2151 matches found
Nortel Contact Center Manager - Administration Password Disclosure
source: https://www.securityfocus.com/bid/34964/info Nortel Contact Center Manager Administration is prone to a password-disclosure vulnerability caused by a design error. Attackers can exploit this issue to gain access to the 'sysadmin' password. Successfully exploiting this issue may lead to...
CVE-2008-6123
The netsnmpudpfmtaddr function snmplib/snmpUDPDomain.c in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to...
Firefox Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for 1 XMLHttpRequest, involving a mismatch for a document's principal, and 2 XPCNativeWrapper.toString, involving an incorrect proto scope, which allows remote attackers to conduct cross-site...
Linux Kernel 2.6.29 - exit_notify() Local Privilege Escalation
Linux Kernel 2.6.29 - exitnotify Local Privilege Escalation !/bin/sh gw-notexit.sh: Linux kernel 2.6.29 exitnotify local root exploit by Milen Rangelov gat3way-at-gat3way-dot-eu Based on 'exitnotify' CAPKILL verification bug found by Oleg Nestorov. Basically it allows us to send arbitrary signals...
GLSA-200904-03 : Gnumeric: Untrusted search path
The remote host is affected by the vulnerability described in GLSA-200904-03 Gnumeric: Untrusted search path James Vega reported an untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric. Impact : A local attacker could entice a user to run Gnumeric from a...
[SECURITY] Fedora 9 Update: gtkmozembedmm-1.4.2.cvs20060817-27.fc9
This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...
Ubuntu: Security Advisory (USN-507-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 9 Update: gtkmozembedmm-1.4.2.cvs20060817-26.fc9
This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...
Fedora Update for pywbxml FEDORA-2008-0680
Check for the Version of pywbxml OpenVAS Vulnerability Test Fedora Update for pywbxml FEDORA-2008-0680 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for gtkmozembedmm FEDORA-2008-3249
Check for the Version of gtkmozembedmm OpenVAS Vulnerability Test Fedora Update for gtkmozembedmm FEDORA-2008-3249 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for gtkmozembedmm FEDORA-2008-2682
Check for the Version of gtkmozembedmm OpenVAS Vulnerability Test Fedora Update for gtkmozembedmm FEDORA-2008-2682 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for gtkmozembedmm FEDORA-2008-2662
Check for the Version of gtkmozembedmm OpenVAS Vulnerability Test Fedora Update for gtkmozembedmm FEDORA-2008-2662 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Net-snmp TCP Wrapper远程信息泄露漏洞
BUGTRAQ ID: 33755 CVECAN ID: CVE-2008-6123 Net-SNMP是一个免费的、开放源码的SNMP实现,以前称为UCD-SNMP。 在使用TCP wrapper授权客户端的时候,Net-SNMP的snmplib/snmpUDPDomain.c文件中的netsnmpudpfmtaddr函数没有正确地解析hosts.allow规则,这允许远程攻击者绕过预期的访问限制执行SNMP查询,获得主机相关的敏感信息。 0 Net-SNMP 5.4.2.1 厂商补丁: Net-SNMP -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载...
[SECURITY] Fedora 9 Update: gtkmozembedmm-1.4.2.cvs20060817-25.fc9
This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...
DEBIAN-CVE-2009-0318
Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...
Design/Logic Flaw
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376...
CVE-2009-0180
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376...
CVE-2009-0180
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376...
CVE-2009-0180
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376...
CVE-2009-0180
CVE-2009-0180 corresponds to build-time omission of TCP wrappers support in nfs-utils for certain Fedora releases (Fedora 9 before 1.1.2-9.fc9 and Fedora 10 before 1.1.4-6.fc10). This could allow remote attackers to bypass access restrictions due to missing host-based protection. Connected adviso...