PostgreSQL: Privilege escalation

Background PostgreSQL is an open source object-relational database management system. Description An error involving insecure searchpath settings in the SECURITY DEFINER functions has been reported in PostgreSQL. Impact If allowed to call a SECURITY DEFINER function, an attacker could gain the SQ...

ShoutPro 1.5.2 - 'shout.php' Remote Code Injection

?php echo "\n"; echo " Special Greetings To - Timq,Warpboy,The-Maggot \n"; echo "\n\n\n"; //Writes Files - Under 100 bytes to meet requirements $temppayload = "%3C%3F%24a%3D...

ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit

Exploit for unknown platform in category web applications =========================================================== ShoutPro ?php echo "...

ACLS ineffective in SQL-Ledger and LedgerSMB

Hi all; I have decided to finally send to this list a serious security flaw in the design of SQL-Ledger all versions. LedgerSMB all versions is also affected but the problem with a workaround has been mentioned in our documentation since the fork. Ordinarily I would not make a big deal out of thi...

Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation

Hello all, In my blog today 1 I give a brief run-down of nine CVE entries that were recently published for Vista; the CVEs are numbered CVE-2007-1527 through CVE-2007-1535. At this point, I do not know who requested the entries be created. However, the entries are based on items reported in...

CVE-2007-1535

Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo...

[SECURITY] Fedora Core 5 Update: yelp-2.14.3-4.fc5

Yelp is the Gnome 2 help/documentation browser. It is designed to help you browse all the documentation on your system in one central tool...

[SECURITY] Fedora Core 6 Update: postgresql-8.1.7-1.fc6

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

Remote file inclusion

PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation...

CVE-2007-0704

PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation...

CVE-2007-0704

PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation...

SOL7009 - Statement on ACL bypass using trailing NULL byte - MNIN/NNL Advisory

A January 2007 security advisory describes several security issues present in some versions of FirePass software. One section in the document, titled ACL Filter bypass with URL de-normalization, states that Portal Access ACL filters can be bypassed if a user appends a trailing NULL byte after the...

iPlanet Web Server Search模块跨站脚本漏洞

iPlanet Web Server是一款WEB应用服务程序。 iPlanet Web Server不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行跨站脚本攻击，获得敏感信息。 问题是搜索对用户提交的'NS-max-records'参数缺少过滤，提交恶意脚本代码作为参数数据，可导致获得敏感信息。 iPlanet Web Server 4.1 SP9 iPlanet Web Server 4.1 SP8 iPlanet Web Server 4.1 SP7 iPlanet Web Server 4.1 SP6 iPlanet Web Server 4.1 SP5 iPlanet Web...

D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)

No description provided by source. require 'msf/core' module Msf class Exploits::Windows::Driver::DLinkDWLG132WiFiRates Msf::Exploit::Remote include Exploit::Lorcon include Exploit::KernelMode def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DWL-G132 Wireless Driver Beacon Rates...

Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)

$Id: broadcomwifissid.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

info, texinfo security update

CentOS Errata and Security Advisory CESA-2006:0727-1 New Texinfo packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Texinfo is a documentation system that can produce both onlin...

info, texinfo security update

CentOS Errata and Security Advisory CESA-2006:0727 New Texinfo packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Texinfo is a documentation system that can produce both online...

[Reversemode Advisory] Apple Quicktime FLIC File Heap Overflow

Hi, Apple Quicktime = 7.1 is prone to a heap overflow vulnerability. This flaw could lead to a remote code execution,if an attacker tricks the victim to visit a malicious webpage with a specially crafted .fli animation embedded. The flaw is located within the "COLOR64 chunk" Quicktime parser. Sin...

Integrity Clientless Security (ICS) Update 3.7.90.0

Check Point Integrity ™ Clientless Security ICS for Connectra prevents users with potentially harmful software from accessing your network and requires that they conform to the organization?s antivirus and firewall policies. For more information, please refer to Connectra documentation and to ICS...

Integrity Clientless Security (ICS) Update 3.7.87.0

Check Point Integrity ™ Clientless Security ICS for Connectra prevents users with potentially harmful software from accessing your network and requires that they conform to the organization?s antivirus and firewall policies. For more information, please refer to Connectra documentation and to ICS...