Linux Kernel tun_chr_pool()函数空指针引用漏洞

BUGTRAQ ID: 35724 CVECAN ID: CVE-2009-1894 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的drivers/net/tun.c文件中的tunchrpoll函数存在空指针引用错误： int fd; struct pollfd pfd; fd = open"/dev/net/tun", ORDWR; pfd.fd = fd; pfd.events = POLLIN | POLLOUT; poll&pfd, 1, 0;...

Microsoft Virtual PC和Virtual Server本地权限提升漏洞（MS09-033）

BUGTRAQ ID: 35601 CVECAN ID: CVE-2009-1542 Microsoft Virtual PC和Virtual Server都是流行的虚拟机工具，允许在同一台计算机上运行多个操作系统。 Virtual PC和Virtual Server在Virtual Machine Monitor中执行特定指令时没有正确地验证权限级别，可能允许攻击者在承载的Guest操作系统中以提升的权限执行代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Virtual PC 2007 SP1 Microsoft Virtual...

Atlantic SimpleCaddy Shopping Cart Price Manipulation

SENKED-2009-0001 - Atlantic SimpleCaddy Shopping Cart Price Manipulation senked security advisory http://www.senked.com/ Date Published: 2009-07-01 Last Update: 2009-07-01 Advisory ID: SENKED-2009-0001 Bugtraq ID: none CVE Name: none Title: Atlanticintelligence SimpleCaddy Shoopuing Cart Price...

WordPress口令重置用户名枚举漏洞

BUGTRAQ ID: 35581 CVECAN ID: CVE-2009-2335,CVE-2009-2336 WordPress是一款免费的论坛Blog系统。 WordPress对于使用已有的用户名和不存在用户名的登录尝试会返回不同的结果，这降低了暴力猜测攻击的复杂性；此外在使用口令重置界面请求新口令的时候，对于已有的和不存在的用户名也会返回不同的结果。 WordPress WordPress 2.6.5 WordPress WordPress MU 2.7.1 WordPress ---------...

Google Chrome Cross-Site Scripting Vulnerability - July09

This host has Google Chrome installed and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromexssvulnjul09.nasl 4869 2016-12-29 11:01:45Z teissa $ Google Chrome Cross-Site Scripting Vulnerability - July09 Authors: Sharath S Copyright: Copyright c 2009...

VideoLAN VLC Media Player 0.9.9 smb:// URI Stack BOF PoC

No description provided by source. !/usr/bin/ruby VideoLAN VLC Media Player 0.9.9 smb:// URI Stack-based Buffer Overflow Proof-of-Concept Bugtraq ID: 35500 The vulnerability can also be triggered via the VLC web interface disabled by default:...

VideoLAN VLC Media Player 0.9.9 Buffer Overflow

!/usr/bin/ruby VideoLAN VLC Media Player 0.9.9 smb:// URI Stack-based Buffer Overflow Proof-of-Concept Bugtraq ID: 35500 The vulnerability can also be triggered via the VLC web interface disabled by default: http://vulnerableip:8080/requests/status.xml?command=inplay&input=smb://............ Patc...

VideoLAN VLC Media Player 0.9.9 - smb: URI Stack Buffer Overflow (PoC)

VideoLAN VLC Media Player 0.9.9 - smb: URI Stack Buffer Overflow PoC !/usr/bin/ruby VideoLAN VLC Media Player 0.9.9 smb:// URI Stack-based Buffer Overflow Proof-of-Concept Bugtraq ID: 35500 The vulnerability can also be triggered via the VLC web interface disabled by default:...

VideoLAN VLC Media Player 0.9.9 - 'smb://' URI Stack Buffer Overflow (PoC)

!/usr/bin/ruby VideoLAN VLC Media Player 0.9.9 smb:// URI Stack-based Buffer Overflow Proof-of-Concept Bugtraq ID: 35500 The vulnerability can also be triggered via the VLC web interface disabled by default: http://vulnerableip:8080/requests/status.xml?command=inplay&input=smb://............ Patc...

Solaris 10 (x86) : 138827-12 (deprecated)

SunOS 5.10x86: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138827 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabl...

