6524 matches found
[SECURITY] [DSA 952-1] New libapache-auth-ldap packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 952-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 23rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 952-1] New libapache-auth-ldap packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 952-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 23rd, 2006 http://www.debian.org/security/faq -...
Ubuntu 4.10 / 5.04 / 5.10 : libapache2-mod-auth-pgsql vulnerability (USN-239-1)
Several format string vulnerabilities were discovered in the error logging handling. By sending specially crafted user names, an unauthenticated remote attacker could exploit this to crash the Apache server or possibly even execute arbitrary code with the privileges of Apache user 'www-data'. Not...
[SECURITY] [DSA 935-1] New libapache2-mod-auth-pgsql packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 935-1 [email protected] http://www.debian.org/security/ Michael Stone January 10, 2006 http://www.debian.org/security/faq -...
Apache mod-auth-pgsql authorization module format string vulnerabilities
Several format string bugs in error logging...
DSA-935-1 libapache2-mod-auth-pgsql - format string vulnerability
Bulletin has no description...
PT-2006-1039 · Apache · Apache Auth Ldap
Name of the Vulnerable Software and Affected Versions: Apache auth ldap versions 1.6.0 and earlier auth ldap version 1.4.8 Description: The issue concerns multiple format string vulnerabilities in the auth ldap log reason function. This allows remote attackers to execute arbitrary code via variou...
SCO OpenServer 5.0.7 - termsh Local Privilege Escalation
SCO OpenServer 5.0.7 - termsh Local Privilege Escalation / SCO Openserver 5.0.7 termsh exploit =================================== 'termsh' is a program to view or modify an existing terminal entry on SCO Openserver. A stack based overflow exists in the handling of command line arguements, namely...
Apache HTTP Server Auth Module SQL Insertion Attack
This plugin checks whether the web server is using Apache Auth modules which are known to be vulnerable to SQL insertion attacks. SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
security flaw
Memory leak in the requestkeyauthdestroy function in requestkeyauth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service memory consumption via a large number of authorization token keys...
PT-2005-3947 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.10 through 2.6.13 Description: The issue is related to a memory leak in the request key auth destroy function within the request key auth component of the Linux kernel. This leak allows local users to cause a denial ...
[SECURITY] [DSA 844-1] New mod-auth-shadow packages fix authentication bypass
-------------------------------------------------------------------------- Debian Security Advisory DSA 844-1 [email protected] http://www.debian.org/security/ Martin Schulze October 5th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 844-1] New mod-auth-shadow packages fix authentication bypass
-------------------------------------------------------------------------- Debian Security Advisory DSA 844-1 [email protected] http://www.debian.org/security/ Martin Schulze October 5th, 2005 http://www.debian.org/security/faq -...
[Full-disclosure] [SECURITY] [DSA 844-1] New mod-auth-shadow packages fix authentication bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 844-1 [email protected] http://www.debian.org/security/ Martin Schulze October 5th, 2005 http://www.debian.org/security/faq -...
Debian DSA-844-1 : mod-auth-shadow - programming error
A vulnerability in modauthshadow, an Apache module that lets users perform HTTP authentication against /etc/shadow, has been discovered. The module runs for all locations that use the 'require group' directive which would bypass access restrictions controlled by another authorisation mechanism,...
DSA-844-1 mod-auth-shadow - programming error
Bulletin has no description...
CVE-2005-2605
CVE-2005-2605 pertains to an unknown vulnerability in Lasso Professional Server 8.0.4 and 8.0.5 that could allow an attacker to bypass authentication. The connected documents do not provide concrete technical details such as the root cause, affected components beyond the server versions, exploit ...
CVE-2005-2605
Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to Auth tags...
Episodex Guestbook Multiple Vulnerabilities (Auth Bypass, XSS)
The remote host is running the Episodex Guestbook, a guestbook written in ASP. The version of Episodex installed on the remote host does not validate input to various fields in the 'default.asp' script before using it to generate dynamic HTML. Additionally, an unauthenticated, remote attacker can...
Fedora Core 2 : mozilla-1.7.6-1.2.2 (2005-248)
A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the...