Lucene search
+L

5501 matches found

seebug.org
seebug.org
added 2007/12/12 12:0 a.m.21 views

SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit

No description provided by source. !/usr/local/bin/ruby puts"http://backdoored.net\n" puts "SquirrelMail G/PG deletekey command injection exploit\n" puts "http://backdoored.net Visit Us\n" puts "Coded by Backdoored member. \n" puts "--------------------------------------------------\n" if ARGV0 =...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/12/03 12:0 a.m.53 views

PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability

PR06-08: BEA Plumtree portal internal hostname disclosure vulnerability Description: BEA Plumtree portal is vulnerable to a internal hostname disclosure vulnerability. The internal hostname of the server hosting BEA Plumtree portal is always included at the bottom of every requested HTML page...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2007/11/28 12:0 a.m.15 views

BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities

BEA AquaLogic Interaction 6.06.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernam...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/28 12:0 a.m.27 views

BEA AquaLogic Interaction 6.0/6.1 Plumtree Portal - Multiple Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/26620/info BEA AquaLogic Interaction is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to access valid usernames in the Plumtree portal as well as the server hostname, build date, and server version. Informati...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/26 12:0 a.m.25 views

Fedora 7 : net-snmp-5.4-16.fc7 (2007-3019)

Fri Oct 19 2007 Jan Safranek 5.4-16 - License: field fixed to 'BSD and CMU' - fix hrSWInst 250237 - fix leak in UDP transport 247771 - fix remote DoS attack CVE-2007-5846 - Mon Oct 8 2007 Jan Safranek 5.4-15 - License: field changed to MIT - fix segfault on parsing smuxpeer without password...

7.8CVSS7.9AI score0.28966EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/11/07 12:0 a.m.5 views

Moderate: Red Hat Bug Fix Advisory: tcp_wrappers bug fix update

Updated tcpwrappers packages that fix several bugs are now available. The tcpwrappers package provides small daemon programs which can monitor and filter incoming requests for systat, finger, FTP, telnet, rlogin, rsh, exec, tftp, talk and other network services. It also contains the libwrap libra...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2007/10/31 4:0 p.m.20 views

CVE-2002-2367

Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname...

8.2AI score0.05409EPSS
Exploits1References3
Cvelist
Cvelist
added 2007/10/19 10:0 a.m.16 views

CVE-2003-1377

Buffer overflow in the reverse DNS lookup of Smart IRC Daemon SIRCD 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname...

7.8AI score0.02879EPSS
Exploits0References3
CVE
CVE
added 2007/10/18 10:0 a.m.65 views

CVE-2002-2261

CVE-2002-2261 affects Sendmail versions 8.9.0–8.12.6. The flaw allows remote attackers to bypass relaying restrictions enforced by the check_relay function by spoofing a blank DNS hostname. Root cause is related to how the relay check handles DNS hostnames, enabling unauthorized relaying. No expl...

7.5CVSS6.5AI score0.02004EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.24 views

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2699)

This update brings Mozilla Firefox to security update version 1.5.0.10. - MFSA 2007-01: As part of the Firefox 2.0.0.2 and 1.5.0.10 update releases several bugs were fixed to improve the stability of the browser. Some of these were crashes that showed evidence of memory corruption and we presume...

9.3CVSS9.1AI score0.5036EPSS
Exploits9References13
Exploit DB
Exploit DB
added 2007/10/15 12:0 a.m.19 views

eXtremail 2.1.1 - 'memmove()' Remote Denial of Service

!/usr/bin/perl extremail-v3.pl Copyright c 2006 by eXtremail 1,50 $maxlen = intrand50 + 1; 0, $maxlen 0.75 - 0, $maxlen 0x75 - 1 $pad1len = intrand$maxlen 0.75; 0, $maxlen - $pad1len/2 - 1, $maxlen - $pad1len/2 $pad2len = intrand$maxlen - $pad1len/length"%s" + 1; $pad3len = $maxlen - $pad1len -...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2007/10/14 12:0 a.m.226 views

Apache Tomcat - 'WebDAV' Remote File Disclosure

!/usr/bin/perl Apache Tomcat Remote File Disclosure Zeroday Xploit kcdarookie aka eliteb0y / 2007 thanx to the whole team & andi : +++KEEP PRIV8+++ This Bug may reside in different WebDav implementations, Warp your mind! +You will need auth for the exploit to work... use IO::Socket; use...

7AI score
Exploits0
CERT
CERT
added 2007/10/13 12:0 a.m.34 views

Cisco IOS LPD buffer overflow vulnerability

Overview The Cisco IOS Line Printer Daemon contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition . Description The Cisco IOS includes support for the UNIX Line Printer Daemon...

9.3CVSS7.7AI score0.14682EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/10/12 1:0 a.m.31 views

CVE-2007-5381

Stack-based buffer overflow in the Line Printer Daemon LPD in Cisco IOS before 12.218SXF11, 12.416a, and 12.42T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to th...

8AI score0.14682EPSS
Exploits1References9
securityvulns
securityvulns
added 2007/10/11 12:0 a.m.33 views

Cisco routers IOS LPD server buffer overflows

Buffer overflow if oversized local hostname is set...

4AI score
Exploits0References1Affected Software1
NVD
NVD
added 2007/10/04 11:17 p.m.23 views

CVE-2007-5213

Multiple cross-site request forgery CSRF vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by 1 an SMTP server change through the confSMTPMailServer1 parameter to ServerManager.srv and 2...

9.3CVSS7.1AI score0.01687EPSS
Exploits1References6
Prion
Prion
added 2007/10/04 11:17 p.m.19 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by 1 an SMTP server change through the confSMTPMailServer1 parameter to ServerManager.srv and 2...

9.3CVSS7.7AI score0.01687EPSS
Exploits1References6Affected Software2
F5 Networks
F5 Networks
added 2007/10/04 12:0 a.m.79 views

SOL6916 - Case change in URL host name circumvents Accessibility Scope

It is possible to bypass the Deny list configured in the Accessibility Scope section located on the Portal Access : Web Applications : Master Group Settings page using a URL whose hostname portion differs in case upper vs. lower from the URL pattern in the Deny list. After logging in to the...

1.3AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2007/08/15 12:0 a.m.82 views

WengoPhone SIP Soft Phone畸形报文拒绝服务漏洞

WengoPhone SIP Soft Phone是一款基于SIP的VoIP电话程序。 WengoPhone SIP Soft Phone实现存在消息验证检查问题,远程攻击者可以利用漏洞进行拒绝服务攻击,使应用程序崩溃。 问题是存在于SIP客户端组件不正确处理SIP报文,MESSAGE处理没有"Content-Type"字段的畸形报文可导致应用程序崩溃。 Wengo WengoPhone 2.1 目前没有解决方案提供: http://www.wengophone.com/ /main.cpp/ include stdio.h include string using namespace...

7.1AI score
Exploits0
NVD
NVD
added 2007/06/11 6:30 p.m.31 views

CVE-2007-3144

Visual truncation vulnerability in Mozilla 1.7.12 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

6.4CVSS6.6AI score0.01234EPSS
Exploits1References5
Rows per page
Query Builder