Solaris 10 (sparc) : 138826-12 (deprecated)

SunOS 5.10: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138826 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled ...

OpenSSL dtls1_retrieve_buffered_fragment()函数握手消息拒绝服务漏洞

BUGTRAQ ID: 35417 CVECAN ID: CVE-2009-1387 OpenSSL是一种开放源码的SSL实现，用来实现网络通信的高强度加密，现在被广泛地用于各种网络应用程序中。 OpenSSL在接收到带有非预期序列号的握手消息时会将其传送给dtls1processoutofseqmessage函数。如果序列号低于预期值，这个函数会丢弃数据；如果为之后的消息，函数会缓冲数据。在丢弃数据时，消息碎片长度保持为0，说明没有缓冲任何数据。由于检查长度所用的错误if条件，有时会缓冲没有数据但长度为丢弃消息长度的碎片，之后在进行处理的时候会导致总线错误。 OpenSSL 0.9.x...

Irssi Off-by-one Read/Write DoS Vulnerability (Linux)

This host has installed Irssi and is prone to Denial of Service Vulnerability OpenVAS Vulnerability Test $Id: gbirssidosvullin.nasl 4869 2016-12-29 11:01:45Z teissa $ Irssi Off-by-one Read/Write DoS Vulnerability Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Slackware 12.2 / current : mozilla-firefox (SSA:2009-167-01)

New mozilla-firefox packages are available for Slackware 12.2, and -current to fix security issues. The updated packages may also be used with Slackware 11.0 or newer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

HP-UX PHSS_38489 : s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 20

s700800 11.X OV NNM7.53 IA-64 Intermediate Patch 20 : The remote HP-UX host is affected by multiple vulnerabilities : - Potential vulnerabilities have been identified with HP OpenView Network Node Manager OV NNM. The vulnerabilities could be exploited remotely to create a Denial of Service DoS or...

Microsoft Windows打印后台程序本地信息泄露漏洞(MS09-022)

BUGTRAQ ID: 35208 CVECAN ID: CVE-2009-0229 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的打印服务没有正确的检查分隔符页面中可能包含的文件，攻击者可以登录到系统并创建特制的分隔符页面，导致读取或打印系统上的任何文件。即使用户没有管理访问权，也可以执行这些操作。但是，匿名用户无法利用此漏洞，也无法以远程方式利用此漏洞。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft Windows...

Microsoft Windows内核参数和指针验证权限提升漏洞(MS09-025)

BUGTRAQ ID: 35240,35238 CVECAN ID: CVE-2009-1125,CVE-2009-1124 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核没有正确地验证传递给系统调用的参数，以及从用户态传递的某些指针，导致权限提升漏洞。成功利用此漏洞的攻击者可以运行内核态中的任意代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microso...

[InterN0T] Geeklog 1.5 - Pre-Installation Vulnerabilities

Geeklog - Pre-Installation Vulnerabilities Version Affected: 1.5.2sr4 18th April 2009 newest Info: See website for more details. Opinion: The system seems to be more secure than most web application systems on the Internet these days. Credits: InterN0T External Links: http://www.geeklog.net/ -::...

[InterN0T] moziloCMS 1.11.1 - XSS Vulnerability

moziloCMS - Cross Site Scripting Vulnerability Version Affected: 1.11.1 19th May 2009 newest Info: See website for more information. It's in german and i don't bother translating Credits: InterN0T External Links: http://cms.mozilo.de/ -:: The Advisory ::- Vulnerable Function / ID Calls: XSS cat &...

Apache Tomcat表单认证用户名枚举漏洞

BUGTRAQ ID: 35196 CVECAN ID: CVE-2009-0580 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 由于某些认证类中的不充分错误检查，如果远程攻击者向Tomcat服务器提交了非法URL编码的口令就可能通过返回判断是否存在所请求的用户名。如果基于表单的认证（jsecuritycheck）使用了任意以下认证域就可以执行这种攻击： MemoryRealm DataSourceRealm JDBCRealm Apache Group Tomcat 6.0.x Apache Group Tomcat 5.5.x Apache Group...