FreeBSD : dovecot-managesieve -- Script Name Directory Traversal Vulnerability (3efc106e-c451-11dd-a721-0030843d3802)

Secunia reports : The security issue is caused due to an input validation error when processing script names. This can be exploited to read or modify arbitrary files having '.sieve' extensions via directory traversal attacks, with the privileges of the attacker's user id. %NASLMINLEVEL 70300 C...

MDaemon Server < 10.0.2 WordClient Script Insertion Vulnerability

MDaemon is prone to a script insertion vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:altn:mdaemon"; ifdescriptio...

U-Mail Webmail &#39;edit.php&#39; Arbitrary File Write Vulnerability

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

umail-filewrite.txt

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

U-Mail Webmail 4.91 (edit.php) Arbitrary File Write Vulnerability

Exploit for unknown platform in category web applications ================================================================= U-Mail Webmail 4.91 edit.php Arbitrary File Write Vulnerability =================================================================...

U-Mail Webmail 4.91 - edit.php Arbitrary File Write

U-Mail Webmail 4.91 - edit.php Arbitrary File Write U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files...

U-Mail Webmail 4.91 - &#039;edit.php&#039; Arbitrary File Write

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

SMB Remote Code Execution Vulnerability (957095)

This host is missing a critical security update according to Microsoft Bulletin MS08-063. OpenVAS Vulnerability Test $Id: secpodms08-063900053.nasl 5344 2017-02-18 17:43:17Z cfi $ Description: SMB Remote Code Execution Vulnerability 957095 Authors: Chandan S Copyright: Copyright C 2008 SecPod,...

Serv-U File Renaming Directory Traversal and 'STOU' DoS Vulnerabilities

The host is running Serv-U FTP Server, which is prone to Directory Traversal and Denial of Service Vulnerabilities. The flaws are due to, - error in handling 'STOU' FTP command. It can exhaust available CPU resources when exploited through a specially crafted argument vaule. - input validation...

IBM Quickr拒绝服务和安全绕过漏洞

BUGTRAQ ID: 31608 CNCAN ID：CNCAN-2008100804 IBM Lotus Quickr是一款团队协作软件，能够帮助访问人员、信息和完成任务所需的项目材料。 IBM Lotus Quickr存在多个安全问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击或绕过部分安全限制。 当把非标准URL参数提交给OpenDocument命令时，存在一个输入验证错误，可导致服务程序崩溃，造成拒绝服务攻击。 第二个问题是place manager存在一个错误可降级或删除一个place超级用户组。 IBM Lotus Quickr 8.0 2 IBM Lotus Quic...

Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (APSB08-15) - Linux

Adobe Reader/Acrobat is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Windows)

This host has Adobe Reader/Acrobat installed, which is/are prone to Remote Code Execution Vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeprdtscodeexecvulnwin.nasl 5370 2017-02-20 15:24:26Z cfi $ Adobe Reader/Acrobat JavaScript Method Handling Vulnerability Windows Authors: Veerendra GG...

VMware Tools Local Privilege Escalation Vulnerability (VMSA-2008-0009) - Windows

VMWare products are prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

pro2col-xss.txt

Pro2col StingRay FTS login username cross site scripting scip AG Vulnerability ID 3809 09/12/2008 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3809 I. INTRODUCTION StingRay FTS is a file transfer server for Internet communications. Customers are able to transfer files or to send emails via the...

FreeBSD Security Advisory (FreeBSD-SA-04:09.kadmind.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-04:09.kadmind.asc ADV FreeBSD-SA-04:09.kadmind.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008...

[scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service

Dreambox DM500 webserver long URL request denial of service scip AG Vulnerability ID 3807 08/29/2008 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3807 I. INTRODUCTION Dreambox is a Linux-based DVB satellite, terrestrial and cable digital television decoder set-top box, produced by German...

F-PROT Antivirus Multiple Vulnerabilities

The remote host is installed with F-PROT Antivirus, which is prone multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: secpodf-protavmultvuln900018.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: F-PROT Antivirus Multiple Vulnerabilities Authors: Chandan S Copyright:...

TWiki 4.2.0 (configure) Remote File Disclosure Vulnerability

No description provided by source. TWiki 4.2.0 File Disclosure Vuln configure "We're brazilian newbies!!! :p" - Th1nk3r Info ---------------------------------------------------------------------------------------------------------------- Classe : Input Validation Error Remote : Yes Local : No Dat...

TWiki 4.2.0 - configure Remote File Disclosure

TWiki 4.2.0 - configure Remote File Disclosure TWiki 4.2.0 File Disclosure Vuln configure "We're brazilian newbies!!! :p" - Th1nk3r Info ---------------------------------------------------------------------------------------------------------------- Classe : Input Validation Error Remote : Yes...

TWiki 4.2.0 (configure) Remote File Disclosure Vulnerability

Exploit for cgi platform in category web applications ============================================================ TWiki 4.2.0 configure Remote File Disclosure Vulnerability ============================================================ TWiki 4.2.0 File Disclosure Vuln configure "We're brazilian...