2557 matches found
Moderate: Red Hat Security Advisory: httpd security, bug fix, and enhancement update
Updated httpd packages that fix a security issue, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular and freely-available Web...
pcre regular expression flaws
Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes...
OSI CODES - PHP Live! Remote File Inclusion
Aria-Security Team http://Aria-Security.Net Persian Security Network Source Code: ? / COPYRIGHT OSI CODES - PHP Live! / sessionstart ; $l = "" ; // try to get cookie value first if isset $HTTPCOOKIEVARS'COOKIEPHPLIVESITE' $l = $HTTPCOOKIEVARS'COOKIEPHPLIVESITE' ; if isset $HTTPGETVARS'l' $l =...
openSUSE 10 Security Update : wget (wget-1689)
This update fixes a security in wget, where evil servers could send terminal escape codes to the user calling wget. This would only affect interactive sessions. CVE-2004-1488 Additionaly a previous '.file' fix was found to be buggy and replaced. This bug could lead to '.directories' not being...
SPIP v1.7 Remote File Inclusion Bug
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++ SPIP v1.7 Remote File Inclusion Bug ! ++++++++...
spip-rfi.txt
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++ SPIP v1.7 Remote File Inclusion Bug ! ++++++++...
dalai-rfi.txt
============================================================================================== Dalai Forum Remote File Inclusion Exploit =============================================================================================== DORK : "Dalai Forum"...
firesoft-rfi.txt
============================================================================================== Firesoft Remote File Inclusion =============================================================================================== DORK : n0t d0rk...
CVE-2007-3945
Rule Set Based Access Control RSBAC before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...
Authentication flaw
Rule Set Based Access Control RSBAC before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...
Low: cpio security and bug fix update
2.5-13.RHEL4 - protoize cpio source - Resolves 217375 2.5-12.RHEL4 - improve previous fix of lfs.patch 2.5-11.RHEL4 - improve previous fix of lfs.patch 2.5-10.RHEL4 - fix cpio large filesize buffer overflow 172865 - fix exit codes 183224...
CVE-2007-2566
The SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to cause a denial of service disk consumption by uploading multiple bar codes, as demonstrated by a WSF package...
Low: Red Hat Security Advisory: cpio security and bug fix update
An updated cpio package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A buffer overflow was found in cpio on 64-bit platform...
[Full-disclosure] ASA-2007-011: Multiple problems in SIP channel parser handling response codes
Asterisk Project Security Advisory - ASA-2007-011 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Multiple problems in SIP channel parser handling | | | respons...
GeBlog 0.1 GLOBALS[tplname] Local File Inclusion Exploit (win)
Exploit for unknown platform in category web applications ============================================================== GeBlog 0.1 GLOBALStplname Local File Inclusion Exploit win ============================================================== !/usr/bin/perl GeBlog 0.1GLOBALStplnameLocal File...
Cross site scripting
Cross-site scripting XSS vulnerability in the Servlet Service in Fujitsu Interstage Application Server IJServer 8.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving web.xml and HTTP 404 and 500 status codes...
CVE-2007-1504
Cross-site scripting XSS vulnerability in the Servlet Service in Fujitsu Interstage Application Server IJServer 8.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving web.xml and HTTP 404 and 500 status codes...
CVE-2007-0541
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...
CVE-2007-0541
WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain...
Xero Portal (phpbb_root_path) Remote File Include Vulnerablity
Exploit for unknown platform in category web applications ============================================================== Xero Portal phpbbrootpath Remote File Include Vulnerablity ============================================================== C XORON - 2007 Bug name: Xero Portal v1.2 phpbbrootpat...