6673 matches found
[Full-disclosure] [USN-245-1] KDE library vulnerability
=========================================================== Ubuntu Security Notice USN-245-1 January 20, 2006 kdelibs vulnerability CVE-2006-0019 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Hoary Hedgehoga Ubuntu...
Ubuntu 4.10 / 5.04 : binutils vulnerability (USN-136-1)
Tavis Ormandy found an integer overflow in the Binary File Descriptor BFD parser in the GNU debugger. The same vulnerable code is also present in binutils. By tricking an user into processing a specially crafted executable with the binutils tools strings, objdump, nm, readelf, etc., an attacker...
eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit (2)
No description provided by source. !/usr/bin/perl -s damn-hippie.pl by kokanin google estara, it shows sip stuff and a hippie Remote "estara softphone" exploit, executable version info = 3.0.1.2 kokanin did the research, metasploit.com did the encoded bindshell on tcp/5060 Lets face it, most user...
Apple QuickTime 6.4/6.5/7.0.x - PictureViewer '.JPEG'/.PICT' File Buffer Overflow
source: https://www.securityfocus.com/bid/16212/info Apple QuickTime is prone to a buffer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data before copying it to finite-sized process buffers. An attacker may be able to exploit this issue to...
clamav -- possible heap overflow in the UPX code
The Zero Day Initiative reports: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Clam AntiVirus installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within libclamav/upx.c during the unpacking of executable files...
DiscusWare Discus 3.10 - Error Message Cross-Site Scripting
source: https://www.securityfocus.com/bid/16119/info DiscusWare Discus is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...
CVE-2005-4526
Clearswift MIMEsweeper For Web a.k.a. WEBsweeper 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file...
CVE-2005-4526
Clearswift MIMEsweeper For Web a.k.a. WEBsweeper 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file...
CVE-2005-4526
CVE-2005-4526 affects Clearswift MIMEsweeper For Web (WEBsweeper) versions 4.0–5.1. The vulnerability allows remote attackers to bypass content filtering by using a URL that does not contain a ".exe" extension but returns an executable file. The connected PT-Security entry notes the affected vers...
PT-2005-5208 · Clearswift · Clearswift Mimesweeper For Web
Name of the Vulnerable Software and Affected Versions: Clearswift MIMEsweeper For Web a.k.a. WEBsweeper versions 4.0 through 5.1 Description: The issue allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file. Recommendations: For...
CVE-2005-4422
Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stable allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in data/images/albums...
Microsoft IIS - HTTP Request Denial of Service (2)
!/usr/bin/perl really bored kokanin / IIS 5.1 dos thing, Inge says to use a browser at http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html kokanin not like puny browser!!"1 I hoped Inge was a leet haxx0r ch1ck, but it's apparently a dude, bummer. According to Inge...
MS Windows IIS Malformed HTTP Request Denial of Service Exploit (pl)
Exploit for unknown platform in category dos / poc ==================================================================== MS Windows IIS Malformed HTTP Request Denial of Service Exploit pl ==================================================================== !/usr/bin/perl really bored kokanin / IIS...
TelCondex Simple Webserver Buffer Overflow
The TelCondex SimpleWebserver is vulnerable to a remote executable buffer overflow, due to missing length check on the referer-variable of the HTTP-header. OpenVAS Vulnerability Test $Id: telcondex.nasl 6063 2017-05-03 09:03:05Z teissa $ Description: TelCondex Simple Webserver Buffer Overflow...
TelCondex Simple Webserver Buffer Overflow
The TelCondex SimpleWebserver is vulnerable to a remote executable buffer overflow, due to missing length check on the referer-variable of the HTTP-header. SPDX-FileCopyrightText: 2003 Matt North Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Kuang2 the Virus
Kuang2 the Virus was found. SPDX-FileCopyrightText: 2000 Scott Adkins Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10132";...
CVE-2005-3400
Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3380
CVE-2005-3380 affects Panda Titanium 2005 4.02.01. A multiple interpretation error lets a file such as BAT, HTML, or EML containing an MZ magic byte sequence (normally associated with EXE) be treated as a safe type, yet could still be executed as a dangerous file type by end-system applications. ...
CVE-2005-3288
Mailsite Express is affected by CVE-2005-3288. Remote attackers can upload and execute files with executable extensions (e.g., ASP) by attaching the file via the compose page and then accessing it from the cache directory before saving or sending the message. The vulnerability is documented acros...
CVE-2005-3291
Removed by vendor...