially crafted input with format strings, an unauthenticated, remote attacker may be able to leverage these...
Lotus Notes SMTP Server HELO Command Overflow DoS
It was possible to perform a denial of service against the remote SMTP server by sending it two HELO commands followed by a too long argument. This allows an unauthenticated, remote attacker to deny service to legitimate users of the server. C Tenable Network Security, Inc. include"compat.inc";...
Multiple Vendor FTP Multiple PASV Command Port Exhaustion DoS
The remote FTP server allows users to make any amount of PASV commands, thus blocking the free ports for legitimate services and consuming file descriptors. An unauthenticated attacker could exploit this flaw to crash the FTP service. C Tenable Network Security, Inc. include"compat.inc"; if...
Security Update for Microsoft .NET Framework 1.1 SP1 on Windows Server 2003 and Windows Server 2008 for IA64 (KB2656353)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Security Update for Windows Server 2008 (KB961371)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Security Update for Windows XP (KB979482)
A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...