7636 matches found
Debian OpenSSH SELinux Privilege Escalation Vulnerability
Debian Linux can be configured to utilize SELinux extensions. OpenSSH may also be configured to utilize SELinux, and to interface with the role-based privilege system. Debian Linux is prone to an SELinux privilege-escalation vulnerability due to a flaw in its OpenSSH package. Specifically, when...
kernel security and bug fix update
2.6.18-92.1.6.0.2.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - splice Fix bad unlockpage in error case Jens Axboe orabug 6263574 - dio fix error-path crashes Linus Torvalds orabug 6242289 - NET fix netpoll race Tina Yang orabugz 5791 2.6.18-92.1.6.el5 - x86 sanity...
Seagull PHP Framework <= 0.6.4 (fckeditor) Arbitrary File Upload Exploit
Exploit for unknown platform in category web applications ======================================================================== Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ======================================================================== ?php /...
Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload
?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
USN-617-1: Samba vulnerabilities
Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service...
Debian DSA-1597-2 : mt-daapd - multiple vulnerabilities
Three vulnerabilities have been discovered in the mt-daapd DAAP audio server also known as the Firefly Media Server. The Common Vulnerabilities and Exposures project identifies the following three problems : - CVE-2007-5824 Insufficient validation and bounds checking of the Authorization: HTTP...
Spoofing
Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a 1 AVI or 2 ASF file, a...
Debian Security Advisory DSA 1588-2 (linux-2.6)
The remote host is missing an update to linux-2.6 announced via advisory DSA 1588-2. OpenVAS Vulnerability Test $Id: deb15882.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1588-2 linux-2.6 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability
ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-040 -- CVE ID: CVE-2008-1444 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows 2000 SP4 -- TippingPointTM IPS Customer Protection:...
Apple QuickTime SMIL qtnext Redirect File Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of SMIL text embedded in video...
Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of SAM...
Apple QuickTime Indeo Video Buffer Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
CMS from Scratch <= 1.1.3 (fckeditor) Remote Shell Upload Exploit
No description provided by source. ?php / ----------------------------------------------------------------- CMS from Scratch = 1.1.3 fckeditor Remote Shell Upload Exploit ----------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.1.:...
Debian: Security Advisory (DSA-1586-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1586-1 : xine-lib - multiple vulnerabilities
Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player. The Common Vulnerabilities and Exposures project identifies the following three problems : - CVE-2008-1482 Integer overflow vulnerabilities exis...
DSA-1586-1 xine-lib - multiple vulnerabilities
Bulletin has no description...
ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability
ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-027 -- CVE ID: CVE-2008-2241 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates BrightStor ARCserve Server -- TippingPointTM IPS Custom...
CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Vulnerability
This vulnerability allws attackers to execute arbitrary code on vulnerable installations of CA BrightStor ARCserve Backup for Linux. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper bounds checking in the xdrrwsstring library function. By...
cPanel XSRF vulnerabilities
Overview cPanel contains multiple cross-site request forgery XSRF vulnerabilities. If successfully exploited, these vulnerabilities may allow an attacker to execute arbitrary commands. Description cPanel, a web-based tool that is designed to automate and control web sites and servers, contains...
Debian Security Advisory DSA 1543-1 (vlc)
The remote host is missing an update to vlc announced via advisory DSA 1543-1. OpenVAS Vulnerability Test $Id: deb15431.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1543-1 vlc Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...