7974 matches found
CVE-2006-6309
Multiple array index errors in IBM Tivoli Storage Manager TSM before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service crash via a large index value in unspecified messages, a different issue than CVE-2006-5855...
CVE-2006-6282
members.php in Vikingboard 0.1.2 allows remote attackers to trigger a forced SQL error via an invalid s parameter, a different vector than CVE-2006-4709. NOTE: might only be an exposure if displayerrors is enabled, but due to lack of details, even this is not clear...
Moderate nss_ldap security update
226-17 - temporarily disable fixes for 190256 and 206438 for security update 226-16 - include backported fix for off-by-one crasher in various result parsing functions Carsten Clashom, 206438 226-15 - don't suppress policy errors encountered during authentication if the specific policy error isn'...
OWASP JBroFuzz 0.3 Fuzzer Released!
JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. Apart from fancy terminology, JBroFuzz 0.3 has inbuilt the following Generators ready to be used: basic cross site scripting checks XSS basic S...
Directory listing enabled on Tomcat
Tomcat has directory listing enabled by default. This allows browsing directories such as /images/. It seems that the filters do not take action in preventing the unauthorized access. When directory listing is disabled /conf/web.xml in Tomcat directory Jira gives 404 errors. See...
Directory listing enabled on Tomcat
Tomcat has directory listing enabled by default. This allows browsing directories such as /images/. It seems that the filters do not take action in preventing the unauthorized access. When directory listing is disabled /conf/web.xml in Tomcat directory Jira gives 404 errors. See...
CVE-2006-5657
Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors...
CVE-2006-5657
Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors...
CVE-2006-5657
Technical details (affected product, component, version, root cause, impact, or fixes) are not provided in the connected documents; no public specifics available for CVE-2006-5657 in this set. Monitor for updates.
Debian DSA-898-1 : phpgroupware - programming errors
Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application that is included in phpgroupware. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-0870 Maksymilian Arciemowicz discovered several cross site scripti...
Debian DSA-919-2 : curl - buffer overflow
The upstream developer of curl, a multi-protocol file transfer library, informed us that the former correction to several off-by-one errors are not sufficient. For completeness please find the original bug description below : Several problems were discovered in libcurl, a multi-protocol file...
Debian DSA-925-1 : phpbb2 - several vulnerabilities
Several vulnerabilities have been discovered in phpBB, a fully featured and skinnable flat webforum. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-3310 Multiple interpretation errors allow remote authenticated users to inject arbitrary web script...
DEBIAN-CVE-2006-5215
The Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file...
CVE-2006-5214
Race condition in the Xsession script, as used by X Display Manager xdm in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession...
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack
source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These vulnerabilities occur because the software...
CA eSCC r81.0 eTrust Audit r81.5 - Audit Event System Replay Attack
CA eSCC r81.0 eTrust Audit r81.5 - Audit Event System Replay Attack source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue -...
CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation
CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a...
CA eSCC r81.0 eTrust Audit r81.5 - Web Server Full Path Disclosure
CA eSCC r81.0 eTrust Audit r81.5 - Web Server Full Path Disclosure source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - ...
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure
source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These vulnerabilities occur because the software...
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation
source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These vulnerabilities occur because the software...