CVE-2005-3668

CVE-2005-3668 is described as multiple buffer overflows in IKEv1 implementations with several attacker vectors that can lead to a denial of service. Connected sources tie this to ipsec-tools racoon (IPsec-tools) in Red Hat/CentOS advisories and Debian/Nessus findings, indicating a remote DoS via ...

Create Windows own ShellCode-exploit warning-the black bar safety net

In order to help beginners to understand the ShellCode to write, and can step by step get your own ShellCode, so the Windows ShellCode writing process for a detailed description, in order to facilitate as I like the rookie, the final to be able to write a simple but a real ShellCode; and further...

Optimistic TCP acknowledgements can cause denial of service

Overview A vulnerability in the TCP congestion control mechanism could be leveraged by an attacker to cause a denial of service. Description The Transmission Control Protocol TCP is described in RFC 793 as a means to provide reliable host-to-host transmission in a packet-switched computer network...

JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection

JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection source: https://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitati...

Invision Gallery 2.0.3 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/15240/info Invision Gallery is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

saPHP Lesson - add.php?forumid SQL Injection

saPHP Lesson - add.php?forumid SQL Injection source: https://www.securityfocus.com/bid/15185/info saphp Lesson is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successf...

saPHP Lesson - 'add.php?forumid' SQL Injection

source: https://www.securityfocus.com/bid/15185/info saphp Lesson is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

Nuked-klaN 1.7 Sections Module - artid SQL Injection

Nuked-klaN 1.7 Sections Module - artid SQL Injection source: https://www.securityfocus.com/bid/15181/info Nuked Klan is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

Mandrake Linux Security Advisory : openssl (MDKSA-2005:179)

Yutaka Oiwa discovered vulnerability potentially affects applications that use the SSL/TLS server implementation provided by OpenSSL. Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various...

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

CVE-2005-2969

The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to u...

CVE-2005-3257

The VT implementation vtioctl.c in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys...

CVE-2005-2969

OpenSSL CVE-2005-2969 enables a protocol-version rollback attack (via SSL_OP_MSIE_SSLV2_RSA_PADDING) that can cause a client and server to negotiate a weaker protocol. Public disclosures in Debian advisories (DSA-875/881/882) show the fix across OpenSSL 0.9.4–0.9.7 lines with upgraded packages (e...

PunBB 1.2.x - 'search.php' SQL Injection

source: https://www.securityfocus.com/bid/15114/info PunBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the applicatio...

Aenovo - '/incs/searchdisplay.asp?strSQL' SQL Injection

source: https://www.securityfocus.com/bid/15036/info Aenovo, aeNovoShop and aeNovoWYSI are prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

CVE-2005-3087

The SecureW2 3.0 TLS implementation uses weak random number generators rand and srand from system time during generation of the pre-master secret PMS, which makes it easier for attackers to guess the secret and decrypt sensitive data...

vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertools.php?ids' SQL Injection

source: https://www.securityfocus.com/bid/14872/info vBulletin is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of...

ATutor 1.5.1 - 'password_reminder.php' SQL Injection

source: https://www.securityfocus.com/bid/14831/info ATutor is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

Land Down Under 800801 - auth.php?m SQL Injection

Land Down Under 800801 - auth.php?m SQL Injection source: https://www.securityfocus.com/bid/14820/info Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

Land Down Under 800801 - plug.php?e SQL Injection

Land Down Under 800801 - plug.php?e SQL Injection source: https://www.securityfocus.com/bid/14820/info Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...