JQL not respecting Issue Security Level "Project Lead"

While writing TestIssueSecurityLevel I found the following problem: fred is not a Project Lead HSP-3 has Issue Security Level of "Project Lead" only. empty JQL to show all visible issues doesn't show HSP-3. make fred the Project Lead same query: still no HSP-3 however: fred can browse to HSP-3 an...

GUPnP Message Handling Denial Of Service Vulnerability

This host has installed GUPnP is prone to Denial Of Service Vulnerability OpenVAS Vulnerability Test $Id: secpodgupnpdosvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ GUPnP Message Handling Denial Of Service Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod, http://www.secpod.co...

DEBIAN-CVE-2009-2174

GUPnP 0.12.7 allows remote attackers to cause a denial of service crash via an empty 1 subscription or 2 control message...

CVE-2009-2174

GUPnP 0.12.7 allows remote attackers to cause a denial of service crash via an empty 1 subscription or 2 control message...

Fedora 11 : gupnp-0.12.8-1.fc11 (2009-5865)

New upstream release that fixes a bug where the gupnp stack crashes when passed empty content ChangeLog here http://git.gupnp.org/cgit.cgi?url=gupnp/tree/NE WS&id=ce714a6700ce03953a2886a66ec57db59205f4e6 Bug report here http://bugzilla.openedhand.com/showbug.cgi?id=1604 Other bugs fixed here. -...

Buffer overflow

Off-by-one error in the eventwallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service crash via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow...

DEBIAN-CVE-2009-1959

Off-by-one error in the eventwallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service crash via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow...

MySQL: Using an empty binary value leads to server crash

MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' b single-quote single-quote token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service daemon crash by using this token in a SQL statement...

OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)

Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to cause a denial of service probably resource consumption for a JAX-WS service endpoint via a connection without...

Make someone's broiler to take the initiative to find you-vulnerability warning-the black bar safety net

Make someone's broiler to take the initiative to find you.·· A looking for a broiler of simple method First, you need a little something nc.exe the. What something?! Al quack, I don't know, yourself and slowly the search engine inside looking for that you think is what's what sprinkle. Then edit...

USN-671-1: MySQL vulnerabilities

It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL...

SuSE 10 Security Update : MySQL (ZYPP Patch Number 5618)

Empty bit-strings in a query could crash the MySQL server. CVE-2008-3963 Due to another flaw users could access tables of other users. CVE-2008-4097 / CVE-2008-4098 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0;...

BELL-CVE-2008-4445 CVE-2008-4445 does not affect BellSoft software

Bulletin has no description...

Gentoo Security Advisory GLSA 200411-06 (MIME-tools)

The remote host is missing updates announced in advisory GLSA 200411-06. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle MySQL Empty Binary String DoS

Binary data 4652.prm...

Xerox Phaser 8400 - Remote Reboot (Denial of Service)

Xerox Phaser 8400 - Remote Reboot Denial of Service !/usr/bin/perl carved-out by: crit3rion, just making th3 world a b3tt3r plac3! XeroxRemoteDoS.20080801.ver01 tanx to dr0pz0N3 for reminding me to close my $&! s0ck3t Make: Xerox Model: Phaser 8400 Firmware: 03/03/2004 What's the deal? Apparently...

Code injection

Unspecified vulnerability in the HP System Administration Manager SAM on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."...

DEBIAN-CVE-2008-3196

skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack...

ikiwiki空口令绕过认证漏洞

BUGTRAQ ID: 29479 CVECAN ID: CVE-2008-0169 Ikiwiki是一个wiki编译器，可将wiki页面转换为可在网站发布的HTML页面。 Ikiwiki在处理访问认证时存在漏洞，如果在Ikiwiki中启用了openid和passwordauth插件的话（默认配置），用户就可以通过带有空口令的登录请求绕过认证限制登录，访问openid相关帐号。 ikiwiki ikiwiki 2.48 ikiwiki ikiwiki 1.34 ikiwiki ------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2008-0169

Plugin/passwordauth.pm aka the passwordauth plugin in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty password during the login sequence...