Debian Security Advisory DSA 805-1 (apache2)

The remote host is missing an update to apache2 announced via advisory DSA 805-1. Several problems have been discovered in Apache2, the next generation, scalable, extendable web server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-1268 Marc Stern...

Debian Security Advisory DSA 713-1 (junkbuster)

The remote host is missing an update to junkbuster announced via advisory DSA 713-1. OpenVAS Vulnerability Test $Id: deb7131.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 713-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 145-1 (tinyproxy)

The remote host is missing an update to tinyproxy announced via advisory DSA 145-1. OpenVAS Vulnerability Test $Id: deb1451.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 145-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

MonAlbum 0.87 - Arbitrary File Upload / Password Grabber

!/usr/bin/env perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; use Getopt::Std; my %args, $user, $password, $sqlhost, $sqluser, $sqlpassword, $cookie, $path, $file, $upload = ; my $tmp = 'cmd1.jpg'; getopts"u:a:f:p:", %args; -a don't retrieve login and passwords, use...

MonAlbum 0.87 Upload Shell / Password Grabber Exploit

Exploit for unknown platform in category web applications ===================================================== MonAlbum 0.87 Upload Shell / Password Grabber Exploit ===================================================== !/usr/bin/env perl use strict; use warnings; use LWP::UserAgent; use...

MonAlbum 0.87 - Arbitrary File Upload Password Grabber

MonAlbum 0.87 - Arbitrary File Upload Password Grabber !/usr/bin/env perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; use Getopt::Std; my %args, $user, $password, $sqlhost, $sqluser, $sqlpassword, $cookie, $path, $file, $upload = ; my $tmp = 'cmd1.jpg';...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-4525)

The Sun JAVA JDK 1.6.0 was upgraded to release 3 to fix various bugs, including the following security bugs : http://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1 CVE-2007-5232: Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and...

openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-4536)

The Sun JAVA JDK 1.4.2 was upgraded to release 16 to fix various bugs, including the following security bugs : http://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1 CVE-2007-5232: Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and...

Anti-DNS Pinning and Java Applets with HTTP proxy

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...

Important: Red Hat Security Advisory: java-1.5.0-sun security update

Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having important security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...

CVE-2007-5273

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...

CVE-2007-5273

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...

CVE-2007-5273

CVE-2007-5273 affects Sun JRE/JDK across multiple versions (JDK/JRE 6 Update 2 and earlier; 5.0 Update 12 and earlier; 1.4.2_15 and earlier; 1.3.1_20 and earlier). Root cause described as a multi-pin DNS rebinding issue when using an HTTP proxy: the applet download relies on DNS on the proxy whil...

CVE-2007-3253

Multiple unspecified vulnerabilities in Astaro Security Gateway ASG before 7.005 allow remote attackers to cause a denial of service via 1 certain email, which stops the SMTP Proxy during scanning; 2 certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing...

CVE-2007-3253

Multiple unspecified vulnerabilities in Astaro Security Gateway ASG before 7.005 allow remote attackers to cause a denial of service via 1 certain email, which stops the SMTP Proxy during scanning; 2 certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing...

CVE-2007-3253

The CVE-2007-3253 entry relates to Astaro Security Gateway (ASG) prior to 7.005. The documented issues are three DoS vectors: (1) email path triggering the SMTP Proxy to stop during scanning, (2) HTTP traffic causing the HTTP proxy to stop or slow during responses that include virus-scanned pages...

WmsCMS < = 2.0 Multiple XSS Vulnerabilities

Application: WmsCMS Vendors Url: http://www.web-master.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WmsCMS is a web-based CMS system Google Dork: "Powered by WMS-CMS" Affected...

webstudio-xss.txt

Application: WebStudio CMS Vendors Url: http://www.bdigital.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WebStudio CMS is a web-based CMS system Google Dork: "Powered by...

WebStudio Multiple XSS Vulnerabilities

Application: WebStudio CMS Vendors Url: http://www.bdigital.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WebStudio CMS is a web-based CMS system Google Dork: "Powered by...

3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)

No description provided by source. / Fedora Core 5,6 exec-shield based 3proxy HTTP Proxy 3proxy-0.5.3g.tgz remote overflow root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...