Apache Tomcat (webdav) Remote File Disclosure Exploit

No description provided by source. !/usr/bin/perl Apache Tomcat Remote File Disclosure Zeroday Xploit kcdarookie aka eliteb0y / 2007 thanx to the whole team & andi : +++KEEP PRIV8+++ This Bug may reside in different WebDav implementations, Warp your mind! +You will need auth for the exploit to...

Borland InterBase Services Manager Information

This module retrieves version of the services manager, version and implementation of the InterBase server from InterBase Services Manager. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Borlan...

eGov Content Manager Cross Site Scripting Vulrnability

HSC eGov Content Manager Cross Site Scripting Vulrnability The eGov Manager was designed to simplify the efforts of government staffers who are responsible for posting public documents, news updates, events, managing staff directories and online services. This issue is due to a failure in the...

Dibbler DHCPv6 server/client implementation multiple seucrity vulnerabilities

Reading behined allocated memory, NULL pointer dereferences, etc...

Moderate: Red Hat Security Advisory: xorg-x11 security update

Updated X.org packages that correct a flaw in X.Org's composite extension are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provid...

CVE-2007-0004

The CVE-2007-0004 entry concerns the Linux kernel NFS client (RHEL 3). When an NFS filesystem is mounted with noacl, the open system call permissions are checked using vfs_permission (mode bits) data instead of an NFS ACCESS query to the server. This can allow local client processes to receive a ...

cyrus security update

CentOS Errata and Security Advisory CESA-2007:0878 Updated cyrus-sasl packages that correct a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The cyrus-sasl package contains the...

Important: krb5 security update

1.5-28 - add preliminary patch to fix buffer overflow in rpcsecgss implementation in libgssrpc 250973, CVE-2007-3999 and write through uninitialized pointer in kadmind 250976, CVE-2007-4000...

CVE-2007-4616

The CVE-2007-4616 entry concerns the SSL server implementation in BEA WebLogic Server (versions ranging from 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP1, and 10.0). The issue is that the server may select the null cipher when no other cipher is compatible with the c...

Sniffit sniff of installation and use description(linux)-bug warning-the black bar safety net

Sniffit is by the Lawrence Berkeley Laboratory developed, can be in Linux, Solaris, SGI, etc. a variety of platforms running the network Network monitoring software, it is mainly for the TCP/IP Protocol insecurity for running the Protocol of the machine is listening-and, of course, the packet mus...

CVE-2007-4381

Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.214 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself...

counterpath-dos.txt

Title ===== CounterPath X-Lite SIP phone Remote Denial of Service vulnerability Date ==== 10 August 2007 Affected Software ================= X-Lite versions 3.x tested on 3.0 34025 Maybe eyeBeam also ; Overview ======== X-Lite by CounterPath Solutions, Inc. is a free and wild used SIP based...

RHEL 2.1 / 3 / 4 / 5 : bind (RHSA-2007:0740)

Updated bind packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. A flaw was found in the way...

ASA-2007-017: Remote Crash Vulnerability in STUN implementation

Asterisk Project Security Advisory - ASA-2007-017 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Remote Crash Vulnerability in STUN implementation |...

Asterisk VoIP server multiple security vulnerabilities

Buffer overflow and DoS on IAX2 implementation, DoS in Skinny and STUN implementation...

CVE-2007-3825

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA formerly Computer Associates Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allo...

Stack overflow

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA formerly Computer Associates Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allo...

CVE-2007-3825

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA formerly Computer Associates Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allo...

CVE-2007-3765

The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...

Code injection

The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...