Lucene search
K

1367 matches found

RedHat Linux
RedHat Linux
added 2007/03/14 5:2 a.m.5 views

security flaw

The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors whe...

5.4CVSS5.9AI score0.03116EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/09/06 8:0 p.m.25 views

CVE-2006-3742

The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows attackers to login without a password by attempting to log in multiple times...

6.6AI score0.01399EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2006/05/25 12:0 a.m.105 views

WordPress Core 2.0.2 - 'cache' Remote Shell Injection

!/usr/bin/php -q -d shortopentag=on ? echo "--------------------------------------------------------------------\r\n"; echo "| WordPress = 2.0.2 'cache' shell injection exploit |\r\n"; echo "| by rgod [email protected] |\r\n"; echo "| site: http://retrogod.altervista.org |\r\n"; echo "| dork:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/08/18 12:0 a.m.44 views

[Full-disclosure] Bluez hcid popen() explained.

kflistsatdigitalmunitiondotcom After the release of TheftOfLinkKey.txt I had several people mention that they did not quite understand why I consider the recently reported bluez vulnerability to be quite trivial. In this document I will attempt to outline an exploitable scenario for hcid using th...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/06/30 12:0 a.m.33 views

FreeBSD ipfw packet filter race conditions

Because of insuddicient locking it's possible to corrupt cached lookup table on machines with threading PREEMPTIVE multitasking...

2.3AI score
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2005/05/17 2:25 p.m.5 views

security flaw

Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via 1 an off-by-one error in the imapd annotate extension, 2 an off-by-one error in "cached header handling," 3 a stack-based buffer overflow in fetchnews, or 4 a stack-based buffer overflow in...

7.5CVSS6.5AI score0.04244EPSS
Exploits0References4
CERT
CERT
added 2004/10/19 12:0 a.m.50 views

Microsoft Internet Explorer does not properly handle cached HTTPS contents

Overview Microsoft Internet Explorer fails to properly validate cached HTTPS contents, allowing an attacker to obtain information or spoof information on a secure web site. Description The HTTPS protocol is used to provide authentication, encryption, integrity, and non-repudiation services to web...

6.4CVSS7.2AI score0.30998EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.210 views

Google Chrome < 1.0.154.53 Multiple Vulnerabilities

Binary data 5079.pasl...

6.8CVSS6.9AI score0.02032EPSS
Exploits1References2
Cvelist
Cvelist
added 2004/08/14 4:0 a.m.28 views

CVE-2004-0779

The 1 Mozilla 1.6, 2 Firebird 0.7 and 3 Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site...

6.8AI score0.02109EPSS
Exploits0References4
exploitpack
exploitpack
added 2004/07/13 12:0 a.m.15 views

Mozilla Browser 0.91.x Cache File - Multiple Vulnerabilities

Mozilla Browser 0.91.x Cache File - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/10709/info Mozilla Browser is reported prone to multiple vulnerabilities that could eventually allow for code execution on the local computer. These vulnerabilities do not represent a significan...

7.6AI score
Exploits0
Apache Httpd
Apache Httpd
added 2004/03/02 12:0 a.m.53 views

Apache Httpd < 2.0.53 : mod_disk_cache stores sensitive headers

The experimental moddiskcache module stored client authentication credentials for cached objects such as proxy authentication credentials and Basic Authentication passwords on disk...

2.1CVSS2.7AI score0.035EPSS
Exploits1Affected Software1
Exploit DB
Exploit DB
added 2003/10/05 12:0 a.m.18 views

Microsoft Internet Explorer 6 - Double Slash Cache Zone Bypass

source: https://www.securityfocus.com/bid/8980/info A vulnerability has been reported in Internet Explorer that may allow cached Internet content to be rendered in the My Computer zone. It is possible to exploit this issue by including an extra slash when referencing cached content from within a...

7.4AI score
Exploits0
CVE
CVE
added 2003/04/02 5:0 a.m.37 views

CVE-2002-0511

The CVE concerns the default nscd configuration in Caldera OpenLinux 3.1/3.1.1, where PTR records are cached instead of querying the authoritative DNS for the A record. This may let remote attackers bypass host-name based access controls. No explicit remediation is described in the provided docum...

7.5CVSS7.1AI score0.01584EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2003/03/24 12:0 a.m.903 views

Microsoft Windows SMB Registry : Winlogon Cached Password Weakness

The registry key 'HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ Winlogon\CachedLogonsCount' is not 0. Using a value greater than 0 for the CachedLogonsCount key indicates that the remote Windows host locally caches the passwords of the users when they login, in order to continue to allow the...

5.6AI score
Exploits0References3
CERT
CERT
added 2002/12/12 12:0 a.m.25 views

Microsoft Internet Explorer does not adequately validate references to cached objects and methods

Overview Microsoft Internet Explorer does not adequately validate references to cached objects and methods across domains and security zones. The impact is similar to that of a cross-site scripting vulnerability, allowing an attacker to access data in other sites, including the Local Computer zon...

7.5CVSS8AI score0.11986EPSS
Exploits0References17
NVD
NVD
added 2002/12/11 5:0 a.m.23 views

CVE-2002-1254

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."...

7.5CVSS6.7AI score0.50758EPSS
Exploits1References13
CVE
CVE
added 2002/11/27 5:0 a.m.54 views

CVE-2002-1254

The vulnerability (CVE-2002-1254) affects Internet Explorer 5.5 and 6.0. Affected component: cross-domain verification via cached methods/objects. Root cause: security model bypass that allows remote attackers to access information on the local system or in other domains, and potentially execute ...

7.5CVSS7.2AI score0.50758EPSS
Exploits1References13Affected Software2
Cvelist
Cvelist
added 2002/11/27 5:0 a.m.27 views

CVE-2002-1254

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."...

6.7AI score0.50758EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2002/11/12 12:0 a.m.55 views

ISC BIND named SIG Resource Server Response RR Overflow

The remote BIND server, according to its version number, is affected by the 'SIG cached RR overflow' vulnerability. An attacker may use this flaw to gain a shell on this system. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid11152; scriptversion"1.30";...

7.5CVSS5.5AI score0.12322EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2002/10/25 12:0 a.m.35 views

gm012-more-ie.txt

GreyMagic Security Advisory GM012-IE ===================================== By GreyMagic Software, Israel. 22 Oct 2002. Available in HTML format at http://security.greymagic.com/adv/gm012-ie/. Topic: Vulnerable cached objects in IE 9 advisories in 1. Discovery date: 4 Oct 2002, 17 Oct 2002, 21 Oct...

7.4AI score
Exploits0
Rows per page
Query Builder