1763 matches found
[Full-disclosure] RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability
OS2A RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability OS2A ID: OS2A1004 Status 01/06/2006 Issue Discovered 01/06/2006 Reported to the vendor 01/19/2006 Patch Released 01/20/2006 Advisory Released Class: Denial of Service / Script Injection Severity: CRITICAL...
IMail IMAP LOGIN special character vulnerability
Added: 01/04/2006 CVE: CVE-2005-1255 BID: 13727 OSVDB: 16804 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring. Problem A remote attacker could execute arbitrary commands by sending a long specially crafte...
NetAuctionHelp v3.0 XSS Vuln
NetAuctionHelp v3.0 XSS Vuln Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/netauctionhelp-v30-xss-vuln.html vendor:http://www.netauctionhelp.com/ affected version:v3.0 and prior Product Description: NetAuctionHelp provides auction site source code...
MailEnable IMAP W3C Logging Buffer Overflow
Added: 12/03/2005 CVE: CVE-2005-3155 BID: 15006 OSVDB: 19842 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's IMAP service...
Hummingbird InetD LPD buffer overflow
Added: 11/29/2005 CVE: CVE-2005-1815 BID: 13788 OSVDB: 16957 Background Hummingbird InetD implements common UNIX services on Windows platforms. Problem The Hummingbird InetD LPD service is affected by a buffer overflow which allows remote command execution. Resolution Apply the patch. References...
MailEnable IMAP STATUS buffer overflow
Added: 11/29/2005 CVE: CVE-2005-2278 BID: 14243 OSVDB: 17844 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem A buffer overflow in the...
[SA17659] Jetty JSP Source Code Disclosure Vulnerability
TITLE: Jetty JSP Source Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA17659 VERIFY ADVISORY: http://secunia.com/advisories/17659/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Jetty 5.x http://secunia.com/product/6169/ DESCRIPTION: A...
WinAce2605.txt
=========================================================================== Application: WinAce http://www.winace.com/ Versions: 2.6.0.5 Platforms: Windows Bug: buffer-overflow Exploitation: local Date: Jul 22 2004 Author: ATmaCA e-mail: [email protected] web: http://www.atmacasoft.com Credit:...
Remote IIS 5.x and IIS 6.0 Server Name Spoof
Remote IIS 5.x and IIS 6.0 Server Name Spoof It is possible to remotely spoof the "SERVERNAME" Microsoft® Internet Information Server® 5.0, 5.1 and 6.0 server variable by doing a modified HTTP request. Thus potentially revealing sensitive ASP code through the IIS 500-100.asp error page, the spoof...
ASP-Nuke RC2 存在跨站脚本(CSS/XSS)执行漏洞
BugCVE: CAN-2002-0521 BUGTRAQ: 4477 ASP-Nuke是一款基于WEB的系统架构程序,运行在多种Unix和Linux系统下,也可运行于Windows平台下。 ASP-Nuke对用户输入过滤上存在漏洞,可使远程攻击者利用在论坛上发贴对其他浏览用户进行跨站脚本执行攻击。 ASP-Nuke中的downloads.asp和post.asp在处理用户提供的输入没有过滤相关的脚本代码,攻击者可以构建包含恶意脚本代码的内容提交给连接,当其他用户浏览相关此连接的时候,脚本将在用户的浏览器中执行。攻击者可能借此得到用户基于Cookie的认证信 ASP-Nuke RC2...
Cisco Security Advisory:Cisco Security Agent Vulnerable to Crafted IP attack
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================== Cisco Security Advisory: Cisco Security Agent Vulnerable to Crafted IP Attack Revision 1.0 For Public Release 2005 July 13 1600 UTC GMT...
ArGoSoft FTP Server 1.4.2.8 Buffer Overflow
-=--------------------ADVISORY-------------------=- -= =- -= ArGoSoft FTP 1.4.2.8 =- -= =- -= Author: CorryL [email protected] =- -= =- -=-------------------------------------------------------=- -=+ Application: ArGoSoft FTP Server -=+ Version: 1.4.2.8 -=+ Vendor's URL: www.argosoft.com -=+...
CProxyRemote.txt
+=========================================================================================+ | Security Advisory: Computalynx CProxy Server Multiple Remote Vulnerabilities | +=========================================================================================+ | [email protected]...
CIS3513.txt
-= x0n3-h4ck Italian Security Team =- /Advisories\ / Application: CIS WebServer Vendor's Url: www.cisindia.net Version: 3.5.13 Platforms: Windows Bug: Directory Traversal Exploitation: Remote Author: CorryL [email protected] www.x0n3-h4ck.org \ Description CIS WebServer is an easy http server, A...
knetDoS104c.txt
-=--------------------ADVISORY-------------------=- -= =- -= Knet / include include include include include include void helpchar programname; int mainint argc, char argv struct sockaddrin trg; struct hostent he; long addr;...
SDtraverse.txt
..:x0n3-h4ck Italian Security Team:.. /Advisories\ / Application: SD Server Url Vendor: http://www.gdsoftware.dk/ Version: = 4.0.70 Platforms: Windows Bug: Directory Traversal Exploitation: Remote Author: CorryL Email Author: [email protected] Url Author: www.x0n3-h4ck.org \ Description The SD...
[Full-Disclosure] GAIM exploit
Platform: Windows tested only on XP and 2000, might impact others Application: GAIM v1.1.3 Synopsis: Cause remote crash of GAIM client. Scenario: By sending a file to another GAIM user, you can cause their GAIM client to crash and completely close GAIM down. Simply send a file to someone with...
Knet <= 1.04c Buffer Overflow Denial of Service Exploit
No description provided by source. -=--------------------ADVISORY-------------------=- -= =- -= Knet = 1.04c =- -= =- -= Author: CorryL [email protected] =- -= x0n3-h4ck.org =- -=----------------------------------------------------=- -=+ Application: Knet -=+ Version: 1.04c -=+ Vendor's URL:...
arkeia_type77_win32.pm
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
[Full-Disclosure] CIS WebServer Directory Traversal Bug
-= x0n3-h4ck Italian Security Team =- /Advisories / Application: CIS WebServer Vendor's Url: www.cisindia.net Version: 3.5.13 Platforms: Windows Bug: Directory Traversal Exploitation: Remote Author: CorryL [email protected] www.x0n3-h4ck.org Description CIS WebServer is an easy http server, A...