965 matches found
XSLT can include stylesheets from arbitrary hosts — Mozilla
xsl:include and xsl:import can include XSLT stylesheets from arbitrary domains including those behind the user's firewall. This at least allows for existence checking of these files; it's not clear how much, if any, data could be extracted from arbitrary XML files...
[Full-Disclosure] unzoo 4.4 directory travels
ddaa sseeccuurriittyy ccoonnssuullttaannttee ''''ddoouubblleess'''' aauuddiitttteedd mmaannyy mmoorree aarrcchhiivveess ssiinnssee llaasstt ttiimmee!! uunnzzoooo 44..44 hhaavvee ddiirreeccttoorryy ttrraavveerrssaall bbuugg ttoo!! bbwwaahhaahhaahhaahh!! ggiivvee mmee mmaannyy sseeccuurriittyy jjoo...
ON Command CCM default pasword
Few accounts with default passwords for Sybase database...
FreeBSD : libpng stack-based buffer overflow and other code concerns (94)
The following package needs to be updated: firefox %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgf9e3e60be65011d89b0a000347a4fa7d.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...
BlackMoon weak encryption
Passwords are stored in .mdb file...
Gallery code execution
No description provided...
xoops Quizz Module IMG bug
Author: Magistrat http://www.blocus-zone.com magistrat@blocus-zone com Date: 11/11/2002 Object: IMG bug in quizz module risk: Medium-high advisory url: http://www.blocus-zone.com/modules/news/article.php?storyid=180 ----------------------------------------------------- After having highlighted wi...
SMTP settings
This plugin sets various SMTP parameters because several checks need to use a third-party host/domain name in order to work properly. The checks that rely on this are SMTP or DNS relay checks. By default, 'example.edu' is being used for this purpose. However, under some circumstances, this may le...
Linksys BEFVP41 VPN Server does not follow proper VPN standards
Dear all, A month ago, we discovered a bug in the VPN Server module of the Linksys EtherFast BEFVP41 Cable/DSL VPN Router. Here's the detailed email we sent to Linksys Tech Support: Begin Email Dear Support @ Linksys, We recently heard about your BEFVP41 and thought we'd try it out as we liked th...
Possible Issue with Netinfo and Mac OS X
Hi, I have been using Mac OS X for quite a while now, and I have just found something that concerns me a little. As you probably know Mac OS X is based on BSD and by default does not have any services running though it is not hard to turn these on thefore is reasonably secure out of the box. Now ...
Выполнение JavaScript в контексте сервера
Можно вставить javascript в URL таким образом, что javascript будет выполнен в контексте сервера...
reading from execve()ed setuid memory
Posted to bugzilla.redhat.com: Tue, 15 May 2001 06:43:27 -0400 This was then made unaccessable, and I've seen nothing that looks like a fix yet. A month and a half seems like long enough to work it out. Contents of https://bugzilla.redhat.com/bugzilla/showbug.cgi?id=40658 as posted before the pag...
3COM OfficeConnect DSL router vulneratibilities
Yesterday night I discovered a vulnerabilty. The router is a 3COM OfficeConnect 812 and the vulnerability is on the HTTP server, on port 80. When you enter with a browser on one of this router, you are asked for user/password, if you fail, you can see a web page telling you that is a protected...
Linux news 6.10.00
Ваш билет до Windows 2000 Примечательное начало: как бы вы ни относились к Microsoft, трудно отрицать, что Windows 2000 Professional - это на сегодня самая стабильная и мощная версия Windows. Если вы были бы рады избавиться от изъянов и ограничений Windows 95 или 98, но не собираетесь в ближайшее...
XFree86 server overflow - exploit issues
While trying to exploit this overflow, I noticed that the problem lies in lovely strcpy call, which overwrites stack. Unfortunately, any 'offending' non-alphanumeric characters are replaced with '' somewhere before. Uh, most of people will say "it's impossible to write alphanumeric shellcode, so ...
SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application
Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, I am not liable for any damages caused by direct or indirect use of the information or functionality provided by this advisory. I bear NO responsibility for...
sshd.install.risks.txt
Date: Mon, 10 May 1999 22:26:19 +0200 From: "GWDVMS::MOELLER" Subject: Risks of upgrading a UNIX system When was the last time you rebuilt all privileged suid root' applications when upgrading a unix system, just in case? I'm pretty sure one can find small print' that demands this, however I'm...
microsoft.privacy.issue.txt
Date: Tue, 11 May 1999 21:55:22 -0600 MDT From: cult hero To: InfoSec News Subject: ISN Everywhere your MAC address shows up Forwarded From: MICROSOFT'S HEAVY HAND IN THE COOKIE JAR A special report from YEOW - Barry Simon. See the Woody's Office Watch discussion and details on the Office 97...
excite-web.txt
Date: Mon, 30 Nov 1998 17:20:04 -0600 From: Michael Gerdts Subject: Security bugs in Excite for Web Servers 1.1 On November 11 I reported the folloing problmes to [email protected]. I have only recieved an automated reply. I have found numerous security concerns with EWS 1.1 which can lead to an...
msie.5.typedURL.ftp.address.txt
Date: Thu, 6 May 1999 12:14:51 -0600 From: Mark To: [email protected] Subject: Odd Behavior in IE5 Has anyone noticed this? After you visit an FTP site, IE5 places that URL in the TypedURLs list just like it does with Web site addresses, as seen in the drop down "Address" list at t...