StarDict Information Disclosure Vulnerability (Linux)

This host is installed with StarDict and is prone to Information Disclosure Vulnerability. OpenVAS Vulnerability Test $Id: gbstardictinfodiscvulnlin.nasl 4869 2016-12-29 11:01:45Z teissa $ StarDict Information Disclosure Vulnerability Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbo...

CVE-2009-2260

stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2009-2260

The CVE-2009-2260 entry concerns StarDict 3.0.1 where, when Net Dict is enabled, the program sends clipboard contents to a dictionary server, enabling information disclosure. The connected sources (OSV and security/plugin records) confirm this is an information-exposure vulnerability in StarDict ...

CVE-2009-1242

The vmxsetmsr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service OOPS by setting the EFERLME aka "Long mode enable" bit in the Extended Feature Enable Register EF...

CVE-2007-6724

Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file config.txt or config that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration...

WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities

// source: https://www.securityfocus.com/bid/33426/info WFTPD Pro is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle specially crafted FTP commands in a proper manner. Attackers can exploit these issues to crash the affected application, denying...

XOOPS 2.3.1 Local File Inclusions

Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Public Advisory: 08.12.2008 Authors:...

CVE-2008-5204

Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter to 1 agb.php, 2 angemeldet.php, 3 anmelden.php, 4 charts.php, 5...

Step-by-step instructions for debugging Cisco IOS using gdb

Step-by-step instructions for debugging IOS using gdb - Andy Davis, 2008 iosftpexploit "at" googlemail dot com: I have been asked by many people for a simple step-by-step guide for setting up an IOS exploit development environment, which includes connecting to a Cisco router using gdb, so here...

Yet another wretched trick: Surf Jacking-vulnerability warning-the black bar safety net

Author: thorn This technique is today EnableSecurityissue. The prerequisite is to be able tointercepted trafficit. Specifically, it can monitor the uplink traffic, you can modify the downstream flow. Method by the arp spoofing, DNS spoofing, wireless monitor or the like. Some people might say, ca...

CVE-2008-1246

The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...

CVE-2008-1246

The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...

PT-2008-2838 · Cisco · Cisco Pix/Asa Finesse Operation System

Name of the Vulnerable Software and Affected Versions: Cisco PIX/ASA Finesse Operation System versions 7.1 through 7.2 Description: The issue allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down th...

Cross site request forgery (csrf)

Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to enable or disable "pay type" via a request to adminsettings/choosetranstype.asp...

CVE-2007-6501

Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to enable or disable "pay type" via a request to adminsettings/choosetranstype.asp...

CVE-2007-6501

The CVE affects Hosting Controller 6.1 Hotfix 3.3 and earlier. It describes an unspecified vulnerability that allows remote authenticated users to enable or disable the "pay type" via a request to adminsettings/choosetranstype.asp. The connected documents provide this basic impact but do not spec...

Ubuntu 7.10 : emacs22 vulnerability (USN-541-1)

Drake Wilson discovered that Emacs did not correctly handle the safe mode of 'enable-local-variables'. If a user were tricked into opening a specially crafted file while 'enable-local-variables' was set to the non-default ':safe', a remote attacker could execute arbitrary commands with the user's...

openSUSE 10 Security Update : emacs (emacs-4620)

The setting ':safe' of 'enable-local-variables' could be bypassed by specially crafted files CVE-2007-5795. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update emacs-4620. The text description of...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-2238)

This update fixes the following security problems in the PHP scripting language : - CVE-2006-5465: Various buffer overflows in htmlentities/htmlspecialchars internal routines could be used to crash the PHP interpreter or potentially execute code, depending on the PHP application used. - A missing...

codeigniter-multi.txt

CodeIgniter is a powerful PHP framework with a very small footprint, built for PHP coders who need a simple and elegant toolkit to create full-featured web applications. http://www.codeigniter.com 1. sanitizeglobals global variables unsetting By setting e.g. "SERVER=anonymous" cookie in the...