dovecot: insecure mail_extra_groups option

Dovecot before 1.0.11, when configured to use mailextragroups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack...

PHP Jokesite 2.0 - 'cat_id' SQL Injection

|| || | || o,7 || . o7 || 4||| ow, : / / . ================================ ========================== ==================== |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings...

ajhyip-sql.txt

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

CVE-2008-1594

The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing JFS2 filesystems on concurrent volume groups spread across multiple nodes, which allows local users of one node to cause a denial of service remote node crash by using chfs or lreducelv to reduce a filesystem's size...

PYSEC-2008-14

Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...

CVE-2008-0164

Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...

DEBIAN-CVE-2008-1199

Dovecot before 1.0.11, when configured to use mailextragroups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack...

Powered by Pagetool Ver (1.04-05-06-07)

Google arama : www.1923turk.org Turkishwariorr Powered by Pagetool Ver 1.04 Powered by Pagetool Ver 1.07 Powered by Pagetool Ver 1.05 Powered by Pagetool Ver 1.06 Site sonuna :...

ManageEngine Applications Manager Invalid URL Remote Information Disclosure

The version of ManageEngine Applications Manager installed on the remote host is affected by an information disclosure vulnerability due to the application returning a summary of monitor groups and alerts in response to a request with an invalid URL. A remote attacker, using a URL with an invalid...

OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service

OpenBSD 4.2 - rtlabelid2name Local Null Pointer Dereference Denial of Service / OpenBSD 4.2 rtlabelid2name SIOCGIFRTLABEL ioctl Null Pointer Dereference local Denial of Service Exploit by Hunger Advisory: http://marc.info/?l=openbsd-security-announce&m=120007327504064 FOR TESTING PURPOSES ONLY! $...

Debian Security Advisory DSA 173-1 (bugzilla)

The remote host is missing an update to bugzilla announced via advisory DSA 173-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EkinBoard <= 1.1.0 Remote File Upload / Auth Bypass Vulnerabilities

No description provided by source. ---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / &nb...

Security fix for the ALT Linux 5 package samba version 3.0.28-alt1

Dec. 10, 2007 Alexander Bokovoy 3.0.28-alt1 - Fixed: + CVE-2007-6015: == Specifically crafted GETDC mailslot requests == can trigger a boundary error in the domain == controller GETDC mail slot support which == can be remotely exploited to execute arbitrary == code. + fix error path in local...

CVE-2007-6051

CVE-2007-6051 concerns IBM DB2 UDB 9.1 before Fixpak 4, where privileges are assigned to the DB2ADMNS and DB2USERS groups in an incorrect way. The sources confirm the affected product and version but state the impact is unknown and that vendor descriptions are too vague to determine if it is secu...

teatro-rfi.txt

teatro 1.6 Remote File Include Vulnerability Download script : http://telemat.die.unifi.it/book/2003/Telematica-II/teatro-1.6.tgz Dicovered by : Alkomandoz Hacker Contact : [email protected] =========================================================================...

CVE-2007-5597

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

Authentication flaw

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

CVE-2007-5597

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

openSUSE 10 Security Update : samba (samba-1830)

Prevent potential crash in winbindd's credential cache handling; 184450. - Fix memory exhaustion DoS; CVE-2006-3403; 190468. - Fix the munlock call, samba.org svn rev r16755 from Volker. - Change the kerberos principal for LDAP authentication to netbios-name$@realm from host/name@realm; 184450. -...