Lucene search
+L

8820 matches found

securityvulns
securityvulns
added 2004/01/14 12:0 a.m.32 views

unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

0 Preface Now that most bugs in isakmpd that allowed for unauthorized SA deletion are "fixed", it's time to release some information on racoon. By the way: About 5 months ago I tried to contact the KAME developers. 1 Description racoon, KAME's IKE daemon, contains some flaws, that allow for...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2004/01/13 12:0 a.m.19 views

phpGedView 2.65 beta 5 - Multiple Vulnerabilities

phpGedView 2.65 beta 5 - Multiple Vulnerabilities phpGedView Multiple Vulnerabilities Vendor: phpGedView Product: phpGedView Version: = 2.65 beta 5 Website: http://phpgedview.sourceforge.net Description: The phpGedView project parses GEDCOM 5.5 genealogy files and displays them on the Internet in...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2004/01/03 12:0 a.m.49 views

multiple payload handling flaws in isakmpd, again

0 Preface On 2003/11/06 a bug fix for a payload handling flaw in isakmpd described in http://securityfocus.com/archive/1/343173 was committed to CVS. Other payload handling flaws, which were not presented on a silver platter, but only mentioned in side notes, still remain unfixed. This posting wi...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2003/12/27 12:0 a.m.897 views

CGI bugs

No description provided...

1.4AI score
Exploits0References14Affected Software7
OSV
OSV
added 2003/11/17 5:0 a.m.7 views

CVE-2003-0833

Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname...

7.6AI score
Exploits0References2
securityvulns
securityvulns
added 2003/11/05 12:0 a.m.30 views

[NEWS] Multiple Payload Handling Flaws in ISAKMPd

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/11/05 12:0 a.m.26 views

Bugzilla < 2.16.4 / 2.17.5 Multiple Vulnerabilities (SQLi, ID)

According to its version number, the remote Bugzilla bug tracker is vulnerable to various flaws that could let a privileged user execute arbitrary SQL commands on this host, which could allow an attacker to obtain information about bugs marked as being confidential. %NASLMINLEVEL 70300 C Tenable...

10CVSS5.8AI score0.02572EPSS
Exploits0References6
securityvulns
securityvulns
added 2003/10/13 12:0 a.m.31 views

TRACKtheCLICK Script Injection Vulnerabilities

Scripts4webmasters.com TRACKtheCLICK Script Injection Vulnerabilities Discovered By Chris Rahm aka: BrainRawt [email protected] About TRACKtheCLICK: -------------------- A perl coded CGI that tracks your email, ezine, banner, and web site links. TRACKtheCLICK outputs log information to a data...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2003/10/03 12:0 a.m.22 views

[Full-Disclosure] exploiting fortigate firewall through webinterface

Issue: Several vulnerabilities in web interface of Fortigate firewall of which the most serious one will allow a remote attacker to obtain a username and password of the Fortigate. Release: pre 2.50 maintenance release 4 Fixed in: Fortinet OS 2.50 MR4, available from FTP as of 29 Sept. 2003 Date:...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2003/09/25 12:0 a.m.29 views

TCLHttpd Server - Multiple Vulnerabilities

Released Date 09/23/2003 TITLE ===== TCLHttpd 3.4.2 - Multiple Vulnerabilities DESCRIPTION =========== "TclHttpd is used both as a general-purpose Web server, and as a framework for building server applications. It implements Tcl http://www.tcl.tk, including the Tcl Resource Center and Scriptics'...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2003/09/16 12:0 a.m.38 views

minihttp.txt

Minihttpserver 1.x Host Engine Flaws Url: http://www.minihttpserver.net + File-Sharing for NET: "File Sharing for net is a complete, secure web server that shares your business documents and files over the web: remote users only need browsers to view your files. Share, transfer files securely wit...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/08/19 12:0 a.m.26 views

Advisory 02/2003: emule/xmule/lmule vulnerabilities

e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: eMule/lmule/xmule multiple remote vulnerabilities Release Date: 2003/08/17 Last Modified: 2003/08/17 Author: Stefan Esser [email protected] Application: eMule = 0.29c xmule = 1.4.3, = 1.5.6a lmule = 1.3.1 Severity: Several...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/08/11 12:0 a.m.33 views

phpWebSite < 0.9.x Multiple Vulnerabilities

There are multiple flaws in the remote version of phpWebSite that may allow an attacker to gain the control of the remote database, or to disable this site entirely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.8CVSS5.4AI score0.02728EPSS
Exploits0References5
securityvulns
securityvulns
added 2003/07/23 12:0 a.m.39 views

IIS 6.0 Web Admin Multiple vulnerabilities

Hi, last week I installed Windows 2003 for the first time Enterprise edition and Web Server edition. My first objective was to check the security in the IIS 6.0 and of course my target was the Web Admin interfacethat comes with a lot of ASP's to play with ;- Some flaws were detected, the vendor h...

Exploits0
CERT
CERT
added 2003/07/18 12:0 a.m.39 views

Weaknesses in MIT magic cookie and XDM X Windows authorization

Overview MIT magic cookie and XDM authorization contain vulnerabilities that could allow remote attackers to connect to X displays. Description Two widely used X Window System authorization schemes have weaknesses in their sample implementations. MIT-MAGIC-COOKIE-1 On some systems built without t...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2003/06/21 12:0 a.m.137 views

phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures

phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures -------------------- Product: phpMyAdmin Vendor: phpMyAdmin Development Team Versions: VULNERABLE - 2.5.2 CVS in Development - 2.5.x - 2.4.x - 2.3.x - 2.2.x - 2.1.x - 2.0.x - 1.x.x NO...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/06/18 12:0 a.m.219 views

CesarFTP Multiple Vulnerabilities (OF, File Access, more)

The remote host is running CesarFTP, an FTP server for Windows systems. There are multiple flaws in this version of CesarFTP that could allow an attacker to execute arbitrary code on this host, or simply to disable this server remotely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.5CVSS6.1AI score0.61673EPSS
Exploits7References9
Tenable Nessus
Tenable Nessus
added 2003/06/09 12:0 a.m.18 views

Spyke Multiple Remote Vulnerabilities

The remote host is using Spyke - a web board written in PHP. This board stores vital information in the file info.dat, which can be downloaded by anyone. This file contains the name of the administrator of the website, as well as its password. Another flaw lets an attacker download information...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/06/03 12:0 a.m.35 views

rot13sj.cgi Arbitrary File Access

The remote host is running the CGI 'rot13sj.cgi'. This CGI contains various flaws which may allow a user to execute arbitrary commands on this host and to read aribrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: http://www.geocities.com/sjefferson101010/ link is broken...

6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2003/05/30 12:0 a.m.6 views

PT-2003-1559 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.11 and earlier Description: The issue is related to multiple integer overflow vulnerabilities. These vulnerabilities can be exploited by remote attackers to cause a denial of service and possibly execute arbitrary code...

7.5CVSS9.8AI score0.07729EPSS
Exploits0References10
Rows per page
Query Builder