Mandrake Linux Security Advisory : util-linux (MDKSA-2001:084)

Tarhon-Onu Victor found a problem in /bin/login's PAM implementation. It stored the value of a static pwent buffer across PAM calls, and when used with some PAM modules in non-default configurations ie. using pamlimits, it would overwrite the buffer and cause the user to get the credentials of...

SUSE-SA:2003:039: openssh (second release)

The remote host is missing the patch for the advisory SUSE-SA:2003:039 openssh second release. The openssh package is the most widely used implementation of the secure shell protocol family ssh. It provides a set of network connectivity tools for remote shell login, designed to substitute the...

Land Down Under - BBCode HTML Injection

Land Down Under - BBCode HTML Injection source: https://www.securityfocus.com/bid/10435/info Land Down Under is prone to an HTML injection vulnerability. This issue is exposed through their BBCode implementation. Exploitation could permit theft of cookie credentials, manipulation of content, or...

Land Down Under - BBCode HTML Injection

source: https://www.securityfocus.com/bid/10435/info Land Down Under is prone to an HTML injection vulnerability. This issue is exposed through their BBCode implementation. Exploitation could permit theft of cookie credentials, manipulation of content, or other attacks...

Linux Kernel sctp_setsockopt() Integer Overflow

Product: Linux Kernel Versions: = 2.4.25 Bug: Integer overflow Impact: Attackers may be able to execute arbitrary code with kernel-level privileges. Risk: High Date: May 11, 2004 Author: Shaun Colley Email: shaunige yahoo co uk WWW: http://www.nettwerked.co.uk Introduction The Linux Kernel is the...

Multiple Vendor - TCP Sequence Number Approximation (2)

source: https://www.securityfocus.com/bid/10183/info A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequen...

Cross-realm trust vulnerability in Heimdal

Background Heimdal is a free implementation of Kerberos 5. Description Heimdal does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path. Impact Remote attackers with...

SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/9799/info Multiple vulnerabilities have been identified in the application that may allow an attacker to obtain the private cryptographic key and gain access to sensitive information. The application is also reported prone to an SQL injection vulnerabilit...

Multiple bugs in H.323 implementations

No description provided...

J2EE 1.4 reference implementation: database component allows remote code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Illegalaccess.org security advisory i/12-2003 www.illegalaccess.org J2EE 1.4 reference implementation: database component allows remote code execution Brief ===== Product : J2EE reference implementation java.sun.com/j2ee/download.html Component :...

[Full-Disclosure] STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04 Directory and File Disclosure Vulnerability

STG Security Advisory: SSA-20031025-05 InfronTech WebTide 7.04 Directory and File Disclosure Vulnerability Revision 1.0 Date Published: 2003-10-25 KST Last Update: 2003-10-25 Disclosed by SSR Team [email protected] Abstract ======== InfronTech's J2EE Web Application Server, WebTide, is a...

FreeBSD multiple integer overflows

Few integer overflows in procfs implementation and readv call...

SSL Implementation Vulnerabilities

...

Multiple OpenSSH PAM bugs

Multiple vulnerabilities...

wu-ftpd 2.6.2 off-by-one Remote Root Exploit

Exploit for linux platform in category remote exploits ============================================ wu-ftpd 2.6.2 off-by-one Remote Root Exploit ============================================ / wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz Brute-Force function...

cups DoS

DoS on incomplete header...

OpenBB 1.0/1.1 - 'board.php' SQL Injection

source: https://www.securityfocus.com/bid/7404/info It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequenc...

i cracked restriction of 'zone' in mozilla.

i cracked restriction of 'zone' in mozilla. "that's all" is the end of file if you are in a hurry tested OS:"Windows Server 2003" NETSCAPE Ver String: "Mozilla/5.0 Windows; U; Windows NT 5.2; zh-CN; rv:1.0.1 Gecko/20020823 Netscape/7.0 " downloaded on "2003/3/31 UTC+800" MOZILLA Ver String:...

Syscall implementation could lead to whether or not a file exists

include stdlib.h include unistd.h include stdio.h include sys/types.h include fcntl.h ifndef ONOFOLLOW define ONOFOLLOW 0400000 / don't follow links / endif ifndef OLARGEFILE define OLARGEFILE 0100000 endif int flags = ORDONLY|OEXCL|OSYNC|ONOCTTY|ONOFOLLOW; / taken from scuts format string...

TCP/IP implementations handle unusual flag combinations inconsistently

Overview Various vendors' TCP/IP implementations handle packets containing unusual flag combinations in different ways, which may lead to a violation of implicit or explicit security policies. Description Background on TCP/IP Connection Semantics To establish a TCP connection, a client and server...