9133 matches found
Web Wiz Forum 6.34/7.x - 'search.asp' SQL Injection
source: https://www.securityfocus.com/bid/20778/info Web Wiz Forum is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...
Kinesis Interactive Cinema System - 'index.asp' SQL Injection
source: https://www.securityfocus.com/bid/20607/info Kinesis Interactive Cinema System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Debian DSA-1183-1 : kernel-source-2.4.27 - several vulnerabilities
Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4798 A buffer overflow in NFS readlink handling...
openssh43p1DoS.txt
!/bin/bash OpenSSH CRC compensation attack detection DoS PoC. Tavis Ormandy Yes, I really did implement crc-32 in bash. usage: script victim hostname hostname=$1:-localhost port=$2:-22 where the fifo is created to communicate with netcat fifo=/tmp/nc.$$ make the fifos mkfifo $fifo.in mkfifo...
Yener Haber Script 1.0/2.0 - SQL Injection
source: https://www.securityfocus.com/bid/20333/info Yener Haber Script is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromis...
Yener Haber Script 1.02.0 - SQL Injection
Yener Haber Script 1.02.0 - SQL Injection source: https://www.securityfocus.com/bid/20333/info Yener Haber Script is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful...
OlateDownload 3.4 - search.php?query SQL Injection
OlateDownload 3.4 - search.php?query SQL Injection source: https://www.securityfocus.com/bid/20278/info OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...
[SECURITY] [DSA 1184-1] New Linux 2.6.8 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1184-1 [email protected] http://www.debian.org/security/ Dann Frazier September 25th, 2006 http://www.debian.org/security/faq -...
DSA-1184-2 kernel-source-2.6.8 - several vulnerabilities
Bulletin has no description...
DSA-1183-1 kernel-source-2.4.27 - several vulnerabilities
Bulletin has no description...
ECardPro 2.0 - search.asp SQL Injection
ECardPro 2.0 - search.asp SQL Injection source: https://www.securityfocus.com/bid/20080/info ECardPro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting
PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting source: https://www.securityfocus.com/bid/20061/info PHP-Post is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting, SQL-injection, and remote file-include issues, because the application...
Jupiter CMS 1.1.41.1.5 - galleryuploadfunction.php Arbitrary File Upload
Jupiter CMS 1.1.41.1.5 - galleryuploadfunction.php Arbitrary File Upload source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the applicatio...
RSA Signature Forgery — Mozilla
Philip Mackenzie and Marius Schilder of Google informed us of Daniel Bleichenbacher's recent presentation of a common implementation error in RSA signature verification, a failure to account for extra data in the signature. For signatures with a small exponent such as 3 it is possible for an...
Multiple RSA implementations fail to properly handle signatures
Overview Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Description RSA signatures are used to authenticate the source of a message. To prevent RSA signatures from being forged, messages are padded with data t...
Autentificator 2.01 - 'Aut_Verifica.Inc.php' SQL Injection
source: https://www.securityfocus.com/bid/19813/info Autentificator is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access...
kernel security update
CentOS Errata and Security Advisory CESA-2006:0575 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...
RHEL 4 : kernel (RHSA-2006:0575)
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system...
Sending multipart/form-data requests from Flash (with arbitrary headers)
Hello lists, In my original "Forging HTTP request headers with Flash" paper http://www.securityfocus.com/archive/1/441014, I mentioned forcing multipart/form-data input format to ensure that Flash's LoadVars isn't used to forge the request. However, there's a work-around for the attacker - using...
CVE-2006-4023
CVE-2006-4023 : The issue concerns the ip2long function in PHP 5.1.4 and earlier, which may incorrectly validate an arbitrary string and return a valid network IP address. This can enable remote attackers to obtain network information and facilitate other attacks, as demonstrated via SQL injectio...