Debian: Security Advisory (DSA-197)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 080-1 (htdig)

The remote host is missing an update to htdig announced via advisory DSA 080-1. OpenVAS Vulnerability Test $Id: deb0801.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 080-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-248)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-523)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP OpenView Network Node Manager ovlogin.exe buffer overflow

Added: 12/24/2007 CVE: CVE-2007-6204 BID: 26741 OSVDB: 39529 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the Network Node Manager web interface allows remote attackers to execute arbitrary commands by sendin...

DEBIAN-CVE-2007-4542

Multiple cross-site scripting XSS vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the 1 processLine function in maptemplate.c and the 2 writeError function in mapserv.c in the mapserv CGI program...

CVE-2007-4542

Multiple cross-site scripting XSS vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the 1 processLine function in maptemplate.c and the 2 writeError function in mapserv.c in the mapserv CGI program...

CVE-2007-4542

Multiple cross-site scripting XSS vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the 1 processLine function in maptemplate.c and the 2 writeError function in mapserv.c in the mapserv CGI program...

Cross site scripting

Cross-site scripting XSS vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Pubcookie Login Server -- XSS vulnerability

Nathan Dors, Pubcookie Project reports: A new non-persistent XSS vulnerability was found in the Pubcookie login server's compiled binary "index.cgi" CGI program. The CGI program mishandles untrusted data when printing responses to the browser. This makes the program vulnerable to carefully crafte...

CVE-2006-7098

The Debian GNU/Linux 033-FNOSETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl...

Debian DSA-1199-1 : webmin - multiple vulnerabilities

Several vulnerabilities have been identified in webmin, a web-based administration toolkit. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3912 A format string vulnerability in miniserv.pl could allow an attacker to cause a denial of service...

CVE-2006-5212

Trend Micro OfficeScan 6.0 in Client/Server/Messaging CSM Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition OSCE 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP...

CVE-2006-5211

Trend Micro OfficeScan 6.0 in Client/Server/Messaging CSM Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition OSCE 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes...

CVE-2006-5211

Trend Micro OfficeScan 6.0 in Client/Server/Messaging CSM Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition OSCE 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes...

ViRobot Server web interface addschup buffer overflow

Added: 07/28/2006 CVE: CVE-2005-2041 BID: 13964 OSVDB: 17320 Background ViRobot Linux Server includes a web-based control interface. Problem A buffer overflow in the addschup CGI program included in the ViRobot Linux Server allows remote attackers to write arbitrary commands into the root crontab...

CVE-2002-2011

The CVE-2002-2011 entry concerns Faq-O-Matic’s fom.cgi (versions 2.711 and 2.712). The issue is a cross-site scripting (XSS) vulnerability where an attacker can inject arbitrary web script or HTML via the file parameter, potentially enabling/script execution in the victim’s browser. Documented im...

CVE-2005-1344

Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is...

DSA-523 www-sql - buffer overflow

Bulletin has no description...

CVE-2003-0632

Buffer overflow in the Oracle Applications Web Report Review FNDWRR CGI program FNDWRR.exe of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL...