67 matches found
Debian DSA-4692-1 : netqmail - security update
Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail shipped in Debian as netqmail with additional patches which could result in the execution of arbitrary code, bypass of mail address verification and a local information leak whether a file exists or not. C...
[SECURITY] [DSA 4692-1] netqmail security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4692-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4692-1] netqmail security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4692-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2020 https://www.debian.org/security/faq -...
PunBB 1.4.4 Database Disclosure
From https://j.ludost.net/blog/archives/2019/11/11/minorsecurityissueinpunbbwithsqlite/index.html Minor security issue in punbb with SQLite Georgi Guninski security advisory 76, 2019 Running punbb-master from https://github.com/punbb/punbb from Thu 07 Nov 2019 11:23:33 AM UTC Installing on...
Linux Kernel <= 2.6.9 / <= 2.4.28 - vc_resize int Local Overflow Exploit
No description provided by source. / vcresize int overflow Copyright Georgi Guninski Cannot be used in vulnerability databases / include stdio.h include stdlib.h include sys/types.h include sys/stat.h include fcntl.h include linux/vt.h include sys/vt.h include sys/ioctl.h include string.h include...
Linux Kernel <= 2.6.11 (CPL 0) Local Root Exploit (k-rad3.c)
No description provided by source. / k-rad3.c - linux 2.6.11 and below CPL 0 kernel local exploit v3 Discovered and original exploit coded Jan 2005 by sd [email protected] Modified 2005/9 by alert7 [email protected] XFOCUS Security Team http://www.xfocus.org gcc -o k-rad3 k-rad3.c -static -O2 test...
MS IE 5.0 ActiveX "Object for constructing type libraries for scriptlets" Vulnerability
No description provided by source. Microsoft Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4 ActiveX Object for constructing type libraries for scriptlets Vulnerability source: http://www.securityfocus.com/bid/598/info The 'scriptlet.typlib' ActiveX control can create, edit, and...
Local Java applets may read contents of local file system — Mozilla
Security researcher Georgi Guninski reported an issue with Java applets where in some circumstances the applet could access files on the local system when loaded using the a file:/// URI and violate file origin policy due to interaction with the codebase parameter. This affects applets running on...
Ubuntu Update for apt USN-1477-1
Ubuntu Update for Linux kernel vulnerabilities USN-1477-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14771.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for apt USN-1477-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Mozilla Foundation Security Advisory 2010-05
Mozilla Foundation Security Advisory 2010-05 Title: XSS hazard using SVG document and binary Content-Type Impact: Moderate Announced: February 17, 2010 Reporter: Georgi Guninski Products: Firefox, SeaMonkey Fixed in: Firefox 3.6 Firefox 3.5.8 Firefox 3.0.18 SeaMonkey 2.0.3 Description Mozilla...
Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-667-1
Ubuntu Update for Linux kernel vulnerabilities USN-667-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6671.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-667-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone...
Mozilla Foundation Security Advisory 2009-04
Mozilla Foundation Security Advisory 2009-04 Title: Chrome privilege escalation via local .desktop files Impact: Moderate Announced: February 3, 2009 Reporter: Georgi Guninski Products: Firefox, SeaMonkey Fixed in: Firefox 3.0.6 Description Mozilla security researcher Georgi Guninski reported tha...
Mozilla Foundation Security Advisory 2008-48
Mozilla Foundation Security Advisory 2008-48 Title: Image stealing via canvas and HTTP redirect Impact: High Announced: November 12, 2008 Reporter: Georgi Guninski, Michal Zalewski, Chris Evans Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.18 Thunderbird 2.0.0.18 SeaMonkey...
Mozilla Foundation Security Advisory 2008-46
Mozilla Foundation Security Advisory 2008-46 Title: Heap overflow when canceling newsgroup message Impact: Critical Announced: September 25, 2008 Reporter: Georgi Guninski Products: Thunderbird, SeaMonkey Fixed in: Thunderbird 2.0.0.17 SeaMonkey 1.1.12 Description Georgi Guninski reported a buffe...
Mozilla Firefox <= 1.0.7 Integer Overflow Denial of Service Exploit
No description provided by source. html Copyright Georgi Guninski br Cannot be used in vulnerability databases br Especially securityfocus/mitre/cve/cert script var s=String.fromCharCode257; var ki=""; var me="";...
Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win)
No description provided by source. !-- Even though Georgi Guninski retired from the scene, his old code is still finding new bugs. iphone fw:1.1.4 : locks up safari win32 : crashes safari osx : crashes looped the x's on milw0rm to find the bug...
Apple Safari (webkit) (iPhoneOSXWindows) - Remote Denial of Service
Apple Safari webkit iPhoneOSXWindows - Remote Denial of Service Copyright Georgi Guninski Cannot be used in vulnerability databases Especially securityfocus/mitre/cve/cert var s=String.fromCharCode257; var ki=""; var me=""; fori=0;i milw0rm.com 2008-03-17...
safariphone-dos.txt
Copyright Georgi Guninski Cannot be used in vulnerability databases Especially securityfocus/mitre/cve/cert var s=String.fromCharCode257; var ki=""; var me=""; fori=0;i...
Apple Safari (webkit) (iPhone/OSX/Windows) - Remote Denial of Service
Copyright Georgi Guninski Cannot be used in vulnerability databases Especially securityfocus/mitre/cve/cert var s=String.fromCharCode257; var ki=""; var me=""; fori=0;i milw0rm.com 2008-03-17...
Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win)
Exploit for multiple platform in category dos / poc ======================================================================= Apple Safari webkit Remote Denial of Service Exploit iphone/osx/win ======================================================================= Copyright Georgi Guninski Cannot ...