1345 matches found
WordPress 'template-functions-category.php' 'cat_ID' Parameter SQL Injection
The version of WordPress installed on the remote host fails to properly sanitize user-supplied input to the 'catID' variable in the 'template-functions-category.php' script. This failure may allow an attacker to influence database queries resulting in the disclosure of sensitive information. Note...
AIX 5.1 Bellmail - Local Race Condition
-bash-2.05b$ -bash-2.05b$ cat xaix5bellmail.pl !/usr/bin/perl FileName: xaix5bellmail.pl Exploit "Race condition vulnerability BUGTRAQ ID: 8805" of /usr/bin/bellmail command on Aix5 to change any file owner to current user. Usage : xaix5bellmail.pl aimfile aimfile : then file wich you want to cho...
Advanced Guestbook index.php entry Parameter SQL Injection
The remote host is running Advanced Guestbook - a guestbook written in PHP. The remote version of this software contains an input validation flaw leading to a SQL injection vulnerability. An attacker may exploit this flaw to execute arbitrary commands against the remote database. %NASLMINLEVEL...
Oracle Database 9i/10g Fine Grained Auditing (FGA) SELECT Statement Logging Weakness
The remote host is running a version of Oracle Database that, according to its version number, suffers from a flaw in which Fine Grained Auditing FGA becomes disabled when the user SYS runs a SELECT statement. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities
Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a victim's browser, allowing the attacker to steal cookie-based credentials a...
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a...
[SECURITY] [DSA 706-1] New axel packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 706-1 [email protected] http://www.debian.org/security/ Martin Schulze April 13th, 2005 http://www.debian.org/security/faq -...
Mozilla Browser < 1.7.6 Multiple Vulnerabilities
The remote version of Mozilla contains multiple security issues that could allow an attacker to impersonate a website and to trick a user into accepting and executing arbitrary files or to cause a heap overflow in the FireFox process and execute arbitrary code on the remote host. C Tenable Networ...
PlatinumFTP <= 1.0.18 Multiple Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl pftpdos-ai1.pl - Remote DoS against PlatinumFTP 10.1.18 Details:http://seclists.org/lists/bugtraq/2005/Mar/0222.html If you don't get the server down try to change/play a little bit with the Timeout ports at securityforest dot com | greetings to...
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Vulnerabilities
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Vulnerabilities !/usr/bin/perl pftpdos-ai1.pl - Remote DoS against PlatinumFTP 10.1.18 Details:http://seclists.org/lists/bugtraq/2005/Mar/0222.html If you don't get the server down try to change/play a little bit with the Timeout ports at...
3 XSS Vulnerabilities in Phorum <= 5.0.14
Author: Jon Oberheide [email protected] Date: Sat, March 12th, 2005 Summary ======= Application: Phorum Vendor Website: http://www.phorum.org Affected Versions: = 5.0.14 Type of Vulnerability: Cross Site Scripting XSS About Phorum ============ Phorum is a web based message board written in PHP...
DJB's students release 44 *nix software vulnerability advisories
Widely deployed open source software is commonly believed to contain fewer security vulnerabilities than similar closed source software due to the possibility of unrestricted third party source code auditing. Predictably, most users of open source software do not invest a significant amount of ti...
phpPOC.txt
PHP File Upload Vulnerability POC Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Author: Stefano Di Paola Affected: Php "; if isuploadedfile$FILES'userfile''tmpname' && moveuploadedfile$FILES'userfile''tmpname', $uploadfile print "File is valid, and was successfull...
Debian DSA-049-1 : cfingerd
Megyer Laszlo report on Bugtraq that the cfingerd daemon as distributed with Debian GNU/Linux 2.2 was not careful in its logging code. By combining this with an off-by-one error in the code that copied the username from an ident response cfingerd could be exploited by a remote user. Since cfinger...
Debian DSA-129-1 : uucp - remote denial of service
We have received reports that in.uucpd, an authentication agent in the uucp package, does not properly terminate certain long input strings. This has been corrected in uucp package version 1.06.1-11potato3 for Debian 2.2 potato and in version 1.06.1-18 for the upcoming woody release. %NASLMINLEVE...
RPC bugtraqd Service In Use
Binary data 1054.prm...
Microsoft Outlook Express 5/6 - Script Execution
source: https://www.securityfocus.com/bid/8281/info It has been reported that a weakness may have been re-introduced into Microsoft Outlook Express. According to the source, the issue described in Bugtraq ID 3334 had been fixed by Microsoft but appears to have resurfaced. It should be noted that...
Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago.
PMASA-2003-1 Announcement-ID: PMASA-2003-1 Date: 2003-06-18 Summary Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago. Description Reporter wrote that he found following issues within phpMyAdmin code each issue is followed...
BAZARR LOCAL ROOT AGAIN. HI GUYS. DONT READ THIS
/ xaos = 3.0-23 ? 0day local root xploit on debian 3.0 whoody / / by: bazarr / / [email protected] / / bazarr episode 4 hendy i dont build nests for da winter, cause i dont have no time for building nests dis is da advisory and xploit at da same time for a local root hole in debian 3.0. if dave...
FW: Re[2]: SECURITY.NNOV: Kaspersky Antivirus DoS
Dear Symantec - I will rely on the Bugtraq moderator to help steer this process appropriately in the public forum delay post, etc since I am inexperienced in these matters. There appears to possibly be three DoS vulnerabilities in at least one Symantec AntiVirus product. Initial report from Zaraz...