1000 matches found
VERITAS-OSX.pl.txt
!/usr/bin/perl VERITAS-OSX.pl - VERITAS NetBackup Format Strings OSX/ppc Remote Exploit Original code by johnhatdigitalmunitiondotcom modified by KF to work on OSX / ppc bug found by kflistsatdigitalmunitiondotcom http://www.digitalmunition.com/ This exploit May NOT be posted to a public Archive...
VERITAS-Linux.pl.txt
!/usr/bin/perl VERITAS-Linux.pl - VERITAS NetBackup Format Strings Linux/x86 Remote Exploit johnhatdigitalmunitiondotcom bug found by kflistsatdigitalmunitiondotcom http://www.digitalmunition.com/ This exploit May NOT be posted to a public Archive like k-otik without being in its original GPG for...
[Full-disclosure] GeSHi Local PHP file inclusion 1.0.7.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 GeSHi Local PHP file inclusion 1.0.7.2 Author: Maksymilian Arciemowicz cXIb8O3 .17 Date: 21.9.2005 from SECURITYREASON.COM - --- 0.Description --- GeSHi started as a mod for the phpBB forum system, to enable highlighting of more languages than the...
[SECURITYREASON.COM] phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16 Author: Maksymilian Arciemowicz cXIb8O3 from SECURITYREASON.COM TEAM Date: 14.07.2005 01:54 GMT+01.00 - --- 0.Description --- phpAdsNew is an open-source ad server, with an integrated banner...
phpAdsNew205.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16 Author: Maksymilian Arciemowicz cXIb8O3 from SECURITYREASON.COM TEAM Date: 14.07.2005 01:54 GMT+01.00 - --- 0.Description --- phpAdsNew is an open-source ad server, with an integrated banner...
[Full-disclosure] Advisory 01/2005: Fileupload/download vulnerability in Trac
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Happy Python Hackers Project www.hardened-php.net -= Security Advisory =- Advisory: Fileupload/download vulnerability in Trac Release Date: 2005/06/20 Last Modified: 2005/06/20 Author: Stefan Esser [email protected] Application: Trac = 0.8.3...
Mandrake Linux Security Advisory : gnupg (MDKSA-2001:053-1)
A format string vulnerability exists in gnupg 1.0.5 and previous versions which is fixed in 1.0.6. This vulnerability can be used to invoke shell commands with privileges of the currently logged-in user. Update : The /usr/bin/gpg executable was installed setuid root and setgid root. While being...
CVE-2003-0990
The parseAddress code in 1 SquirrelMail 1.4.0 and 2 GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field...
CVE-2003-0990
The CVE-2003-0990 issue affects SquirrelMail 1.4.0 and the GPG Plugin 1.1, where the parseAddress code can be abused to execute shell commands via metacharacters in the To: field. This is a remote command-execution vulnerability exploitable via SMTP delivery (e.g., via crafted email contents) and...
CVE-2003-0990
The parseAddress code in 1 SquirrelMail 1.4.0 and 2 GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field...
CVE-2003-0978
CVE-2003-0978 affects the GnuPG client’s gpgkeys_hkp implementation (experimental HKP interface). The vulnerability is a format string issue that can be triggered during key retrieval, potentially allowing a remote attacker or a malicious keyserver to crash the client and, in some scenarios, exec...
CVE-2003-0971
GnuPG (GPG) versions 1.0.2 through 1.2.3 are affected by an ElGamal sign+encrypt issue where the same key component is used for encryption and signing. The root cause is the construction of ElGamal type 20 keys, which allows an attacker to determine the private key from a signature. The connected...
ProFTPd 1.2.9 rc2 - '.ASCII' File Remote Code Execution (2)
ProFTPd remote root exploit solareclipse at phreedom dot org GPG key ID: E36B11B7 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/3021.tar.gz 12262006-proftpd-not-pro-enough.tar.gz milw0rm.com 2003-10-15...
CVE-2003-0546
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised...
CVE-2003-0546
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised...
CVE-2003-0546
CVE-2003-0546 affects up2date 3.0.7 and 3.1.23, which do not properly verify RPM GPG signatures. This could let remote attackers install unsigned packages from the Red Hat Network if that network is compromised. The CVSS base score is 7.5 (HIGH). Exploitation details are not provided in the suppl...
KDE packages updated
New KDE packages are available for Slackware 9.0. These address a security issue where Konqueror may leak authentication credentials. Here are the details from the Slackware 9.0 ChangeLog: Fri Aug 1 15:15:51 PDT 2003 patches/packages/kde/: Upgraded to KDE 3.1.3. Note that this update addresses a...
MDKSA-2001:043 - rpmdrake update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Linux-Mandrake Security Update Advisory Package name: rpmdrake Date: April 27th, 2001 Advisory ID: MDKSA-2001:043 Affected versions: 8.0 Problem Description: A temporary file vulnerability exists in rpmdrake. This updated rpmdrake corrects the problem...
[RHSA-2000:094-01] Updated cyrus-sasl packages available for Red Hat Linux 7
--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Updated cyrus-sasl packages available for Red Hat Linux 7 Advisory ID: RHSA-2000:094-01 Issue date: 2000-10-26 Updated on: 2000-10-26 Product: Red Hat Linux Keywords: cyrus-sasl...
GPG 1.0.3 doesn't detect modifications to files with multiple signatures
Attached is multiple copies of a file I had signed. Then I started modifying parts of the SIGNED message. To see if gpg could detect that the messages had been altered. It did not detect them, so long as the last signed message had not been altered. Save this message as newfile.asc and run gpg...