CVE-2004-0777

Format string vulnerability in the authdebug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging DEBUGLOGIN is enabled, allows remote attackers to execute arbitrary code...

Solaris 8 (sparc) : 109613-07

CDE 1.4: dtmail patch. Date this patch was last updated by Sun : Jul/19/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid1419...

[waraxe-2004-SA#034 - XSS and path full path disclosure in PhpBB 2.0.8]

================================================================================ waraxe-2004-SA034 ================================================================================ XSS and full path disclosure in PhpBB 2.0.8...

Solaris 8 (sparc) : 109007-28

SunOS 5.8: at/atrm/batch/cron/inetd patch. Date this patch was last updated by Sun : Mar/25/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 9 (x86) : 114050-14

SunOS 5.9x86: NSPR 4.1.6 / NSS 3.3.4.8. Date this patch was last updated by Sun : Nov/08/06 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 8 (sparc) : 110416-07

SunOS 5.8: ATOK12 patch. Date this patch was last updated by Sun : Dec/07/06 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 8 (sparc) : 109238-02

SunOS 5.8: /usr/bin/sparcv7/ipcs and /usr/bin/sparcv9/ipcs patch. Date this patch was last updated by Sun : Sep/17/01 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Unprevileged user can change quota on Domino

Hello, this problem has been reported to IBM Lotus customer support on January 19,2004. Affected versions: Domino 6.5.0/6.5.1 other versionns not tested by me Abstract: Every user can change his quota on an imap-enabled Domino server to every value he likes. Detailed description: If your mailfile...

mozilla -- automated file upload

A malicious web page can cause an automated file upload from the victim's machine when viewed with Mozilla with Javascript enabled. This is due to a bug permitting default values for type="file" elements in certain situations...

Microsoft Private Communication Technology (PCT) fails to properly validate message inputs

Overview A vulnerability exists in the Private Communications Transport PCT protocol, which is part of the Microsoft Secure Sockets Layer SSL library. Exploitation of this vulnerability may permit a remote attacker to compromise the system. An exploit for this issue currently being used to...

Apache Httpd < 2.0.49 : mod_ssl memory leak

A memory leak in modssl allows a remote denial of service attack against an SSL-enabled server by sending plain HTTP requests to the SSL port...

Antologic Antolinux 1.0 - Administrative Interface NDCR Remote Command Execution

Antologic Antolinux 1.0 - Administrative Interface NDCR Remote Command Execution source: https://www.securityfocus.com/bid/9495/info It has been reported that Antologic Antolinux may be prone to a remote command execution vulnerability that may allow an attacker to execute arbitrary commands with...

Linksys BEFSX41 System Log Viewer Log_Page_Num Variable Overflow DoS

The remote host seems to be a Linksys EtherFast Cable Firewall/Router. This product is vulnerable to a remote denial of service attack : if logging is enabled, an attacker can specify a long URL which results in the router becoming unresponsive. %NASLMINLEVEL 70300 Linksys EtherFast Cable/DSL...

XSS vulnerability in phpBB

Hi, I have found a dangerous vunlerability in phpBB. I've verified that versions 2.0.5 and 2.0.4 AFAIK the two latest versions are affected, but probably more versions are vulnerable. If HTML is enabled for postings, a user can post a link like this: a...

IRCXpro 1.0 - Clear local and default remote admin passwords

------------------------------------------------------------------ - EXPL-A-2003-002 exploitlabs.com Advisory 002 ------------------------------------------------------------------ -=- IRCXpro 1.0 -=- Vunerabilitys: ---------------- 1.local clear passwords 2.remote default admin enabled Product:...

CVE-2002-1430

Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when registerglobals is enabled, possibly by modifying certain PHP variables through URL parameters...

CVE-2002-0545

Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service reboot via a series of login attempts with invalid usernames and passwords...

CVE-2001-1370

prepend.php3 in PHPLib before 7.2d, when registerglobals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $PHPLIBlibdir to point to malicious code on another server, as seen in Horde 1.2.5 and earlier, IMP before 2.2.6, and other packages...

CVE-2003-1077

Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service UFS file system hang...

OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS

-----BEGIN PGP SIGNED MESSAGE----- OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS MICKEY MOUSE HACKING SQUADRON ADVISORY 2 DISCLAIMER - ---------- The nation's zeroth private security intelligence firm, Mickey Mouse Hacking Squadron uniquely addresses the challenges faced by both public- and...