7961 matches found
Дырки в TIS Firewall Toolkit
Многочисленные переполнения буфера и ошибки форматной строки...
PHP Error Log Format String Command Injection
The version of PHP that is running on the remote host is older than 3.0.17 or 4.0.3. If the option 'logerrors' is set to 'On' in php.ini, then an attacker may execute arbitrary code on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Дырка в LPRng и lpr.
Ошибка форматной строки в lpd, причем последний работает как suid root. Кроме того ошибки форматной строки и преобразования данных в lpr...
Проблемы с установкой Apache в SuSE Linux
Ошибка в файле конфигурации стандартной установки позволяет получать исходные тексты CGI-приложений. Кроме того, компонент WebDAV позволяет получать список файлов в директории...
CRYX present: netscape profesional services ftp service
Yeah, yeah, it is gonna be first C.R.Y.X. advisory, blah!:- we reporting it to you, people, because th1z vulnerability seems to fly around for some time, so it'z probably better to warn someone, b'koz we aren't lame scr1ptz-kiddiez expl0iting everone around with their 0day-stolen script! actually...
Ошибки в Savant и GuildFTPd
Обратный путь в директориях не позволяет получить файл, но позволяет проверить его наличие в GuildFTPd. переполнение буфера при длинном заголовке GET-запроса в Savant...
Problems with: xcdroast, gatos, xkobo, xbill, iagno, ++
---------------------------------------------------------------- - A result of too much time - [email protected] anno 2000 - ---------------------------------------------------------------- xcdroast Version 0.96e ======================== Comes with Mandrake 7.0, others? I am not sure about...
bugzpladv1_eng.txt
0x15.0x05.Y2K ------------------------------------- BugzPL ADVISORY 1, final version ------------------------------------- Bypassing restricted bash for fun and profit ; I. Introduction bash-2 gives us a possibility to use a shell in restricted mode. This mode can be initiated using several metho...
Linux news 30.04.00
Linux 2.3.99-pre6 Вышло новое ядро Linux из "нестабильной" серии: Linux 2.3.99-pre6. Подробнее: http://linuxtoday.com/stories/20829.html Kernel traffic 64 В новой версии обзора списка рассылки ядра можно узнать интересные подробности о: - дискуссии о DevFS - ошибках ioctl - проблемах с асинхронны...
Re: DOS attack against HP JetDirect Printers (fwd)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've never seen nmap dos a HP4000 printer but they do die if you toss junk at the spooler port. The printer display says 86.00x EIO 1 Error, and the red attention light goes on. At this point you have to power the printer back on and off. The rev's ar...
asp.runtime-error.txt
Forwarded with permission of the author. Please direct all replies to [email protected]. Ben Greenbaum Director of Site Content Security Focus http://www.securityfocus.com ---------- Forwarded message ---------- Description: ============ Active server pages ASP with runtime errors expose a security...
ms.smtp.DoS.txt
Date: Sun, 14 Mar 1999 20:49:30 -0600 From: Chris Adams To: [email protected] Subject: Microsoft's SMTP service broken/stupid Our mail servers came to a screeching halt today thanks to Microsoft. Our servers are still running sendmail 8.8 we've got custom stuff and are working on upgrading to...
cisco-ios12.txt
Date: Tue, 22 Dec 1998 14:41:44 -0800 From: Jason Ackley Reply-To: Bugtraq List To: [email protected] Subject: Re: Cisco IOS 12.0 security bug and workaround On Tue, 22 Dec 1998, John Bashinski wrote: characterizing it, and can't yet be completely sure which versions or which platforms are...
Incorrectly Parsed Access-list May Allow Packets to Bypass Filter
...
ROS-2-1799
2.1799 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1789
2.1789 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1511
2.1511 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
Security update 1970-01-01
...
Class-Name Injection
Tested on 1.8.0-beta-5 In safe mode with html markup disabled, it is possible to insert any classname into a code block like this: \js any-class-name with spaces code \ renders as: code infostring needs some cleanup here:...
Has_Bluescreened
...