1345 matches found
phpMyAdmin table parameter SQL injection vulnerability-vulnerability warning-the black bar safety net
Affected version: phpMyAdmin phpMyAdmin 3. x phpMyAdmin phpMyAdmin 2.11. x vulnerability describes:BUGTRAQ ID: 3 2 7 2 0 phpMyAdmin is PHP written tool used by the WEB Management of MySQL. phpMyAdmin./ phpmyadmin/libraries/dbtableexists. lib. php file does not properly filter table parameters:...
FreeBSD fifo_vnops.c资源泄漏本地拒绝服务漏洞
BUGTRAQ ID: 36949 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD的usr/src/sys/fs/fifofs/fifovnops.c文件中存在资源泄漏漏洞: / Open called to set up a new instance of a fifo or to find an active instance of a fifo. / / ARGSUSED / static int fifoopenap struct vopopenargs / struct vnode avp; int amode; struc...
Linux Kernel pipe.c Local Privilege Escalation
This is a PoC based off the PoC release by Earl Chew Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability PoC by Matthew Bergin Bugtraq ID: 36901 import os import time import random infinite loop while i == 0: os.system"sleep 1" while x == 0: time.sleeprandom.random random int 0.0-1.0 p...
Immunity Canvas: SUN_JAVA_HSBPARSER_LINUX
Name| sunjavahsbparserlinux ---|--- CVE| CVE-2009-3867 Exploit Pack| CANVAS Description| sunjavahsbparserlinux Notes| URL: http://seclists.org/bugtraq/2009/Nov/37 CVE Name: CVE-2009-3867 VENDOR: Sun CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-3867...
Blender 2.34 2.35a 2.4 2.49b .blend File Command Injection
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrary Command Executio...
Blender 2.34/2.35a/2.4/2.49b - '.blend' Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrary Command Execution Advisory Id: CORE-2009-0912...
Fedora 11 : mimetex-1.71-1.fc11 (2009-10170)
Fixes a buffer-overflow as detailed in 511049. - Updates to 1.7. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Linux Kernel 2.4.1 2.4.37 2.6.1 2.6.32-rc5 - pipe.c Local Privilege Escalation (3)
Linux Kernel 2.4.1 2.4.37 2.6.1 2.6.32-rc5 - pipe.c Local Privilege Escalation 3 This is a PoC based off the PoC release by Earl Chew Updated by Brian Peters Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability PoC by Matthew Bergin Bugtraq ID: 36901 E-DB Note: Exploit Update v2...
Wget CA SSL畸形证书验证漏洞
BUGTRAQ ID: 36205 CVECAN ID: CVE-2009-3490 Wget是可使用HTTP、HTTPS和FTP协议的文件检索工具。 Wget没有正确地处理X.509证书主题通用名称(CN)字段域名中的空字符(\0),在处理包含有空字符的证书字段时错误地将空字符处理为截止字符,因此只会验证空字符前的部分。例如,对于类似于以下的名称: example.com\0.haxx.se 证书是发布给haxx.se的,但Wget错误的验证给example.com,这有助于攻击者通过中间人攻击执行网络钓鱼等欺骗。 Micah Cowan Wget 1.12 厂商补丁: RedHat...
Blender 2.342.35a2.42.49b - .blend Command Injection
Blender 2.342.35a2.42.49b - .blend Command Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrar...
Linux Kernel r8169驱动Out-of-IOMMU错误本地拒绝服务漏洞
BUGTRAQ ID: 36706 CVECAN ID: CVE-2009-3613 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的Realtek r8169以太网驱动中存在漏洞,pciunmapsingle中的内存泄露可能导致耗尽IOMMU空间和系统崩溃。本地网络中的攻击者可以通过ping操作发送巨型帧触发out-of-IOMMU错误,导致拒绝服务的情况。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Local Privilege Escalation (3)
This is a PoC based off the PoC release by Earl Chew Updated by Brian Peters Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability PoC by Matthew Bergin Bugtraq ID: 36901 E-DB Note: Exploit Update v2 https://github.com/offensive-security/exploitdb/pull/82/files import os import time impo...
VMware Virtual 8086 - Linux Local Ring0
VMware Virtual 8086 - Linux Local Ring0 Bugtraq ID: 36841 Class: Design Error Published: Oct 27 2009 12:00AM Updated: Oct 27 2009 09:18PM Credit: Tavis Ormandy and Julien Tinnes of the Google Security Team Vulnerable: VMWare Workstation 6.5.3 VMWare Workstation 6.5.2 build 156735 VMWare Workstati...
VMware Virtual 8086 - Linux Local Ring0
Bugtraq ID: 36841 Class: Design Error Published: Oct 27 2009 12:00AM Updated: Oct 27 2009 09:18PM Credit: Tavis Ormandy and Julien Tinnes of the Google Security Team Vulnerable: VMWare Workstation 6.5.3 VMWare Workstation 6.5.2 build 156735 VMWare Workstation 6.5.2 VMWare Workstation 6.5.1 VMWare...
Microsoft IE deflate HTTP内容编码远程代码执行漏洞(MS09-054)
BUGTRAQ ID: 36622 CVECAN ID: CVE-2009-1547 Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 Internet Explorer的Content-Encoding:deflate实现中存在内存破坏漏洞,在特定情况下处理数据流头可以触发这个漏洞。攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet...
Microsoft Windows内核本地权限提升和拒绝服务漏洞(MS09-058)
BUGTRAQ ID: 36625,36623,36624 CVECAN ID: CVE-2009-2517,CVE-2009-2516,CVE-2009-2515 Windows是微软发布的非常流行的操作系统。 由于错误地将64位至截断为32位值,以及未充分验证用户态传递的某些数据,导致Windows内核中存在权限提升漏洞。成功利用此漏洞的攻击者可以运行任意内核态代码。此外由于内核处理特定异常方式而导致Windows内核中存在拒绝服务漏洞。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista...
Microsoft Windows索引服务ActiveX控件内存破坏漏洞(MS09-057)
BUGTRAQ ID: 36629 CVECAN ID: CVE-2009-2507 Windows是微软发布的非常流行的操作系统。 Windows的索引服务所包含的ActiveX控件未正确处理特制Web内容,导致Windows系统上的索引服务中存在内存破坏漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows...
Solaris 10 (x86) : 126364-10 (deprecated)
SunOS 5.10x86: X Window System changes - Solaris Trusted Extensio. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 126364 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security,...
Fedora 10 : phpMyAdmin-3.2.2.1-1.fc10 (2009-10510)
Changes for 3.2.2.1: - security XSS and SQL injection, thanks to Herman van Rink Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 11 : dopewars-1.5.12-8.1033svn.fc11 (2009-10439)
Fix DoS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network Securit...