DEBIAN-CVE-2010-4336

The currdcreatefile function src/utilsrrdcreate.c in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service assertion failure via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the 1 RRDtool and 2 RRDCacheD...

XSS vulnerability in Create Space Button macro

We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence create-space-button macro. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about XSS attacks at various places on the web, including...

SuSE 11 Security Update : Xen (SAT Patch Number 2230)

Collective Xen/201004 Update, containing fixes for the following issues : - pygrub, reiserfs: Fix on-disk structure definition bnc537370 - Xen on SLES 11 does not boot - endless loop in ATA detection bnc561912 - xend leaks memory bnc564750 - Keyboard Caps Lock key works abnormal under SLES11 xen...

Fedora Update for banshee FEDORA-2010-16907

Check for the Version of banshee OpenVAS Vulnerability Test Fedora Update for banshee FEDORA-2010-16907 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2010-3867

Multiple directory traversal vulnerabilities in the modsitemisc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a 1 SITE MKDIR, 2 SITE RMDIR, 3 SITE SYMLINK...

JAF CMS 4.0 RC2 Remote File Inclusion / Command Execution

===================================== Vulnerability ID: HTB22666 Reference: http://www.htbridge.ch/advisory/rfiinjafcms.html Product: JAF CMS Vendor: JAF CMS http://jaf-cms.sourceforge.net/ Vulnerable Version: 4.0 RC2 Vendor Notification: 21 October 2010 Vulnerability Type: Remote File Inclusion...

JAF CMS 4.0 rc2 - Multiple Vulnerabilities

Vulnerability ID: HTB22665 Reference: http://www.htbridge.ch/advisory/shellcreatecommandexecutioninjafcms.html Product: JAF CMS Vendor: JAF CMS http://jaf-cms.sourceforge.net/ Vulnerable Version: 4.0 RC2 Vendor Notification: 21 October 2010 Vulnerability Type: Shell create & command execution...

MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...

RoSPORA 1.5.0 - Remote PHP Code Injection

'; 671. $link=$SERVER'PHPSELF'."?f=".$flag."&s="; 672. 673. if !empty$plarray 674. 675. usort$plarray, createfunction'$a, $b', 'if $a'.$sort.' == $b'.$sort.' return 0; if $a'.$sort.' '.$sorttype.' $b'.$sort.' return -1; return 1;'; 676. Input parameter passed through $GET's' isn't properly...

DSA-2115-1 moodle - several vulnerabilities

Bulletin has no description...

Debian DSA-2114-1 : git-core - buffer overflow

The Debian stable point release 5.0.6 included updated packages of the Git revision control system in order to fix a security issue. Unfortunately, the update introduced a regression which could make it impossible to clone or create Git repositories. This upgrade fixes this regression, which is...

Page view restriction is not inheriting to child pages in some spaces

When a new page is created using the create-page macro the child page does not have restrictions inherited. This is only happening for a few spaces. If I try the same macro in another space it will work fine. I have rebuilt the ancestors table but this issue is still happening. Please advise...

Page view restriction is not inheriting to child pages in some spaces

When a new page is created using the create-page macro the child page does not have restrictions inherited. This is only happening for a few spaces. If I try the same macro in another space it will work fine. I have rebuilt the ancestors table but this issue is still happening. Please advise...

Page view restriction is not inheriting to child pages in some spaces

When a new page is created using the create-page macro the child page does not have restrictions inherited. This is only happening for a few spaces. If I try the same macro in another space it will work fine. I have rebuilt the ancestors table but this issue is still happening. Please advise...

win32/xp sp3 (Tr) Create New File (zrl.txt) 74 bytes

Exploit for win32 platform in category shellcode...

Hycus CMS 1.0.1 Cross Site Request Forgery

Date: Thu 26 Aug 2010 07:53:22 PM EEST Vendor: http://www.hycus.com/ Download: http://www.hycus.com/download/hycuscms-1.0.1.zip --- -= CSRF PoC 1 - Change Admin Password =- Hycus CMS 1.0.1 Multiple CSRF Vulnerabilities - Change Admin Password -= CSRF PoC 2 - Create Admin User =- Hycus CMS 1.0.1...

Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Thu 26 Aug 2010 07:53:22 PM EEST Vendor: http://www.hycus.com/ Download: http://www.hycus.com/download/hycuscms-1.0.1.zip --- -= CSRF PoC 1 - Change Admin Password =- Hycus CMS 1.0.1 Multiple CSRF Vulnerabilities - Change Admin Password -= CSRF PoC 2 - Create Admin User =- Hycus CMS 1.0.1...

Hycus CMS 1.0.1 Multiple Cross Site Request Forgery Vulnerabilities

Exploit for php platform in category web applications =================================================================== Hycus CMS 1.0.1 Multiple Cross Site Request Forgery Vulnerabilities =================================================================== Date: Thu 26 Aug 2010 07:53:22 PM EEST...

Preemptive Protection against Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow

A buffer overflow vulnerability exists in Novell GroupWise Internet Agent, a client-server collaborative software and email system provided by Novell. The vulnerability is within the IMAP component of the GroupWise Internet Agent service and is due to a boundary error while handling provided...

Zomplog CMS 3.9 Cross Site Request Forgery / Cross Site Scripting

Date: Sun 15 Aug 2010 04:33:33 PM EEST Vendor: http://www.zomp.nl/zomplog/ Download: http://www.zomp.nl/zomplog/downloads/zomplog/zomplog3.9.zip --- -= CSRF PoC 1 - Change Admin Password =- Zomplog CMS 3.9 Multiple XSS/CSRF Vulnerabilities - Change Admin Password -= CSRF PoC 2 - Create Admin User...