8688 matches found
kernel: nfsd: fix vm overcommit crash
mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...
EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export
EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export Trustwave's SpiderLabs Security Advisory TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra Network Attached Storage NAS appliance https://www.trustwave.com/spiderlabs/advisories/TWSL2010-003.txt Published:...
Oracle Database Multiple Vulnerabilities (July 2010 CPU)
The remote Oracle database server is missing the July 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Listener - Net Foundation Layer - Oracle OLAP - Application Express - Network Layer - Export %NASLMINLEVEL 70300 C Tenable...
Design/Logic Flaw
Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Select Any Dictionary...
Esoftpro Online Contact Manager - Multiple Vulnerabilities
Esoftpro Online Contact Manager - Multiple Vulnerabilities Exploit Title: Esoftpro Online Contact Manager Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:3 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYu...
Esoftpro Online Contact Manager - Multiple Vulnerabilities
Exploit Title: Esoftpro Online Contact Manager Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:3 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j. Special Greetz:...
Moderate: Red Hat Security Advisory: vdsm security, bug fix, and enhancement update
Updated vdsm packages that fix one security issue, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
XSS vulnerability in PDF export
We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence action that performs the export to PDF. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's o...
XSS vulnerability in PDF export
We have identified and fixed a cross-site scripting XSS vulnerability in the Confluence action that performs the export to PDF. An attacker might take advantage of the vulnerability to steal other users' session cookies or other credentials, by sending the credentials back to such an attacker's o...
DEBIAN-CVE-2010-1431
SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...
CVE-2010-1431
SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...
Cacti 0.8.7e - SQL Injection
CVSSv2 Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the “exportitemid” parameter to “templatesexport.php” script is not properly sanitized before being used in a SQL query...
cacti -- SQL injection and command execution vulnerabilities
Bonsai information security reports: A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the "exportitemid" parameter to "templatesexport.php" script is not properly sanitized before being used in a SQL query. The sam...
Discuz! Cross Site Scripting
hi; All versions of Discuz! have the cross-site vulnerabilities because of the export value of "$referer". Like: Discuz! 7.X Discuz! 6.X Discuz! 5.X Discuz!NT 3.X and so on. There are some htm pages in all versions of Discuz!, that are: /templates/default/attachpay.htm /templates/default/ecrate.h...
"$referer" export lead to the cross-site flaws in all versions of Discuz!
hi; All versions of Discuz! have the cross-site vulnerabilities because of the export value of "$referer". Like: Discuz! 7.X Discuz! 6.X Discuz! 5.X Discuz!NT 3.X and so on. There are some htm pages in all versions of Discuz!, that are: /templates/default/attachpay.htm /templates/default/ecrate.h...
Microsoft WordPerfect 5.x Converter Buffer Overflow (CVE-2004-0573)
The Microsoft Office text editing tools support a number of foreign file formats for compatibility with third party software. The foreign file format support is based on import and export converters. When a text editor needs to read a foreign format file, a converter transforms the file to an...
SA-CONTRIB-2010-014 - Node Export - Arbitrary code execution
The Node export module allows users to export and import nodes. Node export does not warn administrators that users with the "access administration pages" permission together with the "import nodes" permission can execute arbitrary PHP statements during the import operation. Versions affected Nod...
CVE-2009-4486
Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema...
Fedora Core 11 FEDORA-2009-12575 (cacti)
The remote host is missing an update to cacti announced via advisory FEDORA-2009-12575. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora 11 : cacti-0.8.7e-3.fc11 (2009-12575)
This fix contains several official patches from cacti: Command Line Add Graphs Syntax SNMP Invalid Responses Template Import/Export Duplication Cross-Site Scripting Fixes http://www.cacti.net/downloadpatches.php Note that Tenable Network Security has extracted the preceding description block...