1345 matches found
firefox -- denial of service vulnerability
A Mozilla Foundation Security Advisory reports for deleted object reference when designMode="on" Martijn Wargers and Nick Mott each described crashes that were discovered to ultimately stem from the same root cause: attempting to use a deleted controller context when designMode was turned on. Thi...
Winmail Server Webmail Unspecified Vulnerability
The remote host is running Winmail Server, a commercial mail server for Windows from AMAX Information Technologies. According to its version number, the remote installation of Winmail Server is affected by an unknown issue in its webmail component. It is unclear whether this is the same issue...
TWiki revision control shell command injection
Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...
Microsoft Internet Explorer - createTextRang Remote (Metasploit)
Microsoft Internet Explorer - createTextRang Remote Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...
Edgewall Software Trac SQL injection flaw
The remote web server contains a CGI script that is affected by a SQL injection flaw. Description: The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects written in python. The remote version of this software is prone to a SQL injection flaw...
[SECURITY] [DSA 1019-1] New kpdf packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1019-1 [email protected] http://www.debian.org/security/ Martin Schulze March 24th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1010-1] New ilohamail packages fix cross-site scripting vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1010-1 [email protected] http://www.debian.org/security/ Martin Schulze March 20th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 994-1] New freeciv packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 994-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 994-1] New freeciv packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 994-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 991-1] New zoo packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 991-1 [email protected] http://www.debian.org/security/ Steve Kemp March 10th, 2006 http://www.debian.org/security/faq -...
Virex on-access scanning unreliable
Vulnerability: The on-access scanner of McAfee Virex 7.7 for Mac is unreliable and fails the EICAR test. Using any webbrowser to download the EICAR testvirus from http://www.eicar.org/antivirustestfile.htm will not trigger the Virex on-access scanner and will not be noticed in most cases. If Vire...
ArGoSoft Mail Server Pro IMAP RENAME Command Traversal Arbitrary Directory Creation
The remote host is running ArGoSoft Mail Server, a messaging system for Windows. The IMAP server bundled with the version of ArGoSoft Mail Server installed on the remote host fails to filter directory traversal sequences from mailbox names passed to the 'RENAME' command. An authenticated attacker...
ViRobot Linux Server filescan Authentication Bypass
The remote host is running ViRobot Linux Server, a commercial antivirus application server. The installed version of ViRobot Linux Server has a flaw such that an attacker can bypass authentication and gain access to its 'filescan' component by supplying a special cookie. An unauthenticated attack...
Fedora Directory Server Crafted IFRAME adm.conf Admin Server Password Disclosure
The remote host appears to be running Fedora Directory Server, a directory server implementation for Fedora Core. The Administration Server, which is used to manage Fedora DS, allows an unauthenticated attacker to retrieve the admin password hash through a simple GET request. %NASLMINLEVEL 70300 ...
[SECURITY] [DSA 964-1] New gnocatan packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 964-1 [email protected] http://www.debian.org/security/ Martin Schulze February 3rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 964-1] New gnocatan packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 964-1 [email protected] http://www.debian.org/security/ Martin Schulze February 3rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 963-1] New mydns packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 963-1 [email protected] http://www.debian.org/security/ Martin Schulze February 2nd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 957-2] New ImageMagick packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 957-2 [email protected] http://www.debian.org/security/ Martin Schulze January 31st, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 951-2] New trac packages fix SQL injection and cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 951-2 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 957-1] New ImageMagick packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 957-1 [email protected] http://www.debian.org/security/ Martin Schulze January 26th, 2006 http://www.debian.org/security/faq -...