Lucene search
+L

965 matches found

Mozilla
Mozilla
added 2005/02/24 12:0 a.m.22 views

XSLT can include stylesheets from arbitrary hosts — Mozilla

xsl:include and xsl:import can include XSLT stylesheets from arbitrary domains including those behind the user's firewall. This at least allows for existence checking of these files; it's not clear how much, if any, data could be extracted from arbitrary XML files...

7.1AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2004/10/14 12:0 a.m.38 views

[Full-Disclosure] unzoo 4.4 directory travels

ddaa sseeccuurriittyy ccoonnssuullttaannttee ''''ddoouubblleess'''' aauuddiitttteedd mmaannyy mmoorree aarrcchhiivveess ssiinnssee llaasstt ttiimmee!! uunnzzoooo 44..44 hhaavvee ddiirreeccttoorryy ttrraavveerrssaall bbuugg ttoo!! bbwwaahhaahhaahhaahh!! ggiivvee mmee mmaannyy sseeccuurriittyy jjoo...

1AI score
Exploits0
securityvulns
securityvulns
added 2004/09/27 12:0 a.m.32 views

ON Command CCM default pasword

Few accounts with default passwords for Sybase database...

2.6AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/08/06 12:0 a.m.41 views

FreeBSD : libpng stack-based buffer overflow and other code concerns (94)

The following package needs to be updated: firefox %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgf9e3e60be65011d89b0a000347a4fa7d.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.6AI score0.82537EPSS
Exploits3References23
securityvulns
securityvulns
added 2003/05/22 12:0 a.m.19 views

BlackMoon weak encryption

Passwords are stored in .mdb file...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/12/30 12:0 a.m.21 views

Gallery code execution

No description provided...

2.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/11/12 12:0 a.m.39 views

xoops Quizz Module IMG bug

Author: Magistrat http://www.blocus-zone.com magistrat@blocus-zone com Date: 11/11/2002 Object: IMG bug in quizz module risk: Medium-high advisory url: http://www.blocus-zone.com/modules/news/article.php?storyid=180 ----------------------------------------------------- After having highlighted wi...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/07/01 12:0 a.m.129 views

SMTP settings

This plugin sets various SMTP parameters because several checks need to use a third-party host/domain name in order to work properly. The checks that rely on this are SMTP or DNS relay checks. By default, 'example.edu' is being used for this purpose. However, under some circumstances, this may le...

5.5AI score
Exploits0References1
securityvulns
securityvulns
added 2002/03/10 12:0 a.m.29 views

Linksys BEFVP41 VPN Server does not follow proper VPN standards

Dear all, A month ago, we discovered a bug in the VPN Server module of the Linksys EtherFast BEFVP41 Cable/DSL VPN Router. Here's the detailed email we sent to Linksys Tech Support: Begin Email Dear Support @ Linksys, We recently heard about your BEFVP41 and thought we'd try it out as we liked th...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2001/09/04 12:0 a.m.41 views

Possible Issue with Netinfo and Mac OS X

Hi, I have been using Mac OS X for quite a while now, and I have just found something that concerns me a little. As you probably know Mac OS X is based on BSD and by default does not have any services running though it is not hard to turn these on thefore is reasonably secure out of the box. Now ...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/07/03 12:0 a.m.56 views

Выполнение JavaScript в контексте сервера

Можно вставить javascript в URL таким образом, что javascript будет выполнен в контексте сервера...

0.4AI score
Exploits0References2Affected Software5
securityvulns
securityvulns
added 2001/06/28 12:0 a.m.28 views

reading from execve()ed setuid memory

Posted to bugzilla.redhat.com: Tue, 15 May 2001 06:43:27 -0400 This was then made unaccessable, and I've seen nothing that looks like a fix yet. A month and a half seems like long enough to work it out. Contents of https://bugzilla.redhat.com/bugzilla/showbug.cgi?id=40658 as posted before the pag...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/05/16 12:0 a.m.91 views

3COM OfficeConnect DSL router vulneratibilities

Yesterday night I discovered a vulnerabilty. The router is a 3COM OfficeConnect 812 and the vulnerability is on the HTTP server, on port 80. When you enter with a browser on one of this router, you are asked for user/password, if you fail, you can see a web page telling you that is a protected...

7AI score
Exploits0
securityvulns
securityvulns
added 2000/10/06 12:0 a.m.30 views

Linux news 6.10.00

Ваш билет до Windows 2000 Примечательное начало: как бы вы ни относились к Microsoft, трудно отрицать, что Windows 2000 Professional - это на сегодня самая стабильная и мощная версия Windows. Если вы были бы рады избавиться от изъянов и ограничений Windows 95 или 98, но не собираетесь в ближайшее...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2000/04/17 12:0 a.m.43 views

XFree86 server overflow - exploit issues

While trying to exploit this overflow, I noticed that the problem lies in lovely strcpy call, which overwrites stack. Unfortunately, any 'offending' non-alphanumeric characters are replaced with '' somewhere before. Uh, most of people will say "it's impossible to write alphanumeric shellcode, so ...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2000/03/01 12:0 a.m.98 views

SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application

Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, I am not liable for any damages caused by direct or indirect use of the information or functionality provided by this advisory. I bear NO responsibility for...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.44 views

sshd.install.risks.txt

Date: Mon, 10 May 1999 22:26:19 +0200 From: "GWDVMS::MOELLER" Subject: Risks of upgrading a UNIX system When was the last time you rebuilt all privileged suid root' applications when upgrading a unix system, just in case? I'm pretty sure one can find small print' that demands this, however I'm...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.37 views

microsoft.privacy.issue.txt

Date: Tue, 11 May 1999 21:55:22 -0600 MDT From: cult hero To: InfoSec News Subject: ISN Everywhere your MAC address shows up Forwarded From: MICROSOFT'S HEAVY HAND IN THE COOKIE JAR A special report from YEOW - Barry Simon. See the Woody's Office Watch discussion and details on the Office 97...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.50 views

excite-web.txt

Date: Mon, 30 Nov 1998 17:20:04 -0600 From: Michael Gerdts Subject: Security bugs in Excite for Web Servers 1.1 On November 11 I reported the folloing problmes to [email protected]. I have only recieved an automated reply. I have found numerous security concerns with EWS 1.1 which can lead to an...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.24 views

msie.5.typedURL.ftp.address.txt

Date: Thu, 6 May 1999 12:14:51 -0600 From: Mark To: [email protected] Subject: Odd Behavior in IE5 Has anyone noticed this? After you visit an FTP site, IE5 places that URL in the TypedURLs list just like it does with Web site addresses, as seen in the drop down "Address" list at t...

7.4AI score
Exploits0
Rows per page
Query Builder