Microsoft IE HTML渲染远程内存破坏漏洞（MS08-010）

BUGTRAQ ID: 27668 CVECAN ID: CVE-2008-0076 Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer解析带有特定布局组合的HTML的方式中存在一个远程执行代码漏洞，攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer...

Microsoft IIS ASP远程代码执行漏洞（MS08-006）

BUGTRAQ ID: 27676 CVECAN ID: CVE-2008-0075 Microsoft Internet信息服务（IIS）是Microsoft Windows自带的一个网络信息服务器，其中包含HTTP服务功能。 IIS处理ASP网页输入的方式存在远程代码执行漏洞，允许攻击者向网站的ASP页面传送恶意输入。成功利用这个漏洞的攻击者可以在IIS服务器上以WPI的权限（默认配置为网络服务帐号权限）执行任意操作。 Microsoft IIS 6.0 Microsoft IIS 5.1 临时解决方法： 在Windows Server 2003上禁用传统风格ASP： 1...

HP-UX PHSS_37274 : s700_800 11.X OV NNM7.51 IA-64 Intermediate Patch 18

s700800 11.X OV NNM7.51 IA-64 Intermediate Patch 18 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP OpenView Network Node Manager OV NNM. The vulnerability could be exploited remotely to create a Denial of Service...

HP-UX PHSS_37273 : s700_800 11.X OV NNM7.51 PA-RISC Intermediate Patch 18

s700800 11.X OV NNM7.51 PA-RISC Intermediate Patch 18 : The remote HP-UX host is affected by multiple vulnerabilities : - Potential vulnerabilities have been identified with HP OpenView Network Node Manager OV NNM. The vulnerabilities could be exploited remotely to create a Denial of Service DoS ...

iPhoto < 7.1.2 Format String Vulnerability

The remote host is running a version of iPhoto 7.1 older than version 7.1.2. Such versions are reportedly affected by a format string vulnerability. If an attacker can trick a user on the affected host into subscribing to a specially crafted photocast, these issues could be leveraged to execute...

Linux Kernel PowerPC chrp/setup.c文件空指针引用漏洞

BUGTRAQ ID: 27555 CVECAN ID: CVE-2007-6694 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel在PowerPC平台上执行里存在漏洞，本地攻击者可能利用此漏洞导致拒绝服务。 当运行在PowerPC时，Linux Kernel的chrp/setup.c文件中的chrpshowcpuinfo函数可能会出现崩溃。如果本地攻击者导致ofgetproperty函数失败的话，就会触发空指针引用，导致拒绝服务的情况。 Linux kernel 2.4.21 - 2.6.18-53 厂商补丁： RedHat ------...

MyBB多个远程PHP代码执行漏洞

BUGTRAQ ID: 27322 CNCAN ID:CNCAN-2008011706 MyBB是一款基于PHP的WEB应用程序。 MyBB不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限执行任意代码. 问题是由于'forumdisplay.php'和'search.php'脚本对用户提交的'fid'参数处理缺少充分过滤，提交恶意数据，在获得"sid"的情况下，可导致任意代码执行。 MyBulletinBoard MyBulletinBoard 1.2.10 MyBulletinBoard MyBulletinBoard 1.2.5 MyBulletinBoard...

Debian Security Advisory DSA 1053-1 (mozilla)

The remote host is missing an update to mozilla announced via advisory DSA 1053-1. Martijn Wargers and Nick Mott described crashes of Mozilla due to the use of a deleted controller context. In theory this could be abused to execute malicious code. OpenVAS Vulnerability Test $Id: deb10531.nasl 661...

Debian Security Advisory DSA 139-1 (super)

The remote host is missing an update to super announced via advisory DSA 139-1. OpenVAS Vulnerability Test $Id: deb1391.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 139-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 964-1 (gnocatan)

The remote host is missing an update to gnocatan announced via advisory DSA 964-1. A problem has been discovered in gnocatan, the computer version of the settlers of Catan boardgame, that can lead the server an other clients to exit via an assert, and hence does not permit the execution of...

Debian Security Advisory DSA 230-1 (bugzilla)

The remote host is missing an update to bugzilla announced via advisory DSA 230-1. OpenVAS Vulnerability Test $Id: deb2301.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 230-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 1134-1 (mozilla-thunderbird)

The remote host is missing an update to mozilla-thunderbird announced via advisory DSA 1134-1. Several security related problems have been discovered in Mozilla which are also present in Mozilla Thunderbird. For details, please visit the referenced security advisories. OpenVAS Vulnerability Test...

StreamAudio ChainCast VMR客户端代理ActiveX控件栈溢出漏洞

BUGTRAQ ID: 27247 StreamAudio用于为在线收音机广播提供流媒体服务。 StreamAudio所带的ActiveX控件实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 StreamAudio使用Ccpm.ProxyManager.1...

Miniweb 0.8.19 - Multiple Vulnerabilities

MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a single thread, supporting GET and POS...

Horde IMP及Groupware Webmail Edition多个输入验证漏洞

BUGTRAQ ID: 27223 CVECAN ID: CVE-2007-6018 IMP是一款基于Web的强大的邮件程序，它由Horde项目组开发。可使用在Linux/Unix或者Microsoft Windows操作系统下。 IMP在处理HTML的数据时存在漏洞，远程攻击者可能利用此漏洞非授权操作邮件。 IMP Webmail客户端和Groupware Webmail Edition的HTML过滤器没有过滤掉frame和frameset...

SAP DB / MaxDB Cons Program Arbitrary Command Execution

The version of SAP DB / MaxDB installed on the remote host fails to sanitize user-supplied input to the 'show' and 'execsdbinfo' commands before passing it to a 'system' call. An unauthenticated, remote attacker can leverage this issue to execute arbitrary commands on the affected host subject to...

Microsoft Windows TCP/IP实现ICMP请求远程拒绝服务漏洞（MS08-001）

BUGTRAQ ID: 27139 CVECAN ID: CVE-2007-0066 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核的TCP/IP实现（tcpip.sys）中处理碎片路由器广播ICMP查询的方式实现上存在漏洞，远程攻击者可能利用此漏洞导致系统崩溃。 匿名攻击者可以通过在网络上向计算机特制的ICMP报文利用此漏洞，导致计算机停止响应和自动重新启动。但利用此漏洞所必须的ICMP路由发现协议（RDP）不是默认启用的。 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2...

Microsoft Windows LSASS LPC请求本地权限提升漏洞（MS08-002）

BUGTRAQ ID: 27099 CVECAN ID: CVE-2007-5352 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的LSASS过程没有正确地处理特制LPC请求，当LSASS进程收到特制的LPC请求时，攻击者就可以以提升的权限运行代码，成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003...

Microsoft Windows TCP/IP实现IGMP及MLD报文远程溢出漏洞（MS08-001）

BUGTRAQ ID: 27100 CVECAN ID: CVE-2007-0069 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核的TCP/IP实现（tcpip.sys）处理存储IGMPv3和MLDv2查询状态的TCP/IP结构的方式存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制服务器。 匿名攻击者可以通过在网络上向计算机发送特制的IGMPv3和MLDv2报文来利用此漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP...

Novell Client nicm.sys Local Privilege Escalation

The file 'NICM.SYS' included with the Novell Client software and installed on the remote host reportedly allows local users to open the device '.\nicm' and execute arbitrary code in kernel mode using specially-constructed input. C Tenable Network Security, Inc. include"compat.inc"; if description...