Debian: Security Advisory (DSA-1087-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1265-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 263-1 (netpbm-free)

The remote host is missing an update to netpbm-free announced via advisory DSA 263-1. OpenVAS Vulnerability Test $Id: deb2631.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 263-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-1343-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache 'mod_proxy_balancer'存在多个漏洞

BUGTRAQ ID: 27236 CVE ID:CVE-2007-6420 CVE-2007-6421 CVE-2007-6422 CVE-2007-6423 CNCVE ID:CNCVE-20076420 CNCVE-20076421 CNCVE-20076422 CNCVE-20076423 Apache HTTP Server是一款开放源码的WEB服务程序。 Apache HTTP Server包含的modproxybalancer模块存在输入验证问题，远程攻击者可以利用漏洞进行跨站脚本，CSRF，拒绝服务等攻击。 1，由于所有行为通过GET访问执行，存在“CSRF”攻击。...

autofs default doesn't set nodev in /net

The default configuration for autofs 5 autofs5 in some Linux distributions, such as Red Hat Enterprise Linux RHEL 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special devic...

linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes

No description provided by source. / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik [email protected] / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push $0x6d6f646e "\x68\x2f\x75\x72\x61" // push $0x6172752f...

CVE-2007-6320

Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery CSRF attacks...

CVE-2007-6320

The provided records identify CVE-2007-6320 as a vulnerability in a Drupal module (Feature 4.7.x-dev and 5.x-dev prior to 20071206). The root cause is that the module does not follow Drupal’s Forms API submission model, enabling remote attackers to perform cross-site request forgery (CSRF) attack...

PEAR::MDB2: Information disclosure

Background PEAR::MDB2 is a database abstraction layer for PHP aimed to provide a common API for all supported relational database management systems. A LOB "large object" is a database field holding binary data. Description priyadi discovered that the request to store a URL string as a LOB is...

AIX 520008 : U806045

The remote host is missing AIX PTF U806045 which is related to the security of the package PEXPHIGS.dev.pci.14107001 You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc...

Ubuntu 5.10 / 6.06 LTS / 6.10 : imlib2 regression fix (USN-376-2)

USN-376-1 provided an update to imlib2 to fix several security vulnerabilities. Unfortunately the update broke JPG file handling in certain situations. This update corrects this problem. We apologize for the inconvenience. Note that Tenable Network Security has extracted the preceding description...

Ubuntu 5.10 : mysql-dfsg-4.1 vulnerability (USN-306-1)

MySQL did not correctly handle NULL as the second argument to the strtodate function. An authenticated user could exploit this to crash the server. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to...

Ubuntu 5.04 / 5.10 / 6.06 LTS : libxfont, xorg vulnerability (USN-341-1)

An integer overflow has been discovered in X.org's font handling library. By using a specially crafted font file, this could be exploited to crash the X server or execute arbitrary code with root privileges. Note that Tenable Network Security has extracted the preceding description block directly...

Ubuntu 5.10 : mysql-dfsg-4.1 vulnerability (USN-321-1)

Jean-David Maillefer discovered a format string bug in the dateformat function's error reporting. By calling the function with invalid arguments, an authenticated user could exploit this to crash the server. Note that Tenable Network Security has extracted the preceding description block directly...

Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerabilities (USN-291-1)

Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Note that Tenable Network Security has extracted the...

Apple iTouch/iPhone 1.1.1 tif File Remote Jailbreak Exploit

No description provided by source. !-- The iPhone / iTouch tif exploit is now officially released! source: http://www.toc2rta.com/ So its offical we have released the tiff exploit code. You can navigate in safari to http://jailbreak.toc2rta.com ...

Apple iTouch/iPhone 1.1.1 - '.tif' Remote Privilege Escalation 'Jailbreak'

milw0rm.com 2007-10-11...

Apple iTouchiPhone 1.1.1 - .tif Remote Privilege Escalation Jailbreak

Apple iTouchiPhone 1.1.1 - .tif Remote Privilege Escalation Jailbreak milw0rm.com 2007-10-11...

Apple iTouch/iPhone 1.1.1 tif File Remote Jailbreak Exploit

Exploit for hardware platform in category remote exploits =========================================================== Apple iTouch/iPhone 1.1.1 tif File Remote Jailbreak Exploit =========================================================== 0day.today 2018-03-12...