Lucene search
K

3182 matches found

RedHat Linux
RedHat Linux
added 2009/09/23 9:38 p.m.3 views

MySQL: Format string vulnerability by manipulation with database instances (crash)

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

8.5CVSS6AI score0.10586EPSS
Exploits2References4
NVD
NVD
added 2009/09/18 9:30 p.m.17 views

CVE-2009-3261

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...

7.5CVSS6.7AI score0.0144EPSS
Exploits1References1
Prion
Prion
added 2009/09/18 9:30 p.m.15 views

Authentication flaw

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...

7.5CVSS7.2AI score0.0144EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2009/09/18 9:0 p.m.17 views

CVE-2009-3261

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...

6.7AI score0.0144EPSS
Exploits1References1
myhack58
myhack58
added 2009/08/04 12:0 a.m.28 views

[Follow_me series]oracle Shell-vulnerability warning-the black bar safety net

The patch from Sun network technology Forum: Days male the starter, reproduced indicate the source of! 1. SQL create tablespace kjtest datafile 'e:\website\kj.asp' 2. size 100k nologging ; Copy the code This will create the Table space. It should be noted that the oracle of the Table, The smalles...

7.3AI score
Exploits0
0day.today
0day.today
added 2009/07/09 12:0 a.m.53 views

MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)

Exploit for multiple platform in category dos / poc ====================================================== MySQL = 4.0.0 are affected. function prototype: writeTHD thd, enumenumservercommand command, const char format, ... function call: writethd, command, packet; on line 2084: case COMCREATEDB: ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/07/09 12:0 a.m.33 views

MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String (PoC)

MySQL tested: Version 5.0.45 on CentOS Linux Format String Vulnerability MySQL General Available GA Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. from mysql-5.0.75 source mysql-5.0.75.tar.gz in the file libmysqld/sqlparse.cc this source code is also...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2009/06/16 9:21 p.m.6 views

kernel: nfsd should drop CAP_MKNOD for non-root

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAPMKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the rootsquash option...

4.9CVSS6AI score0.00427EPSS
Exploits0References4
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2009/06/09 12:0 a.m.49 views

Stable update: 2 WebKit security fixes

Google Chrome's Stable channel has been updated to version 2.0.172.31 to fix two security issues in WebKit. CVE-2009-1690 Memory corruption A memory corruption issue exists in WebKit's handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab...

9.3CVSS7.4AI score0.06618EPSS
Exploits3Affected Software1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.30 views

Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1

Ubuntu Update for Linux kernel vulnerabilities USN-528-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5281.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

5CVSS6.5AI score0.14051EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2009/02/17 12:0 a.m.56 views

Fedora 9 : dnsmasq-2.45-1.fc9 (2009-1069)

Update to newer upstream version - 2.45. Version of dnsmasq previously shipped in Fedora 9 did not properly drop privileges, causing it to run as root instead of intended user nobody. Issue was caused by a bug in kernel-headers used in build environment of the original packages. 454415 New upstre...

6.8CVSS6.7AI score0.95182EPSS
Exploits20References3
Exploit DB
Exploit DB
added 2009/01/01 12:0 a.m.27 views

Linux/x86 - /sbin/iptables -POUTPUT DROP Shellcode (60 bytes)

Linux/x86 - /sbin/iptables -POUTPUT DROP Shellcode 60 bytes. Shellcode exploit for Linuxx86 platform Name = John Babio Twitter = 3vi1john Arch = Linux/x86-32 bits Code ///sbin/iptables -POUTPUT DROPPolicy of drop to OUTPUT chain const char sc =...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2008/12/31 12:0 a.m.23 views

TOR Privilege Escalation Vulnerability (Windows)

This host is installed with TOR and is prone to Privilege Escalation vulnerability. OpenVAS Vulnerability Test $Id: secpodtorprivilegeescalationwin.nasl 5370 2017-02-20 15:24:26Z cfi $ TOR Privilege Escalation Vulnerability Windows Authors: Sujit Ghosal Copyright c 2008 SecPod,...

9.3CVSS0.6AI score0.02036EPSS
Exploits0References2
Prion
Prion
added 2008/09/24 8:37 p.m.27 views

Design/Logic Flaw

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a...

9.3CVSS6.6AI score0.26001EPSS
Exploits1References41Affected Software4
CVE
CVE
added 2008/09/24 6:0 p.m.131 views

CVE-2008-3837

CVE-2008-3837 affects Mozilla Firefox (before 2.0.0.17 and 3.x before 3.0.2) and SeaMonkey (before 1.1.12). A crafted onmousedown action that calls window.moveBy can allow a user‑assisted remote attacker to move a window during a mouse click, potentially triggering a drag‑and‑drop–related action ...

9.3CVSS9.6AI score0.03268EPSS
Exploits1References41Affected Software2
Mozilla
Mozilla
added 2008/09/23 12:0 a.m.42 views

Forced mouse drag — Mozilla

Mozilla developer Paul Nickerson reported a variant of a click-hijacking vulnerability discovered in Internet Explorer by Liu Die Yu. The vulnerability allowed an attacker to move the content window while the mouse was being clicked, causing an item to be dragged rather than clicked-on. This issu...

9.3CVSS3.9AI score0.03268EPSS
Exploits1References2Affected Software2
Fedora
Fedora
added 2008/08/01 1:49 a.m.15 views

[SECURITY] Fedora 9 Update: filezilla-3.1.0.1-1.fc9

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...

0.8AI score
Exploits0
Fedora
Fedora
added 2008/08/01 1:47 a.m.21 views

[SECURITY] Fedora 8 Update: filezilla-3.1.0.1-1.fc8

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...

0.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2008/07/24 5:9 p.m.9 views

mysql DROP privilege not enforced when renaming tables

MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables...

4.9CVSS7.5AI score0.02848EPSS
Exploits0References4
seebug.org
seebug.org
added 2008/06/05 12:0 a.m.20 views

MS Outlook Express Window Opener Vulnerability

No description provided by source. Example: Alright microsoft. Get your act together. Seriously, this is the 3rd version of this vulnerability and we can still cause a drag and drop event. Well anyway, to the people that don't design easily exploited software, simply click the link...

7.1AI score
Exploits0
Rows per page
Query Builder