ST FTP directory traversal

It's possible to perform cd to any disk...

BEA Weblogic cleartext passwords

Passwords are stored on disk in cleartext...

ScriptLogic sets insecure permissions on "LOGS$" share

Overview Version 4.01 of ScriptLogic contains a vulnerability in the default permissions assigned to the network share used for logging. Description The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabilities for Microsoft Windows systems in a domain...

[Opera 7] Yet Another Story of "Phantom of the Opera"

Greetings. We, :: Operash :: here release the information about vulnerability of Opera. --------------------------------------------------------------------------------- SYNOPSIS : Opera 7 Script Injection Vulnerability in JavaScript Console - Yet another story of "Phantom of the Opera". PRODUCT ...

WihPhoto (PHP)

Informations : °°°°°°°°°°°°°° Version : 0.86-dev Website : http://www.wihsy.com problem : All files from the hard disk can be send by mail PHP Code/Location : °°°°°°°°°°°°°°°°°°° util/email.php : ------------------------------------------------------------------------ ? class CMailFile var...

3ware Disk Managment 1.10 - HTTP Request Denial of Service

3ware Disk Managment 1.10 - HTTP Request Denial of Service source: https://www.securityfocus.com/bid/6734/info A denial of service condition has been reported in 3ware's Disk Management 3DM by sending a malformed HTTP request to port 1080. Successful exploitation of this vulnerability may cause t...

3ware Disk Managment 1.10 - HTTP Request Denial of Service

source: https://www.securityfocus.com/bid/6734/info A denial of service condition has been reported in 3ware's Disk Management 3DM by sending a malformed HTTP request to port 1080. Successful exploitation of this vulnerability may cause the 3DM server to crash. GET / HTTP/1.1 Host: foo...

CVE-2002-2172

Informed 1 Designer and 2 Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information...

CVE-2002-1266

Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File."...

CVE-2002-1154

anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service disk consumption by using the command to report updates more frequently and fill the web server error log...

CVE-2002-1154

anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service disk consumption by using the command to report updates more frequently and fill the web server error log...

Unauthorized disk blocks access in FreeBSD ffs

Bug in maximum file size calculation allows to access disk blocks behind the file because of integer overflow...

Security holes in Powerboard forum

Product : Powerboards http://powerboards.sourceforge.net/ Versions : 2.2b and less ? Problems : - Cross Site Scripting - Path disclosure - Access to the administration - Access to users accounts without password - Recovery of admins/users passwords - Suppression of messages - Writing on the hard...

Directory traversal in PCI NetSupport Manager

Directory traversal in web manager allows read access to whole disk content...

DLA-18-03-2002.txt

Digit-Labs Security Advisory http://www.digit-labs.org/ Advisory Name: MS99-040 Exploit Release Date: 18.3.2002 Application: Tested on IE5.0 & IE 6 Platform: Tested on Windows NT/XP Severity: Medium Authors: GoLLuM.no mailto:[email protected] Vendor Status: Known since way back in September 2...

Выполнение приложений через Microsoft Internet Explorer для Macintosh (code execution)

Можно выполнить служебный системный скрипт через META REFRESH. Или через файл с образом диска...

IRIX nsd Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX nsd vulnerability Number: 20020102-02-I Date: January 15, 2002 SGI provides this information freely to the SGI user community for its consideration, interpretation, implementation and use. SGI recommends that this information be...

DoS против Irix через nsd (disk space filling)

Отсутствуют ограничения на размер дискового кэша, что может привести к исчерпанию дискового пространства в системном разделе...

CVE-2001-1564

setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space...

CVE-2001-1551

Linux kernel 2.2.19 enables CAPSYSRESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs...