2400 matches found
Macromedia ColdFusion MX CFIDE/probe.cfm Direct Request Path Disclosure
A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers. When certain malformed URL requests port 8500 are received by the server, an error message is returned containing the full path of the ColdFusion installation. %NASLMINLEVEL...
CVE-2002-0367
CVE-2002-0367 affects Windows NT/2000 and involves the smss.exe debugging subsystem not properly authenticating connections to privileged processes. This allows a local attacker to gain Administrator or SYSTEM privileges by duplicating a handle to a privileged process. The vulnerability is charac...
iDEFENSE Security Advisory 02.27.03: TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 02.27.03: http://www.idefense.com/advisory/02.27.03.txt TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsing February 27, 2003 I. BACKGROUND TCPDUMP is a widely used network debugging tool that prints out the...
HTTP TRACE / TRACK Methods Allowed
The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. This script was written by Thomas Reinke Improvements re TRACK and RFP reference courtesy of Improvements by rd - httpget to get full HTTP/1.1 support,...
CVE-2002-2032
sqllayer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sqldebug parameter to 1 index.php and 2 modules.php...
[AP] Oracle Reports Server Information Disclosure Vulnerability
-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: skp [email protected] release date: 07/17/2002 homepage: http://sec.angrypacket.com advisory id: 0x0004...
CVE-2001-1146
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack...
CVE-2001-1146
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 is affected. The issue stems from creating temporary files with predictable names, enabling local users to perform a symlink attack to modify files. The description in the Connected documents confirms the root cause as predictable t...
CVE-2001-1166
The CVE-2001-1166 entry concerns linprocfs on FreeBSD 4.3 and earlier that does not properly restrict access to kernel memory. The vulnerability enables a process with debugging rights on a privileged process to read restricted memory from that process. Affected component: linprocfs in FreeBSD; r...
CGIScript.net - csPassword.cgi 1.0 Information Disclosure
CGIScript.net - csPassword.cgi 1.0 Information Disclosure source: https://www.securityfocus.com/bid/4887/info CGIScript.net provides various webmaster related tools and is maintained by Mike Barone and Andy Angrick. A vulnerability has been reported in the csPassword.cgi script developed by...
DebPloit (exploit)
DebPloit allows Everyone to get handle to Any process or thread. Handles have enough access to promote everyone to system/admin in the case Target is running under LocalSystem, Administrator account. Works on: Any MS Windows NT 4.0, Windows 2000 SPs before Mar-12-2002. Former NTs weren't tested...
Microsoft Windows NT 4.02000 - Process Handle Local Privilege Escalation
Microsoft Windows NT 4.02000 - Process Handle Local Privilege Escalation source: https://www.securityfocus.com/bid/4287/info A vulnerability in Microsoft Windows 2000 and NT 4 could allow a user to gain SYSTEM-level privileges on the local host. The debugging subsystem, which is available to all...
VulnCheck KEV: CVE-2002-0367
smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges...
Microsoft Windows NT 4.0/2000 - Process Handle Local Privilege Escalation
source: https://www.securityfocus.com/bid/4287/info A vulnerability in Microsoft Windows 2000 and NT 4 could allow a user to gain SYSTEM-level privileges on the local host. The debugging subsystem, which is available to all users, may be used to create duplicate handles to a privileged process...
FreeBSD-SA-02:08.exec
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:08 Security Advisory FreeBSD, Inc. Topic: race condition during exec may allow local root compromise Category: core Module: kernel Announced: 2002-01-24 Credits: Logan...
Проблемы с snmp в linksys (information leakage)
После обращения к комьюнити public устройство начинает посылать на запрашивающих хос snmp-trap'ы с отладочной информацией...
CVE-2001-0157
Palm OS 3.5.2 and earlier is affected by a debugging utility in the backdoor mode that lets an attacker with physical access bypass access restrictions and obtain passwords despite a lockout mechanism. The available sources do not specify a patch or remediation steps. Exploit specifics are not pr...
Потенциальная дырка в драйверах Windows NT/2000 (DbgPrint format string)
Во многих дрйверах ошибка форматной строки при вызови функции отладки...
SSH CRC-32 Compensation Attack Detector Vulnerability Exploit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is the exploit for the bug in file deattack.c in the portable version of openssh-2.2.0 and possible below. We need to know several numbers for it to work so it's very difficult to use the exploit on the wild. 1. We need to know is the EXACT...
Stunnel format bug
Macaroon Advisory Hi, ppl We have recently discovered a format bug in stunnel= 3.8 in which the log function calls directly the syslog with only two parameters: sysloglevel, text. It should be sysloglevel, "s", text. If a user can pass any string that is written to the log file, he can exploit th...