1063 matches found
Hobbit monitor security bugfix release - 4.1.2p2
Version 4.1.2p2 of Hobbit has just been uploaded to SourceForge, and is available at http://sourceforge.net/project/showfiles.php?groupid=128058&packageid=140220&releaseid=436594 This release fixes a security bug reported by Jason Kruse earlier today: File access via the Hobbit "config" method...
SUSE-SA:2006:022: MozillaThunderbird
The remote host is missing the patch for the advisory SUSE-SA:2006:022 MozillaThunderbird. Various security bugs have been fixed in Mozilla Thunderbird, bringing it up to bugfix level of version 1.0.8. This also catches up on earlier Thunderbird security releases. %NASLMINLEVEL 70300 C Tenable...
DSA-975-1 nfs-user-server - buffer overflow
Bulletin has no description...
SysCP WebFTP local file inclusion vulnerability
SYSCP WEBFTP LOCAL FILE INCLUSION VULNERABILITY Thomas Henlich DESCRIPTION Thomas Henlich has discovered a vulnerability in WebFTP, which can be used by remote attackers to disclose potentially sensitive information and to compromise a vulnerable system. Input passed to the "webftplanguage"...
[SECURITY] [DSA 919-1] New curl packages fix potential security problem
-------------------------------------------------------------------------- Debian Security Advisory DSA 919-1 [email protected] http://www.debian.org/security/ Martin Schulze December 12th, 2005 http://www.debian.org/security/faq -...
Debian DSA-798-1 : phpgroupware - several vulnerabilities
Several vulnerabilities have been discovered in phpgroupware, a web-based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2498 Stefan Esser discovered another vulnerability in the XML-RPC libraries that allows...
DSA-798-1 phpgroupware - several
Bulletin has no description...
mediabox404.txt
Product: mediabox404 WebRadio & WebTV manager Version: 1.2 Release and previous URL: http://www.mediabox404.org VULNERABILITY CLASS: SQL injection PRODUCT DESCRIPTION This is a group of modulesadministration, client, programmation, diffusion in PHP/MySQL database that allows a webradio to manage...
SQL injection in mediabox404 v1.2
Product: mediabox404 WebRadio & WebTV manager Version: 1.2 Release and previous URL: http://www.mediabox404.org VULNERABILITY CLASS: SQL injection PRODUCT DESCRIPTION This is a group of modulesadministration, client, programmation, diffusion in PHP/MySQL database that allows a webradio to manage...
PHPNews SQL injection vulnerability
Product: PHPNews Version: 1.2.5 Release, bugfix 1.2.6 and previous URL: http://newsphp.sourceforge.net/ VULNERABILITY CLASS: SQL injection PRODUCT DESCRIPTION PHPNews is a popular script for news posting written in PHP MySQL based. VULNERABILITY Vulnerable script: auth.php code else...
[Full-disclosure] Advisory 08/2005: PunBB SQL Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PunBB SQL Injection Vulnerability Release Date: 2005/08/05 Last Modified: 2005/08/05 Author: Stefan Esser [email protected] Application: PunBB = 1.2.5 Severity: An...
[BuHa Security] Wordpress SQL-Injection
--------------------------------------------------- | BuHa Security-Advisory 1 | May 17th, 2005 | --------------------------------------------------- | Vendor | Wordpress | | URL | http://wordpress.org/ | | Version | = Wordpress 1.5 | | Risk | Moderate SQL-Injection |...
Mac OS X Java JRE Plug-in Capability Arbitrary Package Access (Security Update 2005-002)
The remote host is missing Security Update 2005-002. This security update contains a security bugfix for Java 1.4.2. A vulnerability in the Java Plug-in may allow an untrusted applet to escalate privileges, through JavaScript calling into Java code, including reading and writing files with the...
Red Hat Update Level
The remote Red Hat server is missing the latest bugfix update package. As a result, it is likely to contain multiple security vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid14657; scriptversion"1.41";...
rsbac 1.2.3 jail security problems
Amon Ott has released a security bugfix for RSBAC 1.2.3. The problem was discovered regarding to the RSBAC JAIL implementation. Please read the attached original release note if interested. The bugfix is available for download at http://www.rsbac.org/download/bugfixes/ For beginners, RSBAC is:...
Advisory 06/2004: libneon date parsing vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: libneon date parsing vulnerability Release Date: 2004/05/19 Last Modified: 2004/05/19 Author: Stefan Esser [email protected] Application: libneon = 0.24.5 Severity: A vulnerability...
Vulnerability in rinetd
Sam Hocevar discovered a security problem in rinetd, an IP connection redirection server. When the server maintains 64 connections and the connection list is full, rinetd resizes the list in order to store the new incoming connection. However, this is done improperly, resulting in a denial of...
[SECURITY] [DSA 159-2] New Python packages fix problem introduced by security fix
-------------------------------------------------------------------------- Debian Security Advisory DSA 159-2 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 159-2] New Python packages fix problem introduced by security fix
-------------------------------------------------------------------------- Debian Security Advisory DSA 159-2 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2002 http://www.debian.org/security/faq -...
Postfix session log memory exhaustion bugfix
The Postfix SMTP server maintains a record of SMTP conversations for debugging purposes. Depending on local configuration details this record is mailed to the postmaster whenever an SMTP session terminates with errors. During code maintenance, a stupid error was introduced into the code due to...