9459 matches found
NSI Rwhoisd 1.5 - Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3474/info Rwhoisd is a publicly available RWHOIS server daemon for Unix based systems developed and maintained by Network Solutions Inc. Rwhoisd contains a remotely exploitable format string vulnerability. It is possible ...
OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4560/info A buffer overflow condition exists in the OpenSSH server. The condition is exploitable by attackers with valid user credentials in versions 2.9.9 and higher. Exploitation does not require valid user credentials ...
SumatraPDF 2.1.1/MuPDF 1.0 Integer Overflow
No description provided by source. Sumatra 2.1.1/MuPDF 1.0 Integer Overflow ======================================= There is an integer overflow on the MuPDF in the lexnumber function which can be triggered using a corrupt PDF file with ObjStm. I'm attaching a file that reproduces the problem wit...
Oracle Document Capture Insecure READ Method
No description provided by source. Source: http://packetstormsecurity.org/files/view/97872/DSECRG-11-007.txt Digital Security Research Group DSecRG Advisory DSECRG-11-007 Internal DSECRG-00117 Application: Oracle Document Capture Versions Affected: 10.1350.0005 Vendor URL:...
Softbiz Recipes Portal Script (showcats.php) SQL Injection Vulnerability
----------------------------Information------------------------------------------------ +Name : Softbiz Recipes Portal Script SQL Injection showcats.php +Autor : Easy Laster +Date : 25.02.2010 +Script : Softbiz Recipes Portal Script +Price : 99$ +Language : PHP +Discovered by Easy Laster +Securit...
West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/1423/info LocalWEB is a freeware HTTP server for the Windows suite of operating systems. Certain versions of this software are vulnerable to a remotely exploitable buffer overflow attack. This attack can instrumented by...
Wireshark Multiple Dissector Denial of Service Vulnerabilities
No description provided by source. Source: http://www.securityfocus.com/bid/53651/info Wireshark is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to crash the affected application, denying service to legitimate users. Wireshark versions 1.6.0 through...
Microsoft Windows XP/2000/NT 4 Locator Service Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6666/info It has been reported that the Microsoft Windows Locator service is affected by a remotely exploitable buffer overflow vulnerability. The condition is due to a memory copy of RPC arguments received from remote...
Snitz Forums 2000 3.4.6 Pop_Mail.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20712/info Snitz Forums 2000 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
GoAhead Web Server 3.1.x - Denial of Service
No description provided by source. !/usr/bin/python ''' GoAhead Web Server version prior to 3.1.3 is vulnerable to DoS. A fix exists for version 3.2. The Web Server crashes completely once this requests is received. The vulnerability doesn't seem to be exploitable on Linux versions ... could be...
Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely...
Novell Client 3.0/3.0.1 - Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/700/info Novell client versions 3.0 and 3.01 for Windows platforms are vulnerable to a remotely exploitable vulnerability which could cause a denial of service. The client opens a listening tcp socket on port 427, to whic...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (4)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
smartplugs 1.3 - SQL Injection showplugs.php
No description provided by source. ----------------------------Information------------------------------------------------ +Name : smartplugs 1.3 SQL Injection showplugs.php +Autor : Easy Laster +Date : 03.03.2010 +Script : smartplugs 1.3 http://www.smart-plugs.com/spv1/ +Download : -------------...
OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 'webfind.exe' Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/1487/info O'Reilly WebSite Professional is a web server package distributed by O'Reilly & Associates. Certain versions of this web server the entire 2.X version line ship with a utility containing a remotely exploitable...
Front Accounting 2.3.4 CSRF Vulnerability
No description provided by source. Software................Front Accounting 2.3.4 Vulnerability...........Cross-site Request Forgery Threat Level............Low 1/5 Download................http://frontaccounting.com/wb3/ Discovery Date..........4/27/2011 Tested On...............Windows Vista +...
Digital Unix 4.0 MSGCHK Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3311/info The msgchk utility under certain versions of Digital Unix contains a buffer overflow vulnerability which could yield root privilege. If a local user invokes the msgchk utility at the command line, argumented wit...
C'Nedra 0.4 Network Plug-in Read_TCP_String Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13781/info C'Nedra Network Plug-in is prone to a remotely exploitable buffer overflow vulnerability. The issue exists in the 'gamemessagefunctions.cpp' source file and is due to inadequate bounds checking of user-supplied...
Mac OSX Server DirectoryService Buffer Overflow
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Mac OSX Server DirectoryService buffer overflow 1. Advisory Information Title: Mac OSX Server DirectoryService buffer overflow Advisory ID: CORE-2013-0103 Advisory URL:...
opennms < 1.5.96 Multiple Vulnerabilities
No description provided by source. OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group http://www.opennms.com...