CVE-2006-2198

CVE-2006-2198 affects OpenOffice.org/StarOffice from 1.1.x (up to 1.1.5) and 2.0.x before 2.0.3. A user‑supplied OpenOffice document containing a malicious BASIC macro can execute without prompting, enabling the macro to run with the current user’s privileges. This can lead to unauthorized activi...

CVE-2006-2198

OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user...

Multiple OpenOffice security vulnerabilities

BASIC macro auto launch without user intercation, Java applet sandbox protection bypass, XML parsing buffer overflow...

CVE-2006-3094

Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and earlier, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter in 1 calevent.php and 2 calpopup.php...

CVE-2006-3094

CVE-2006-3094 affects Calendarix Basic 0.7.20060401 and earlier. The vulnerability is an SQL injection in the id parameter of cal_event.php and cal_popup.php when magic_quotes_gpc is disabled, allowing remote attackers to execute arbitrary SQL commands. This is evidenced by multiple public adviso...

CVE-2006-3094

Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and earlier, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter in 1 calevent.php and 2 calpopup.php...

BASE <= 1.2.4 melissa (Snort Frontend) Remote Inclusion Vulnerabilities

No description provided by source. Basic Analysis and Security Engine BASE = 1.2.4 melissa Inclusion Vulnerabilities Just glanced over BASE for a pentesting job. /str0ke ! milw0rm.com code baseqrycommon.php includeonce"$BASEpath/includes/basesignature.inc.php"; /code...

Monit <= 4.2 Remote Root Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ================================================ Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long ret; targets = "Monit-4.2-Gentoo",...

CVE-2006-1505

basemaintenance.php in Basic Analysis and Security Engine BASE before 1.2.4 melissa, when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the standalone parameter to "yes"...

Directory Scanner (HTTP)

HTTP based detection of various common dirs on the remote web server. SPDX-FileCopyrightText: 2005 Digital Defense Inc. SPDX-FileCopyrightText: Improved code and additional directories since 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...

Incomplete Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending an invalid request with an incomplete Basic authentication. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

ICECast < 2.0.1 HTTP Basic Authorization DoS Vulnerability

ICECast is prone to a remote denial of service DoS vulnerability. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Too Long Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending a request with a too long Basic authentication field. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

security flaw

The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service infinite loop via unknown vectors...

XML-RPC Library &lt;= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit

No description provided by source. tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc...

CVE-2001-1496

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code...

CVE-2001-1496

CVE-2001-1496 affects thttpd (Acme Labs) with an off-by-one buffer overflow in Basic Authentication across versions 1.95–2.20. The underlying issue is a buffer overflow in the Basic Auth handling, enabling remote attackers to cause a denial of service and potentially execute arbitrary code. Explo...

MS KB821724: ISA Server 2000 May Send Basic Credentials Over an External HTTP Connection

The remote ISA server is configured in such a way that it may send Basic authentication credentials over an insecure connection. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18491; scriptversion"1.19"; scriptcvsdate"Date: 2018/11/15 20:50:28"; scriptbugtraqid13955;...

Microsoft ISA Server HTTP/HTTPS Service Basic Auth Information Disclosure Vulnerability

Description Microsoft Internet Security and Acceleration ISA server is prone to an information disclosure vulnerability. Reports indicate that the issue manifests when an ISA server is publishing a Web service that has Basic authentication enabled, but the Web publishing rules that process the...

CVE-2004-2029

The UtilDecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service crash via a Basic Authorization HTTP request with a "A==" value...