PassGo SSO Plus weak permissions

Weak installation folder permissions...

CVE-2006-5968

MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions Users create files/directories, which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP...

CVE-2006-5902

viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...

Multiple Cisco Secure Desktop security vulnerabilities

Weak NTFS permissions on installation folder. Protection bypass. Information leak...

Secunia Research: IBM Lotus Notes Insecure Default FolderPermissions

====================================================================== Secunia Research 18/10/2006 - IBM Lotus Notes Insecure Default Folder Permissions - ====================================================================== Table of Contents Affected...

Weak IBM Lotus Notes client permissions

Application folder has Everyone:Full Control permissions...

CVE-2005-2454

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions Everyone/Full Control for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder...

The history of the easiest Windows password rescue can't login-bug warning-the black bar safety net

Forgot Windows login password? On the Internet about solution are numerous, but after trying you will find that many methods are simply not effective, and some may even cause the system to collapse completely. By the author in Windows 2 0 0 0 and Windows XP in the repeated research and testing,...

VulnCheck KEV: CVE-2006-3730

Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service crash and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy...

Use OllyDBG direct access to the folder encryption software password-vulnerability warning-the black bar safety net

Recently, a friends using“mobile encrypt”a Internet free Free after Forgot Password, I use ollydbg perfect solution to folder encryption after the forgotten password problem, online although a part of the solution, but the feel is very troublesome, not directly decrypt but by extracting the way t...

limbolite.txt

Hello Title : Limbo - Lite Mambo CMS Multiple Vulnerabilities Remote File including - Full path - make php shell - and create folder with 0777 permissions Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] // Remote File Including...

PT-2006-5498 · Mcgallerypro · Mcgallery Pro

Name of the Vulnerable Software and Affected Versions: mcGalleryPRO 2006 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the path to folder parameter in the random2.php file. Recommendations: For mcGalleryPRO 2006, consider restricting access to the...

CVE-2006-4675

Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...

CVE-2006-4675

Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...

CVE-2006-4675

Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...

webinsta.txt

+-------------------------------------------------------------------- + + WEBInsta Mailing list manager cabsolutepath 1.3e RFI + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/311/org/+ WEBInstaMailinglistmanagercabsolutepath1.3eRFI.htm +...

CVE-2006-4255

CVE-2006-4255 affects Horde IMP H3 before 4.1.3. The vulnerability is a Cross-Site Scripting (XSS) flaw in horde/imp/search.php, reported as injectible via multiple unspecified vectors related to folder names and the vfolder_label field in the IMP search screen. Affected component is the IMP webm...

Sonium Enterprise Adressbook 0.2 - folder Include

Sonium Enterprise Adressbook 0.2 - folder Include +-------------------------------------------------------------------- + + Sonium Enterprise Adressbook Version 0.2 folder RFI + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/342/org/SoniumEnterpriseAdressbookVersion0.2folderRFI.ht...

AOL weak permissions

Application folder has Everyone:Full Control permission...

WEBInsta Mailing list manager (cabsolute_path) 1.3e RFI

+-------------------------------------------------------------------- + + WEBInsta Mailing list manager cabsolutepath 1.3e RFI + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/311/org/+ WEBInstaMailinglistmanagercabsolutepath1.3eRFI.htm +...