Debian Security Advisory DSA 844-1 (mod-auth-shadow)

The remote host is missing an update to mod-auth-shadow announced via advisory DSA 844-1. A vulnerability in modauthshadow, an Apache module that lets users perform HTTP authentication against /etc/shadow, has been discovered. The module runs for all locations that use the 'require group' directi...

Debian Security Advisory DSA 659-1 (libpam-radius-auth)

The remote host is missing an update to libpam-radius-auth announced via advisory DSA 659-1. OpenVAS Vulnerability Test $Id: deb6591.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 659-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 247-1 (courier)

The remote host is missing an update to courier announced via advisory DSA 247-1. OpenVAS Vulnerability Test $Id: deb2471.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 247-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-1247-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-659-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-952-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-844-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-421)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-935-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-0210

Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set through HTTP requests, which allows remote attackers to bypass authentication via a sessauth=1 parameter settting. NOTE: this can be leveraged to conduct directory traversal attacks without...

McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC

No description provided by source. !/usr/bin/perl McAfeeR E-Business ServerTM 8.5.2 Remote preauth crash PoC - tested on Windows and Linux Leon Juranic [email protected], Infigo IS http://www.infigo.hr/en/ use IO::Socket; $saddr = "192.168.1.3"; $sport = 1718;...

EkinBoard <= 1.1.0 Remote File Upload / Auth Bypass Vulnerabilities

No description provided by source. ---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / &nb...

EkinBoard <= 1.1.0 Remote File Upload / Auth Bypass Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== EkinBoard = 1.1.0 Remote File Upload / Auth Bypass / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // /...

ekinboard-upload.txt

---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / //...

EggBlog 3.1.0 - Cookies SQL Injection

!/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x343' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'eggblog 'Tahoma 7...

dovecot -- Specific LDAP + auth cache configuration may mix up user logins

Dovecot reports: If two users with the same password and same passfilter variables log in within authcachettl seconds 1h by default, the second user may get logged in with the first user's cached passattrs. For example if passattrs contained the user's home/mail directory, this would mean that th...

nss_ldap: Information disclosure

Background nssldap is a Name Service Switch module which allows 'passwd', 'group' and 'host' database information to be pulled from LDAP. Description Josh Burley reported that nssldap does not properly handle the LDAP connections due to a race condition that can be triggered by multi-threaded...

Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow

This module exploits a stack buffer overflow in Mercury Mail Transport System 4.51. By sending a specially crafted argument to the AUTH CRAM-MD5 command, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Fedora 7 : proftpd-1.3.1-2.fc7 (2007-2613)

The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as...

Vortex Portal 1.0.42 - Remote File Inclusion

Vortex Portal 1.0.42 RFI ---------- Author : ShAy6oOoN ---------- Group : PitBull Crew ---------- Script : Vortex Portal 1.0.42 ---------- Download : http://www.igamingcms.com/legacy-software/VortexPortal1.0.42.zip ---------- Vuln Type: RFI ---------- Registerglobals: ON -----------------...