CVE-2008-3349

CVE-2008-3349 concerns multiple unspecified vulnerabilities in NetApp Data ONTAP (used on NetApp and IBM eServer platforms) that allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably due to insufficient access con...

RHEL 2.1 / 3 : ruby (RHSA-2008:0562)

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2008:0562-01 Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted...

Alt-N Technologies SecurityGateway Username Buffer Overflow (CVE-2008-4193)

The Alt-N Technologies SecurityGateway offers email security with a spam filter that serves as an Exchange or SMTP firewall. A stack-based buffer overflow vulnerability was reported in Alt-N Technologies SecurityGateway. The vulnerability is due to a boundary error in the SecurityGateway that fai...

The use of IIS maximum number of connections to test site bandwidth-vulnerability warning-the black bar safety net

This program only as technical exchanges, not for illegal purposes! Recently bought a space to play, you do not laugh, is the entry level of the virtual host, coupling is poor?, the various parameters are quite low, particularly IIS the number of connections, only 1 0 0, that is, at the same time...

Code injection

Sun Java Active Server Pages ASP Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications...

CVE-2008-2405

Sun Java Active Server Pages ASP Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications...

CVE-2008-2405

Sun Java Active Server Pages ASP Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications...

Code injection

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Interchange vulnerability CVE-2008-2423 affects Interchange prior to 5.6.0 and prior to 5.5.2, allowing remote DoS via crafted HTTP requests. Root cause not detailed in the provided documents. Impact is denial of service; no exploitation status is stated. Remediation indicated by the references i...

mantis -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Mantis, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks. Input passed to the "filtertarget" parameter in returndynamicfilters.ph...

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the popular SWF file format, which is commonly used to provide interactive websites, digital experiences and mobile content. Description Multiple vulnerabilities have been discovered in Adobe Flash: Secunia Research and Zero Day Initiative...

CVE-2008-1854

Unspecified vulnerability in SmarterMail Web Server SMWebSvr.exe in SmarterMail 5.0.2999 allows remote attackers to cause a denial of service service termination via a long HTTP 1 GET, 2 HEAD, 3 PUT, 4 POST, or 5 TRACE request. NOTE: the provenance of this information is unknown; the details are...

CVE-2008-1854

The CVE-2008-1854 entry applies to SmarterMail Web Server (SMWebSvr.exe) in SmarterMail version 5.0.2999, where a denial-of-service (service termination) can be triggered by processing excessively long HTTP requests of several methods (GET, HEAD, PUT, POST, TRACE). The available connected documen...

Memory corruption

WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service memory corruption and daemon crash or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are obtained from third...

CVE-2008-1690

CVE-2008-1690 affects WebContainer.exe version 1.0.0.336 and earlier bundled with SLMail Pro 6.3.1.0 and earlier. The issue allows remote attackers to trigger a denial of service (memory corruption and daemon crash) and potentially execute arbitrary code by sending a long URI in HTTP requests to ...

SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service

SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service source: https://www.securityfocus.com/bid/28610/info SmarterTools SmarterMail is prone to a denial-of-service vulnerability when handling specially crafted HTTP GET, HEAD, PUT, POST, and TRACE requests. When the server...