155 matches found
PT-2013-1211 · Gnu +3 · Glibc +3
Name of the Vulnerable Software and Affected Versions: glibc versions prior to 2.15-r3 Description: The issue concerns multiple vulnerabilities in the glibc package, which can lead to breaches of confidentiality, integrity, and availability of protected information. Exploitation can occur locally...
MySQL < 4.1.21 / 5.0 Denial of Service
The version of MySQL installed on the remote host is earlier than 4.1.21 / 5.0 and reportedly allows a remote, authenticated user to crash the server via a format string attack. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17800; scriptversion"1.4";...
minerCPP 0.4b - Remote Buffer Overflow / Format String
!/usr/bin/env python minerCPP 0.4b Remote BOF+Format String Attack Exploit Software Link: http://sourceforge.net/projects/minercpp/ Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email: [email protected] Tested on Windows 7 In order to make...
minerCPP 0.4b - Remote Buffer Overflow Format String
minerCPP 0.4b - Remote Buffer Overflow Format String !/usr/bin/env python minerCPP 0.4b Remote BOF+Format String Attack Exploit Software Link: http://sourceforge.net/projects/minercpp/ Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email:...
minerCPP 0.4b Buffer Overflow / Format String
!/usr/bin/env python minerCPP 0.4b Remote BOF+Format String Attack Exploit Software Link: http://sourceforge.net/projects/minercpp/ Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email: [email protected] Tested on Windows 7 In order to make...
Debian: Security Advisory (DSA-2065-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2065-1 (kvirc)
The remote host is missing an update to kvirc announced via advisory DSA 2065-1. OpenVAS Vulnerability Test $Id: deb20651.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2065-1 kvirc Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
Debian DSA-2065-1 : kvirc - several vulnerabilities
Two security issues have been discovered in the DCC protocol support code of kvirc, a KDE-based next generation IRC client, which allow the overwriting of local files through directory traversal and the execution of arbitrary code through a format string attack. %NASLMINLEVEL 70300 C Tenable...
[SECURITY] [DSA 2065-1] New kvirc packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2065-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 27, 2010 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2007-1 (cups)
The remote host is missing an update to cups announced via advisory DSA 2007-1. OpenVAS Vulnerability Test $Id: deb20071.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2007-1 cups Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
CGI Generic Format String
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. They seem to be vulnerable to a 'format string' attack. By leveraging this issue, an attacker may be able to execute arbitrary code on the remote host subject to the privileges under which the web server...
Format string
Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...
Gentoo Security Advisory GLSA 200404-12 (scorched3d)
The remote host is missing updates announced in advisory GLSA 200404-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200404-12 (scorched3d)
The remote host is missing updates announced in advisory GLSA 200404-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: rssh
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: rssh
The remote host is missing an update to the system as announced in the referenced advisory. VID 1f826757-26be-11d9-ad2d-0050fc56d258 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian DSA-1512-1 : evolution - format string attack
Ulf Harnhammar discovered that Evolution, the e-mail and groupware suite, had a format string vulnerability in the parsing of encrypted mail messages. If the user opened a specially crafted email message, code execution was possible. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1512-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 05, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1512-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 05, 2008 http://www.debian.org/security/faq -...
SurgeMail Page命令远程格式串处理漏洞
BUGTRAQ ID: 27990 SurgeMail是下一代的邮件服务器,可运行在Windows NT/2K或UNIX平台上,支持所有的标准IMAP、POP3、SMTP、SSL和ESMTP协议。 SurgeMail中用于处理webmail接口(webmail.exe)的CGI存在安全漏洞,远程攻击者可能利用此漏洞控制服务器。 CGI中用于在请求错误页面时构建错误消息的函数未经验证格式参数便直接将其传送给了lvprintf: "TPL: Failed to Locate Template c:\surgemail\webmail\panel%s%s%s%s%s%s.tpl2=No suc...