Mandrake Linux Security Advisory : kernel (MDKSA-2005:235)

Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this update : A stack-based buffer overflow in the sendmsg function call in versions prior to 2.6.13.1 allow local users to execute arbitrary code by calling sendmsg and modifying the message contents in anothe...

CVE-2005-4368

roundcube webmail Alpha, with a default high verbose level $rcmailconfig'debuglevel' = 1, allows remote attackers to obtain the full path of the application via an invalidtask parameter, which leaks the path in an error message...

[Full-disclosure] Cisco PIX TCP Connection Prevention

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is Cisco PSIRT's response to the statements made by Arhont Ltd.- Information Security in its message: Full-disclosure Cisco PIX TCP Connection Prevention, posted on November 22, 2005. The original email is available...

CVE-2005-3727

SQL injection vulnerability in debug/queryresults.jsp in Idetix Software Systems Revize CMS allows remote attackers to execute arbitrary SQL commands via the query parameter...

CVE-2005-3727

The CVE-2005-3727 entry concerns an SQL injection in Idetix Software Systems Revize CMS, specifically in debug/query_results.jsp. The vulnerability arises from unsafely handling the query parameter, enabling remote attackers to execute arbitrary SQL commands. Affected component is the Revize CMS ...

CVE-2005-3504

Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code...

Default password 'synnet' for account 'debug' (SSH/Telnet)

The account SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.17289";...

Sendmail 8.x < 8.6.7 Long Debug Local Overflow Vulnerability

The remote Sendmail server, according to its version number, allows local users to gain root access via a large value in the debug -d command line option. SPDX-FileCopyrightText: 2003 Xue Yong Zhi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Sendmail DEBUG Mode Leak Vulnerability

According to the version number of the remote mail server, a local user may be able to obtain the complete mail configuration and other interesting information about the mail queue. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and...

ColdFusion Debug Mode

It is possible to see the ColdFusion Debug Information by appending ?Mode=debug at the end of the request like GET /index.cfm?Mode=debug. 4.5 and 5.0 are definitely concerned probably in addition older versions. The Debug Information usually contain sensitive data such as Template Path or Server...

DB4Web TCP relay

DB4Web debug page allows anybody to scan other machines. You may be held for responsible. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2005-3396

Buffer overflow in the chcons chcon command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument...

CVE-2005-3396

CVE-2005-3396 : The issue is in IBM AIX 5.2 and 5.3, affecting the chcons (chcon) command. The root cause is a buffer overflow when DEBUG MALLOC is enabled, which could allow an attacker to execute arbitrary code via a long command line argument. The connected documents (NVD entry and related adv...

If the other is a BT-vulnerability warning-the black bar safety net

Use the security policy prohibits local host is connected to each other in any port! Then allow others to connect their 8 0 port! The debug/ftp/tftp/its/start/net/net1/echo/edit to remove it! Local only provides a web service! Shut down/filter all ports,and now get this host is a shell, there are...

Immunity Canvas: STINKY_DEBUG

Name| stinkydebug ---|--- CVE| CVE-2005-3252 Exploit Pack| CANVAS Description| Stinky Debug Notes| CVE Name: CVE-2005-3252 VENDOR: Stinky Repeatability: Single shot References: http://xforce.iss.net/xforce/alerts/id/207 CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3252 Date...

Bypass Windows Rootkit detection systems-vulnerability warning-the black bar safety net

Introduction PatchFinder is a design very cleverprocedure, based on EPAexecution path analysistechniques are used to detect the intrusion of kernel Rootkits. Appendix 1 and 2 allows you to understand how it works. This article will provide a bypass of the EPA method. Method The EPA Intel-based...

[Full-disclosure] CAID 33485 - Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability CA Vulnerability ID: 33485 Discovery Date: 2005-10-06 CA Advisory Date: 2005-10-14 Discovered By: EMendoza Impact: Remote attacker can execute arbitrary code...

Computer Associates iGateway buffer overflow

Buffer overflow on HTTP request parsing if debug mode is enabled...

[SA17085] CA iGateway Debug Mode HTTP GET Request Buffer Overflow

TITLE: CA iGateway Debug Mode HTTP GET Request Buffer Overflow SECUNIA ADVISORY ID: SA17085 VERIFY ADVISORY: http://secunia.com/advisories/17085/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: CA iGateway 4.x http://secunia.com/product/5821/ CA iGateway 3.x...

CVE-2005-3179

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information...