security flaw

Double free vulnerability in tifjpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."...

[Full-disclosure] phpBB 2.0.20 Full Path Disclosure and SQL Errors

Source: http://securityreason.com/achievementsecurityalert/38 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpBB 2.0.20 Full Path Disclosure and SQL Errors Author: Maksymilian Arciemowicz cXIb8O3 Date: - -Written: 1.5.2006 - -Public: 5.5.2006 from SecurityReason.Com CVE: - - CVE-2006-2219 Full...

4images171.txt

------------------------------= 1145405428 GROUP BY catid Table 'zakigallery.4imagesimages' doesn't exist ------------- DB Error: Bad SQL Query: SELECT catid, COUNT AS numimages FROM 4imagesimages WHERE imageactive = 1 GROUP BY catid Table 'zakigallery.4imagesimages' doesn't exist ------------- D...

security flaw

Multiple cross-site scripting XSS vulnerabilities in PHP 4.4.1 and 5.1.1, when displayerrors and htmlerrors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message...

Multiple Ethereal security vulnerabilities

30 errors on parsing different protocols...

ethereal -- Multiple Protocol Dissector Vulnerabilities

Secunia reports: Multiple vulnerabilities have been reported in Ethereal, which can be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. The vulnerabilities are caused due to various types of errors including boundary errors, an off-by-one error, an...

clamav -- Multiple Vulnerabilities

Secunia reports: Some vulnerabilities have been reported in ClamAV, which potentially can be exploited by malicious people to cause a DoS Denial of Service and compromise a vulnerable system. An unspecified integer overflow error exists in the PE header parser in "libclamav/pe.c". Successful...

freeradius security update

CentOS Errata and Security Advisory CESA-2006:0271 Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free...

Important: Red Hat Security Advisory: freeradius security update

Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free RADIUS server designed to allow centralized...

RHEL 3 / 4 : freeradius (RHSA-2006:0271)

Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free RADIUS server designed to allow centralized...

Phpwebgallery <= 1.4.1 SQL injection Vulnerability

Moroccan Security Team |ucif3r Greetz To All Freind Phpwebgallery 1.4.1 is vulnerable to SQL Injection Attacks The flaw is due to input validation errors in the "category.php" script when handling the "search"variables, which could be exploited by malicious people to conduct SQL injection attacks...

mplayer -- Multiple integer overflows

Secunia reports: The vulnerabilities are caused due to integer overflow errors in "libmpdemux/asfheader.c" within the handling of an ASF file, and in "libmpdemux/aviheader.c" when parsing the "indx" chunk in an AVI file. This can be exploited to cause heap-based buffer overflows via a malicious A...

CVE-2006-1297

Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service application crash or unavailability due to "memory...

Design/Logic Flaw

Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service application crash or unavailability due to "memory...

CVE-2006-1297

Affected products/versions: Veritas Backup Exec Remote Agent for Windows Servers (9.1–10.1), NetWare Servers (9.1, 9.2), and Linux Servers (10.0–10.1). Vulnerability type/impact: an unspecified vulnerability leading to a Denial of Service (application crash or unavailability) due to memory errors...

Mercur Mailserver 5.0 SP3 (IMAP) Denial of Service Exploit

No description provided by source. / Exploit for : IMAP 5.0 SP3 DoS Exploit Advisory : http://secunia.com/advisories/19267/ Coder : Omnipresent Email : [email protected] Description : Tim Taylor has discovered a vulnerability in Mercur Messaging 2005, which can be exploited by malicious people...

Mercur MailServer 5.0 SP3 - 'IMAP' Denial of Service

/ Exploit for : IMAP 5.0 SP3 DoS Exploit Advisory : http://secunia.com/advisories/19267/ Coder : Omnipresent Email : [email protected] Description : Tim Taylor has discovered a vulnerability in Mercur Messaging 2005, which can be exploited by malicious people and by malicious users to cause a...

Mercur MailServer 5.0 SP3 - IMAP Denial of Service

Mercur MailServer 5.0 SP3 - IMAP Denial of Service / Exploit for : IMAP 5.0 SP3 DoS Exploit Advisory : http://secunia.com/advisories/19267/ Coder : Omnipresent Email : [email protected] Description : Tim Taylor has discovered a vulnerability in Mercur Messaging 2005, which can be exploited by...

Freeciv 2.0.7 - Jumbo Malloc Crash (Denial of Service)

Freeciv 2.0.7 - Jumbo Malloc Crash Denial of Service / by Luigi Auriemma / include include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include void stderrvoid char error;...

Sql injection

DISPUTED SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely fr...