RRDBrowse <= 1.6 Remote Arbitrary File Disclosure Vulnerability

Exploit for cgi platform in category web applications =============================================================== RRDBrowse = 1.6 Remote Arbitrary File Disclosure Vulnerability =============================================================== I - TITLE Security advisory: Arbitrary file disclosu...

PHP 5.0.5 - Safedir Restriction Bypass

source: https://www.securityfocus.com/bid/15119/info PHP is prone to multiple vulnerabilities that permit an attacker to bypass the 'safedir' directory restriction. An attacker can exploit these vulnerabilities to possible execute arbitrary code currently existing on a vulnerable system, or to...

CVE-2005-2693

cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack...

CVS < 1.12.12 Unspecified Remote Overflow

Binary data 2838.prm...

CVE-2003-0015

Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands...

CVS < 1.11.15 / 1.12.7 Client Traversal Arbitrary File Retrieval

Binary data 1219.prm...

CVE-2004-0416

Double free vulnerability for the errorprogname string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code...

CVE-2004-0414

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service crash, modification of critical program data, or arbitrary code execution...

CVE-2004-0416

Double free vulnerability for the errorprogname string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code...

CVE-2004-0396

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines...

CVE-2003-0015

Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands...

Advisory 01/2003: CVS remote vulnerability

e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: CVS remote vulnerability Release Date: 2003/01/20 Last Modified: 2003/01/20 Author: Stefan Esser [email protected] Application: CVS = 1.11.4 Severity: A vulnerability within CVS allows remote compromise of CVS servers. Risk:...

[DER ADV#8] - Local off by one in CVSD

Local off by one overflow in CVSD. intro: the family of scanf functions scanf, sscanf, fscanf are generally insecure in usage and steps have been taken to make them more...secure you might say like adding bounds checking sscanfhey, ".4096s d", buffer, int but the function still remains quite...

Linux news 19.09.00

Linux 2.2.18pre9 Alan Cox выпустил новую pre-версию следующего стабильного ядра Linux: 2.2.18pre9. В этой версии была поправлена поддержка NFS и была добавлена поддержка NFSv3, перенесены некоторые USB драйвера из Linux 2.4 и др. Подробнее:...