Simple Document Management System 2.0 - list.php?folder_id SQL Injection

Simple Document Management System 2.0 - list.php?folderid SQL Injection source: https://www.securityfocus.com/bid/15596/info Simple Document Management System SDMS is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

Zainu 2.0 - SQL Injection

source: https://www.securityfocus.com/bid/15579/info Zainu is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

PHP Labs Survey Wizard - SQL Injection

PHP Labs Survey Wizard - SQL Injection source: https://www.securityfocus.com/bid/15551/info PHP Labs Survey Wizard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

PHP-Fusion 4.05.06.0 - options.php? viewforum.php SQL Injection

PHP-Fusion 4.05.06.0 - options.php? viewforum.php SQL Injection source: https://www.securityfocus.com/bid/15502/info PHP-Fusion is prone to SQL injection vulnerabilities in multiple PHP scripts. These issues are due to a failure in the application to properly sanitize user-supplied input before...

CVE-2005-3668

CVE-2005-3668 is described as multiple buffer overflows in IKEv1 implementations with several attacker vectors that can lead to a denial of service. Connected sources tie this to ipsec-tools racoon (IPsec-tools) in Red Hat/CentOS advisories and Debian/Nessus findings, indicating a remote DoS via ...

CVE-2005-3673

CVE-2005-3673 relates to an IKEv1 DoS in Check Point products via crafted IKEv1 packets. Connected sources show a broader set of IKEv1 issues (CVE-2005-3666/3667/3668) with remote denial-of-service effects in multiple implementations (notably ipsec-tools’ racoon). The Proton/PROTOS test suite is ...

Create Windows own ShellCode-exploit warning-the black bar safety net

In order to help beginners to understand the ShellCode to write, and can step by step get your own ShellCode, so the Windows ShellCode writing process for a detailed description, in order to facilitate as I like the rookie, the final to be able to write a simple but a real ShellCode; and further...

Optimistic TCP acknowledgements can cause denial of service

Overview A vulnerability in the TCP congestion control mechanism could be leveraged by an attacker to cause a denial of service. Description The Transmission Control Protocol TCP is described in RFC 793 as a means to provide reliable host-to-host transmission in a packet-switched computer network...

JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection

JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection source: https://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitati...

Invision Gallery 2.0.3 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/15240/info Invision Gallery is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

saPHP Lesson - add.php?forumid SQL Injection

saPHP Lesson - add.php?forumid SQL Injection source: https://www.securityfocus.com/bid/15185/info saphp Lesson is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successf...

saPHP Lesson - 'add.php?forumid' SQL Injection

source: https://www.securityfocus.com/bid/15185/info saphp Lesson is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

Nuked-klaN 1.7 Sections Module - artid SQL Injection

Nuked-klaN 1.7 Sections Module - artid SQL Injection source: https://www.securityfocus.com/bid/15181/info Nuked Klan is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

Mandrake Linux Security Advisory : openssl (MDKSA-2005:179)

Yutaka Oiwa discovered vulnerability potentially affects applications that use the SSL/TLS server implementation provided by OpenSSL. Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various...

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

CVE-2005-3257

The VT implementation vtioctl.c in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys...

CVE-2005-2969

OpenSSL CVE-2005-2969 enables a protocol-version rollback attack (via SSL_OP_MSIE_SSLV2_RSA_PADDING) that can cause a client and server to negotiate a weaker protocol. Public disclosures in Debian advisories (DSA-875/881/882) show the fix across OpenSSL 0.9.4–0.9.7 lines with upgraded packages (e...

PunBB 1.2.x - 'search.php' SQL Injection

source: https://www.securityfocus.com/bid/15114/info PunBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the applicatio...

Aenovo - '/incs/searchdisplay.asp?strSQL' SQL Injection

source: https://www.securityfocus.com/bid/15036/info Aenovo, aeNovoShop and aeNovoWYSI are prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...