CVE-2004-1389

Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process,...

Windows 2000 Network Connection Manager privelege escalation

Callback function is called with system priveleges...

Formatting string bug on cyrus-sasl library

This issue may be already have been on list. I assume that the moderator this case rejects this mail. On last non-beta version of cyrus-sasl library have formatting string bug on default logging callback. Default cyrys sasl logging callback is static int saslsyslogvoid context attributeunused, in...

AFS Client Version Detection

This detects the AFS client version by connecting to the AFS callback port and processing the buffer received. The client version gives potential attackers additional information about the system they are attacking. Versions and types should be ommited where possible. This script was written by...

Stored XSS vulnerability on Bounce Management Callback

Impact Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "errorrelatedto" parameters of the POST request of the bounce management callback will be permanently stored and...

PT-2013-6355 · Openssh +4 · Openssh +4

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 6.2 through 6.3 Description: The issue allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address. This is due to the mm newkeys fro...