IBM WebSphere Application Server 7.0 < Fix Pack 15 Multiple Vulnerabilities

IBM WebSphere Application Server 7.0 before Fix Pack 15 appears to be running on the remote host. As such, it is reportedly affected by the following vulnerabilities : - A double free error in BBOOORBR control block could trigger a denial of service condition. PM17170 - A cross-site scripting...

CVE-2011-1311

The Security component in IBM WebSphere Application Server WAS before 7.0.0.15, when a J2EE 1.4 application is used, determines the security role mapping on the basis of the ibm-application-bnd.xml file instead of the intended ibm-application-bnd.xmi file, which might allow remote authenticated...

Mozilla Foundation Security Advisory 2011-04

Mozilla Foundation Security Advisory 2011-04 Title: Buffer overflow in JavaScript upvarMap Impact: Critical Announced: March 1, 2011 Reporter: Christian Holler Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.14 Firefox 3.5.17 SeaMonkey 2.0.12 Description Security researcher Christian Holler...

Buffer overflow in JavaScript upvarMap — Mozilla

Security researcher Christian Holler reported that the JavaScript engine's internal memory mapping of non-local JS variables contained a buffer overflow which could potentially be used by an attacker to run arbitrary code on a victim's computer...

DHS: $40m To Research Next Big Thing in Cyber Security

The U.S. Department of Homeland Security issued a call for proposals this week in a $40m program to encourage research and development in a wide range of topics related to cyber security: from designing more resilient software, to alternatives to passwords and CAPTCHA technology to prevent...

DEBIAN-CVE-2010-4255

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

xen: 64-bit PV xen guest can crash host by accessing hypervisor per-domain memory area

The fixuppagefault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handlegdtldtmappingfault function, which allows guest OS users to cause a denial of service host OS BUGON via a...

The Blackbuntu Community Edition Download !

The Blackbuntu Community Edition is a Linux Live-CD based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security. Another tool for penetration testers collection that could be considered as a competition for Pentoo. It supports the...

CVE-2010-4114

Cross-site scripting XSS vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4114

Cross-site scripting XSS vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

HP Discovery &amp; Dependency Mapping Inventory

No description provided...

nat-pmp-info NSE Script

Gets the routers WAN IP using the NAT Port Mapping Protocol NAT-PMP. The NAT-PMP protocol is supported by a broad range of routers including: Apple AirPort Express Apple AirPort Extreme Apple Time Capsule DD-WRT OpenWrt v8.09 or higher, with MiniUPnP daemon pfSense v2.0 Tarifa firmware Linksys...

Fedora Update for mapserver FEDORA-2010-12266

Check for the Version of mapserver OpenVAS Vulnerability Test Fedora Update for mapserver FEDORA-2010-12266 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Linux Kernel &lt; 2.6.36-rc1 (Ubuntu 10.04 / 2.6.32) - &#039;CAN BCM&#039; Local Privilege Escalation

/ i-CAN-haz-MODHARDEN.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 Ben Hawkes discovered an integer overflow in the Controller Area Network CAN subsystem when setting up frame content and filtering certain messages. An attacker...

DSA-2079-1 mapserver - arbitrary code execution

Bulletin has no description...

MapServer Detection

The remote web server hosts MapServer, an open source platform for publishing spatial data and interactive mapping applications to the web. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid47860; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate",...

Mozilla Firefox字符映射错误显示漏洞

BUGTRAQ ID: 41866 CVE ID: CVE-2010-1210 Firefox是一款流行的开源WEB浏览器。 一些8位编码包含有未定义的位置，映射到了U+FFFD。在显示的时候，可能不会显示紧随之后的字符。例如，windows-1253中的 '\xD1', '\xD2', '\xD3', 'xD4'序列应为U+3A1, U+FFFD, U+3A3, U+3A4（也就是字符串ΡΣΤ），但实际结果为U+3A1, U+FFFD, U+3A4，缺少了U+3A3字符（也就是ΡΤ字符串，缺少Σ）。 在某些站点上这可能导致跨站脚本问题，因为服务器上过滤掉了某些应显示的字符。 Mozil...

TP1/Message Control Denial of Service (DoS) Vulnerability

Overview The port used by TP1/Message Control's mapping service has a vulnerability where the port is forced to keep collecting debug information when it receives a maliciously-crafted message, which in turn causes the depletion of the disk resource and leads to a denial of service DoS condition...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix multiple security issues, several bugs, and add three enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...