5051 matches found
Buffer overflow in MySQL < 3.23.31
Hi, all versions of MySQL 3.23.31 have a buffer-overflow which crashs the server and which seems to be exploitable ie. 4141414 in eip Problem : An attacker could gain mysqld privileges gaining access to all the databases Requirements : You need a valid login/password to exploit this Solution :...
[SECURITY] New version of nis released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 14, 2000 - ------------------------------------------------------------------------ Package : nis Problem type : local...
[SECURITY] New version of xchat released (update)
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman August 30, 2000 - ------------------------------------------------------------------------ Package : xchat Problem type : remote...
Splitvt exploit
Problem ======= Splitvt 1.6.3 contains a buffer overflow, if you have installed splitvt suid root like Debian/Redhat/etc, btw not slackware you should upgrade to 1.6.4. Solution ======= Debian users: see http://www.debian.org/security/2000/20000605a Redhat: Redhat did respond with a "that package...
[SECURITY] New version of bind released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman November 17, 1999 - ------------------------------------------------------------------------ The version bind that was distributed...
Excite for Web Server architext_query.pl Shell Metacharacter Arbitrary Command Execution
Excite for Webservers is installed. This CGI has a well-known security flaw that lets a remote attacker execute arbitrary commands with the privileges of the web server. Versions newer than 1.1. are patched. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
19H2_EOL
19H2EOL...
PT-2005-5562 · Gtk+ +1 · Gtk+ +1
Name of the Vulnerable Software and Affected Versions: GTK+ version 2.4.0 GTK+ versions prior to 2.8.6-r1 Description: The issue is related to an integer overflow in the GTK+ gdk-pixbuf XPM image rendering library, which can lead to a heap-based buffer overflow, allowing attackers to execute...
.NET 3.1 Update
None None...
XSS vulnerability on password reset page
Impact For Mautic versions prior to 3.3.4, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password...