1790 matches found
CVE-2008-1111
modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...
DEBIAN-CVE-2008-1111
modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...
CVE-2008-1111
CVE-2008-1111 affects lighttpd 1.4.18 through the mod_cgi path. When a fork failure occurs, lighttpd may return the source code of the CGI script instead of a 500 error, potentially allowing remote attackers to obtain sensitive information (information disclosure). Connected documents indicate re...
CVE-2008-1111
modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...
CVE-2008-1111
modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...
PYSEC-2008-8
common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...
Apple Mail邮件附件处理代码执行漏洞
BUGTRAQ ID: 26510 Apple Mail是苹果操作系统中所捆绑的邮件客户端。 Apple Mail在处理畸形的邮件附件时存在漏洞,远程攻击者可能利用此漏洞在用户系统上执行恶意命令。 Mac操作系统上的文件可能包含有额外的信息,例如其他程序打开文件所要使用的信息。操作系统将这些文件储存在链接到文件的名为resource fork的文件系统中。通常仅有本地系统才可以访问这类信息,但对于邮件,MIME格式AppleDouble允许附带resource fork,并由Apple Mail自动分析。...
HP-UX Security Patch : PHKL_28428
mmap/fork io,VM-JFS ddlock,thrd prf,usr lim %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26388; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...
linux/x86 raw-socket ICMP/checksum shell 235 byte
No description provided by source. ; ; Copyright c 2007 by [email protected] ; ; 235-byte raw-socket ICMP/checksum shell - x86-lnx ; by mu-b - Nov 2006 ; ; icmp with identifier flagbyte and commands in the ; following format:- ; "/bin/sh\x00-c\x00command here\x00" ; ; unlike other icmp shells,...
CVE-2006-6546
PHP remote file inclusion vulnerability in inc/shows.inc.php in cutenews aj-fork CN:AJ 167f and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter...
CVE-2006-6546
CVE-2006-6546 pertains to PHP remote file inclusion in inc/shows.inc.php of cutenews aj-fork (CN:AJ) version 167f and earlier. The underlying issue is an RFI vulnerability where an attacker can supply a URL via the cutepath parameter to cause arbitrary PHP code execution on the affected server. T...
CuteNews Aj-fork Shows.Inc.PHP远程文件包含漏洞
CuteNews Aj-fork是一款基于PHP的WEB应用程序。 CuteNews Aj-fork不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞以WEB进程权限执行任意指令。 问题是'Shows.Inc.PHP'脚本对用户提交的WEB参数缺少过滤,指定远程服务器上的任意文件作为包含对象,可导致以进程权限执行任意指令。 Cutenews Aj-fork Cutenews Aj-fork beta http://sourceforge.net/projects/ajfork...
cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability
=========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal Name : cutenews aj-fork Class =...
cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability
No description provided by source. =========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal...
CuteNews aj-fork 167f - cutepath Remote File Inclusion
CuteNews aj-fork 167f - cutepath Remote File Inclusion =========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir...
cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ===================================================================== cutenews aj-fork = 167f cutepath Remote File Include Vulnerability =====================================================================...
CuteNews aj-fork 167f - 'cutepath' Remote File Inclusion
=========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal Name : cutenews aj-fork Class =...
Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (2)
Exploit for linux platform in category local exploits ================================================================== Linux Kernel 2.6.13 = 2.6.13 prctl kernel exploit C Julien TINNES If you read the Changelog from 2.6.13 you've probably seen: PATCH setuid core dump This patch mainly adds...
GLSA-200606-19 : Sendmail: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200606-19 Sendmail: Denial of Service Frank Sheiness discovered that the mime8to7 function can recurse endlessly during the decoding of multipart MIME messages until the stack of the process is filled and the process crashes. Impa...
linux/x86 TCP Proxy Shellcode 236 bytes
Exploit for linux/x86 platform in category shellcode ======================================= linux/x86 TCP Proxy Shellcode 236 bytes ======================================= // proxylib.c - is located at http://www.milw0rm.com/id.php?id=1476 /str0ke / hey all.. this is my attempt at a very small...