Fedora 12 : php-pear-CAS-1.1.2-1.fc12 (2010-12247)

Security fixes Fix a session hijacking hole CVE-2010-2795 PHPCAS-61 callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796 PHPCAS-67 Bug fixes Fix warnings for SAML responses without attributes PHPCAS-59 Fix duplicate SAML debug output PHPCAS-64 Providing a new ST/PT/SA during...

QuickTime Player Streaming Debug Error Logging Buffer Overflow Vulnerability

The host is running QuickTime Player and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbapplequicktimeplayerbofvuln.nasl 5263 2017-02-10 13:45:51Z teissa $ QuickTime Player Streaming Debug Error Logging Buffer Overflow Vulnerability Authors: Madhuri D Copyright:...

Apple QuickTime QuickTimeStreaming.qtx远程栈溢出漏洞

BUGTRAQ ID: 41962 Apple QuickTime是一款非常流行的多媒体播放器。 QuickTimeStreaming.qtx在创建将要写入到调试日志文件的字符串时存在栈溢出漏洞，如果用户所查看的网页引用了包含有超长URL的 SMIL文件就可以触发这个溢出，导致执行任意代码。 Apple QuickTime Player 7.6.6 1671 厂商补丁： Apple ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.apple.com...

Fedora Core 11 FEDORA-2009-13195 (merkaartor)

The remote host is missing an update to merkaartor announced via advisory FEDORA-2009-13195. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

Fedora 12 : merkaartor-0.14-2.fc12 (2009-13196)

This update fixes a possible symlink attack on the debug log merkaartor.log by no longer writing it out by default. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format ...

Default credentials

Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files...

airsensor-dos.txt

!/usr/bin/perl -w Airsensor M520 HTTPD Remote Preauth Denial Of Service and Buffer Overflow PoC The vulnerability is caused due to an unspecified error in the cgis files filter used for configure propierties. This can be exploited by sending a specially crafted HTTPS request necessary...

Samba winbindd Debug Log Server Credentials Local Disclosure

According to its version number, the remote Samba server is affected by a flaw that may allow a local attacker to get access to the passwords sent to the winbindd daemon if the debug level has been set to 5 or higher. C Tenable Network Security, Inc. include"compat.inc"; if description...

CVE-2003-0812

Stack-based buffer overflow in a logging function for Windows Workstation Service WKSSVC.DLL allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file "NetSetup.LOG", as demonstrated using the NetAddAlternateComputerName API...

SCOUNIX_shadow_exploit.txt

Greetings, Any user may overwrite any file with group auth i.e. /etc/shadow, /etc/passwd using /etc/sysadm.d/bin/userOsa. Note that this will not change the permissions of the file or allow for the user to input a passwd entry string into these files, it will simply clobber the contents of the fi...

SCO Open Server 5.0.5 - userOsa Symlink

SCO Open Server 5.0.5 - userOsa Symlink source: https://www.securityfocus.com/bid/701/info Under certain versions of SCO OpenServer there exists a symlink vulnerability which can be exploited to overwrite any file which is group writable by the 'auth' group. The problem in particular is in the th...

SCO Open Server 5.0.5 - 'userOsa' Symlink

source: https://www.securityfocus.com/bid/701/info Under certain versions of SCO OpenServer there exists a symlink vulnerability which can be exploited to overwrite any file which is group writable by the 'auth' group. The problem in particular is in the the /etc/sysadm.d/bin/userOsa executable...