2400 matches found
AwStats <= 6.4 Denial Of Service (with Advisory)
No description provided by source. !/usr/bin/perl Summarized the advisory www.ghc.ru GHC: /str0ke 0 Exploitable example raw log plugin: Attacker can read sensitive information http://server/cgi-bin/awstats-6.4/awstats.pl?pluginmode=rawlog&loadplugin=rawlog 1 Perl code execution. This script...
Cisco 'tech-support' Anonymous User Debugging Information Disclosure
Binary data 2497.prm...
CVE-2004-2024
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via passwordforgotten.php...
Netware screensaver protection bypass
By using debugging features it's possible to terminate screensaver process from console...
DEBIAN-CVE-2004-0777
Format string vulnerability in the authdebug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging DEBUGLOGIN is enabled, allows remote attackers to execute arbitrary code...
multi-gnome-terminal information leak
Keystrokes are logged to user's home in debugging mode...
multi-gnome-terminal: Information leak
Background multi-gnome-terminal is an enhanced terminal emulator that is derived from gnome-terminal. Description multi-gnome-terminal contains debugging code that has been known to output active keystrokes to a potentially unsafe location. Output has been seen to show up in the '.xsession-errors...
GLSA-200409-10 : multi-gnome-terminal: Information leak
The remote host is affected by the vulnerability described in GLSA-200409-10 multi-gnome-terminal: Information leak multi-gnome-terminal contains debugging code that has been known to output active keystrokes to a potentially unsafe location. Output has been seen to show up in the...
CVE-2004-0777
Format string vulnerability in the authdebug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging DEBUGLOGIN is enabled, allows remote attackers to execute arbitrary code...
[Full-Disclosure] iDEFENSE Security Advisory 08.18.04: Courier-IMAP Remote Format String Vulnerability
Courier-IMAP Remote Format String Vulnerability iDEFENSE Security Advisory 08.18.04 www.idefense.com/application/poi/display?id=131&type=vulnerabilities August 18, 2004 I. BACKGROUND Courier-IMAP is an IMAP/POP3 mail server popular on sites utilizing Qmail/Exim/Postfix. More information is...
Courier-imap debugging format string
Pre-authentication format string bug in debugging function...
Ошибка переполнения буффера в aGsm версии 2.35c и в последней developer-версии (beta)...
Доброго времени суток! Мною обнаружена ошибка переполнения буффера и вероятно возможность удалённого исполнения вредоносного кода в последних версиях aGsm. Заключается она в следующем: При обработке ответа от Half-Life серверов, aGsm, как выяснилось, не проверяет длинну строки hostname, а копируе...
Ollydbg <= 1.10 Format String Bug
Exploit for unknown platform in category local exploits ================================= Ollydbg include include pragma commentlib,"kernel32.lib" void main unsigned char buffer = "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90...
nCipher Advisory #10: Pass phrases are exposed in netHSM log files
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 nCipher Security Advisory No. 10 Pass phrases are exposed in netHSM log files -------------------------------------------- SUMMARY ======= Pass phrases entered by means of the nCipher netHSM front panel, either using the built in thumbwheel or using a...
Confixx 2 - Perl Debugger Remote Command Execution
Confixx 2 - Perl Debugger Remote Command Execution source: https://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to ...
Microsoft Frontpage Server buffer overflow
Buffer overflow in remote debugging interface...
Microsoft FrontPage Server Extensions Remote Debug Buffer Overrun Vulnerability
Description Microsoft FrontPage Server Extensions are prone to a remotely exploitable buffer overrun vulnerability that is exposed via remote debugging functionality. It is possible to trigger this condition with a chunked-encoded HTTP POST request. This could be exploited to execute arbitrary co...
OpenSSL does not securely handle invalid public key when configured to ignore errors
Overview A vulnerability in the way OpenSSL handles invalid public keys in client certificate messages could allow a remote attacker to cause a denial of service. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typical...
PHP XSS exploit in phpinfo()
PHP XSS exploit in phpinfo by Silent Needle A: BACKGROUNDfrom php.net int phpinfo int what Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment if compiled ...
JBoss.txt
Hi, jboss 3.2.1 with jetty seems to be vulnerable to jsp source code disclosure. Trying to access the ServerInfo.jsp with an suffixed "%00" shows the source code of this JSP. Seems to be a forgotten debug feature :- http://192.168.0.4:8080/web-console/ServerInfo.jsp%00 Sincerely Marc Schoenefeld...