1055 matches found
Computer Associates Alert Notification Server buffer overflow
Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...
Computer Associates Alert Notification Server buffer overflow
Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...
CVE-2007-2844
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...
Race condition
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...
CVE-2007-2844
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...
CVE-2007-2844
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...
Unix/BSD/Linux the password mechanism of the century-vulnerability and early warning-the black bar safety net
Freebird [email protected] 1. Overview Early U N I X system to a user password stored in a plain text readable“password file”, which may be in the system administrator's attention to the case of not being intercepted and exposed. It also may have been in one accident in the leak. From AT&T UNIX...
sphpblog多个输入验证漏洞
Simple PHP Blog是一款无需数据库支持的简单Blog程序。 sphpblog中存在多个漏洞,起因是应用程序没有正确的验证用户输入。远程攻击者可以利用这些漏洞获取敏感信息或执行任意代码。 A. 完整路径泄漏 http://Url/sphpblog/scripts/sbfunctions.php Ex: Warning: mainscripts/sbfileio.php: failed to open stream: No such file or directory in /var/www/sphpblog/scripts/sbfunctions.php on line 52...
Windows RASMAN registry corruption vulnerability
Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...
Windows RASMAN registry corruption vulnerability
Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...
pppBlog-0.3.8.txt
!/usr/bin/php -q -d shortopentag=on ? echo "pppBlog = 0.3.8 system disclosure exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: intext:"Powered by pppblog"\r\n\r\n"; / works with: registerglobals=On / if $argc4 echo "Usage: php...
security flaw
The cryptgensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in cryptblowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number o...
GLSA-200603-15 : Crypt::CBC: Insecure initialization vector
The remote host is affected by the vulnerability described in GLSA-200603-15 Crypt::CBC: Insecure initialization vector Lincoln Stein discovered that Crypt::CBC fails to handle 16 bytes long initializiation vectors correctly when running in the RandomIV mode, resulting in a weaker encryption...
GLSA-200603-14 : Heimdal: rshd privilege escalation
The remote host is affected by the vulnerability described in GLSA-200603-14 Heimdal: rshd privilege escalation An unspecified privilege escalation vulnerability in the rshd server of Heimdal has been reported. Impact : Authenticated users could exploit the vulnerability to escalate privileges or...
[SECURITY] [DSA 996-1] New Crypt::CBC packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 996-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 996-1] New Crypt::CBC packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 996-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...
DSA-996-1 libcrypt-cbc-perl - programming error
Bulletin has no description...
kernel security update
CentOS Errata and Security Advisory CESA-2006:0132 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the third regular update. This update has been rated as having moderate security impact by the Red Hat Security...
RHEL 4 : Updated kernel packages available for Red Hat Enterprise Linux 4 Update 3 (Moderate) (RHSA-2006:0132)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2006:0132 advisory. The Linux kernel handles the basic functions of the operating system. This is the third regular kernel update to Red Hat Enterprise Linux 4. New...
Moderate: Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 3
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the third regular update. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Linux kernel handles the basic...