Novell eDirectory 8.8 SP5 Denial Of Service

Product: Novell eDirectory 8.8 sp5 for Windows Vulnerability: Denial of Service Discussion: Vulnerability in '/dhost/modules?I:' Sending long strings to '/dhost/modules?I:' causes a DoS crashing dhost.exe Also in last weeks published another bug in 'modules?L:' It is not patched yet too.. Credits...

Yahoo Messenger 9 ActiveX DoS (Null Pointer) Vulnerability

Product: Yahoo Messenger 9.0.0.2162 Vulnerability: ActiveX Null Pointer - Denial of Service Description: Yahoo Messenger is prone to a denial-of-service cause of null pointer vulnerability. Vulnerability is in YahooBridgeLib.dll Activex Control An attacker can exploit this vulnerability by entici...

ConPresso CMS 4.07 Session Fixation / XSS

HACKATTACK Advisory 25012009ConPresso CMS 4.07 - Session Fixation, XFS, XSS Details Product: ConPresso CMS 4.07 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.conpresso.de/ Vendor-Status: informed Advisory-Status: not yet published Credits Discovered by: David Vieira-Kurz...

[HACKATTACK Advisory 20081203]Pro Clan Manager 0.4.2 - Session Fixation

HACKATTACK Advisory 20081203Pro Clan Manager 0.4.2 - Session Fixation Details Product: Pro Clan Manager CMS Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.proclanmanager.com/ Vendor-Status: informed Advisory-Status: not yet published Credits Discovered by: David Vieira-Kurz...

social-sql.txt

HACKATTACK Advisory 2008-11-20Social Engine 2.7 CRLF Injection + SQL injection Details Product: Social Engine Security-Risk: moderate Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Vendor-Status: informed Advisory-Status: published Credits Discovered by: David Vieira-Kurz of...

webnews-sql.txt

HACKATTACK Advisory 20081016WEB//NEWS SQL Injection and Cookie Manipulation Details ======= Product: WEB//NEWS Security-Risk: high Remote-Exploit: yes Vendor-URL: http://www.stylemotion.de/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz...