For grasping the win2003 system password trick-vulnerability warning-the black bar safety net

The command line to uninstall the win2003 sp1/sp2 %systemroot%$NtServicePackUninstall$\spuninst\spuninst /U Press the unattended mode to remove the service pack. If you use this option, then uninstall SP1, only fatal errors will only display the prompt. /Q Press the quiet mode to remove SP1, this...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in activeWeb contentserver before 5.6.2964 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to 1 errors/rights.asp or 2 errors/transaction.asp, or 3 the name of a MIME type mimetype...

FreeBSD-SA-07:05.libarchive

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:05.libarchive Security Advisory The FreeBSD Project Topic: Errors handling corrupt tar files in libarchive3 Category: core Module: libarchive Announced:...

CVE-2005-4856

The CVE affects eZ publish: admin interface vulnerabilities in versions 3.5 up to 3.5.7, 3.6 up to 3.6.5, 3.7 up to 3.7.3, and 3.8 before 20051110. The issue arises from improper handling of authorization errors, allowing remote attackers to obtain sensitive information and view the admin page la...

MDKA-2007:077 : console-tools

vt-is-UTF8 utility included in console-tools package, and used by Mandriva initscripts, can hang, causing random problems like preventing a local/remote system reboot, unless user take interactive action 27948. Also, when executed on a terminal different from a linux vt, it can cause errors and...

Symantec Mail Security for SMTP libdayzero.dll Executable Parsing DoS

Symantec Mail Security for SMTP, which provides antispam and antivirus protection for the IIS SMTP Service, is installed on the remote Windows host. The version of Symantec Mail Security for SMTP installed on the remote host contains boundary errors in its detection of executable packers in...

[Full-disclosure] Secunia Research: Symantec Mail Security for SMTP Boundary Errors

====================================================================== Secunia Research 27/06/2007 - Symantec Mail Security for SMTP Boundary Errors - ====================================================================== Table of Contents Affected...

Debian DSA-1318-1 : ekg - several vulnerabilities

Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-2370 It was discovered that memory alignment errors may allow remote attackers to cause a denial of service on...

DSA-1318-1 ekg

Bulletin has no description...

NetClassifieds [multiple vulnerabilities]

Application: NetClassifieds version: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...

Design/Logic Flaw

Multiple array index errors in the 1 getintrablock, 2 getinterblockh263, and 3 getinterblockmpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted a Avi, b H.263, or c MPEG file...

CVE-2007-3329

Multiple array index errors in the 1 getintrablock, 2 getinterblockh263, and 3 getinterblockmpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted a Avi, b H.263, or c MPEG file...

CVE-2007-3329

Multiple array index errors in the 1 getintrablock, 2 getinterblockh263, and 3 getinterblockmpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted a Avi, b H.263, or c MPEG file...

CVE-2007-3329

Multiple array index errors in the 1 getintrablock, 2 getinterblockh263, and 3 getinterblockmpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted a Avi, b H.263, or c MPEG file...

CVE-2007-3329

Xvid 1.1.2 has array indexing vulnerabilities in mbcoding.c (get_intra_block, get_inter_block_h263, get_inter_block_mpeg) that allow remote code execution via crafted AVI/H.263/MPEG files; Gentoo GLSA 200708-02 recommends upgrading to >= xvid-1.1.3 as remediation. No exploitable details beyond...

DGNews version 2.1 Path Disclosure Vulnerability

netVigilance Security Advisory 21 DGNews version 2.1 Path Disclosure Vulnerability Description: DGNews is small and simple but powered news publishing. Easy installation, no programing required. But you can still change whatever you want for advanced users. Features: add unlimited categories,...

[Full-disclosure] Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities

netVigilance Security Advisory 27 Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities Description: Jetbox CMS is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully separated from...

Code injection

Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service connection loss or possibly execute arbitrary code via a 1 DNS name response of the exact length as a buffer; or a long 2 channel name, 3 partyline channel name, or unspecified vector...

CVE-2007-2651

Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service connection loss or possibly execute arbitrary code via a 1 DNS name response of the exact length as a buffer; or a long 2 channel name, 3 partyline channel name, or unspecified vector...

CVE-2007-2651

CVE-2007-2651 affects VooDoo cIRCle prior to 1.1.beta27. Multiple off-by-one errors can allow a remote attacker to cause a denial of service (connection loss) or possibly execute arbitrary code via crafted BOTNET packets, specifically through a DNS name response matching the buffer length or via ...