225 matches found
krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation XDR data. An authenticated user could use this flaw to crash the MIT Kerberos administration server kadmind, or other applications using Kerberos libraries, using specially crafted XDR packets...
cPanel 5/6/7/8/9 Resetpass Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9848/info A potential remote command execution vulnerability has been discovered in the cPanel Application. This issue occurs due to insufficient sanitization of externally supplied data to the script that handles resetti...
FreeBSD : OpenTTD -- Multiple buffer overflows in validation of external data (9bad5ab1-f3f6-11e0-8b5c-b482fe3f522d)
The OpenTTD Team reports : Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service daemon crash or possibly gain privileges via 1 a crafted BMP file with RLE compression or 2 crafted dimensions in a BMP file. %NASLMINLEVEL 70300 C Tenable Network Security,...
OpenTTD -- Multiple buffer overflows in validation of external data
The OpenTTD Team reports: Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service daemon crash or possibly gain privileges via 1 a crafted BMP file with RLE compression or 2 crafted dimensions in a BMP file...
Shopxp-v10. 8 5 external submission of data vulnerability-vulnerability warning-the black bar safety net
savexpadmin. asp is not filtered outside the submitted data: http://127.0.0.1/admin/savexpadmin.asp?action=add&admin2=qing&password2=qing520&Submit2=%CC%ED%BC%D3%B9%DC%C0%ED%D4%B1 Increase user: qing password is qing520 user Login background: http://127.0.0.1/upfilepicgetimg.asp Grab the cookies...