Lucene search
K

1790 matches found

UbuntuCve
UbuntuCve
added 2008/03/04 11:44 p.m.30 views

CVE-2008-1111

modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...

5CVSS7.2AI score0.02017EPSS
Exploits1References1
OSV
OSV
added 2008/03/04 11:44 p.m.3 views

DEBIAN-CVE-2008-1111

modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...

5CVSS7.1AI score0.02017EPSS
Exploits1References1
CVE
CVE
added 2008/03/04 11:0 p.m.94 views

CVE-2008-1111

CVE-2008-1111 affects lighttpd 1.4.18 through the mod_cgi path. When a fork failure occurs, lighttpd may return the source code of the CGI script instead of a 500 error, potentially allowing remote attackers to obtain sensitive information (information disclosure). Connected documents indicate re...

5CVSS6.2AI score0.02017EPSS
Exploits1References19Affected Software1
Cvelist
Cvelist
added 2008/03/04 11:0 p.m.32 views

CVE-2008-1111

modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...

6.2AI score0.02017EPSS
Exploits1References19
Debian CVE
Debian CVE
added 2008/03/04 11:0 p.m.30 views

CVE-2008-1111

modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...

5CVSS6.3AI score0.02017EPSS
Exploits1
PyPA
PyPA
added 2008/01/16 11:0 p.m.7 views

PYSEC-2008-8

common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...

4.3CVSS6.6AI score0.0162EPSS
Exploits1References13Affected Software1
seebug.org
seebug.org
added 2007/11/26 12:0 a.m.22 views

Apple Mail邮件附件处理代码执行漏洞

BUGTRAQ ID: 26510 Apple Mail是苹果操作系统中所捆绑的邮件客户端。 Apple Mail在处理畸形的邮件附件时存在漏洞,远程攻击者可能利用此漏洞在用户系统上执行恶意命令。 Mac操作系统上的文件可能包含有额外的信息,例如其他程序打开文件所要使用的信息。操作系统将这些文件储存在链接到文件的名为resource fork的文件系统中。通常仅有本地系统才可以访问这类信息,但对于邮件,MIME格式AppleDouble允许附带resource fork,并由Apple Mail自动分析。...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/10/03 12:0 a.m.11 views

HP-UX Security Patch : PHKL_28428

mmap/fork io,VM-JFS ddlock,thrd prf,usr lim %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26388; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

7AI score
Exploits0References1
seebug.org
seebug.org
added 2007/04/02 12:0 a.m.11 views

linux/x86 raw-socket ICMP/checksum shell 235 byte

No description provided by source. ; ; Copyright c 2007 by [email protected] ; ; 235-byte raw-socket ICMP/checksum shell - x86-lnx ; by mu-b - Nov 2006 ; ; icmp with identifier flagbyte and commands in the ; following format:- ; "/bin/sh\x00-c\x00command here\x00" ; ; unlike other icmp shells,...

7.1AI score
Exploits0
NVD
NVD
added 2006/12/14 2:28 a.m.16 views

CVE-2006-6546

PHP remote file inclusion vulnerability in inc/shows.inc.php in cutenews aj-fork CN:AJ 167f and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter...

7.5CVSS7.6AI score0.02797EPSS
Exploits0References5
CVE
CVE
added 2006/12/14 2:0 a.m.52 views

CVE-2006-6546

CVE-2006-6546 pertains to PHP remote file inclusion in inc/shows.inc.php of cutenews aj-fork (CN:AJ) version 167f and earlier. The underlying issue is an RFI vulnerability where an attacker can supply a URL via the cutepath parameter to cause arbitrary PHP code execution on the affected server. T...

7.5CVSS7.9AI score0.02797EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2006/12/08 12:0 a.m.68 views

CuteNews Aj-fork Shows.Inc.PHP远程文件包含漏洞

CuteNews Aj-fork是一款基于PHP的WEB应用程序。 CuteNews Aj-fork不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞以WEB进程权限执行任意指令。 问题是'Shows.Inc.PHP'脚本对用户提交的WEB参数缺少过滤,指定远程服务器上的任意文件作为包含对象,可导致以进程权限执行任意指令。 Cutenews Aj-fork Cutenews Aj-fork beta http://sourceforge.net/projects/ajfork...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/06 12:0 a.m.67 views

cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability

=========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal Name : cutenews aj-fork Class =...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2006/12/05 12:0 a.m.38 views

cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability

No description provided by source. =========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/12/04 12:0 a.m.24 views

CuteNews aj-fork 167f - cutepath Remote File Inclusion

CuteNews aj-fork 167f - cutepath Remote File Inclusion =========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir...

7.5AI score
Exploits0
0day.today
0day.today
added 2006/12/04 12:0 a.m.83 views

cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ===================================================================== cutenews aj-fork = 167f cutepath Remote File Include Vulnerability =====================================================================...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/12/04 12:0 a.m.83 views

CuteNews aj-fork 167f - &#039;cutepath&#039; Remote File Inclusion

=========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal Name : cutenews aj-fork Class =...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/07/12 12:0 a.m.19 views

Linux Kernel 2.6.13 <= 2.6.17.4 sys_prctl() Local Root Exploit (2)

Exploit for linux platform in category local exploits ================================================================== Linux Kernel 2.6.13 = 2.6.13 prctl kernel exploit C Julien TINNES If you read the Changelog from 2.6.13 you've probably seen: PATCH setuid core dump This patch mainly adds...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/06/16 12:0 a.m.28 views

GLSA-200606-19 : Sendmail: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200606-19 Sendmail: Denial of Service Frank Sheiness discovered that the mime8to7 function can recurse endlessly during the decoding of multipart MIME messages until the stack of the process is filled and the process crashes. Impa...

5CVSS5.5AI score0.05173EPSS
Exploits0References3
0day.today
0day.today
added 2006/02/07 12:0 a.m.14 views

linux/x86 TCP Proxy Shellcode 236 bytes

Exploit for linux/x86 platform in category shellcode ======================================= linux/x86 TCP Proxy Shellcode 236 bytes ======================================= // proxylib.c - is located at http://www.milw0rm.com/id.php?id=1476 /str0ke / hey all.. this is my attempt at a very small...

7AI score
Exploits0
Rows per page
Query Builder