Sphera HostingDirector 1.02.03.0 VDS Control Panel - Multiple Cross-Site Scripting Vulnerabilities

Sphera HostingDirector 1.02.03.0 VDS Control Panel - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/7899/info Sphera HostingDirector VDS Control Panel has been reported prone to several cross-site scripting attacks. The vulnerabilities exist due to...

WinMX < 2.6 - Design Error

WinMX Design Error Vendor: Frontcode Technologies Product: WinMX Version: = 2.6 Website: http://www.winmx.com/ BID: 7771 Description: WinMX 2.6 is an older version of the popular file sharing client WinMX. While the current version is 3.31, 2.6 still remains quite popular. Especially amongst user...

Privatefirewall protection bypass

Any scan different from SYN-scan can bypass scanning protection...

Buffer overflows in multiple IMAP clients

There's two common vulnerabilities in IMAP clients written with C and C++: 1. Handling huge literal sizes. Many clients do mallocliteralsize+1 and then read the literal into it. Problem is that if literalsize is UINTMAX-1, the +1 overflows it into malloc0 but server is still allowed to write...

MySQL 3.x4.0.x - Weak Password Encryption

MySQL 3.x4.0.x - Weak Password Encryption // source: https://www.securityfocus.com/bid/7500/info MySQL has been reported to implement a weak password encryption algorithm. It has been reported that the MySQL function used to encrypt MySQL passwords makes just one pass over the password and employ...

PHP-Nuke 6.5 FINAL Cross Site Scripting

Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.phpnuke.org Tested Version : 6.5 FINAL Problem : Cross Site Scripting Exploit : °°°°°°°°° In the website or the email of the profil : - http://" onclick="SCRIPT onclick can be replaced by ondblclick, onhelp, onmouseout,...

CVE-2002-0639

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication ChallengeResponseAuthentication when OpenSSH is using SKEY or BSDAUTH authentication...

Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (3)

source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...

Moderate: Red Hat Security Advisory: : : : Updated file packages fix vulnerability

Updated file packages are available to close a buffer overflow vulnerability. Updated 16 April 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. The file command is used to identify a particular file according to the type of data contained in the file. The file utility...

Physical access to a computer system can be used to bypass software-based access control mechanisms

Overview An intruder who gains physical access to a computer system can bypass software-based control mechanisms. Description If an intruder can gain physical access to a computer resource, he can bypass software-based access control mechanisms, install Trojans horses, install hardware to...

HTTP TRACE / TRACK Methods Allowed

The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. This script was written by Thomas Reinke Improvements re TRACK and RFP reference courtesy of Improvements by rd - httpget to get full HTTP/1.1 support,...

Query: BID 6273: PortailPhp SQL Injection Vulnerability.

Hi, Posting on vuln-dev too since this has a generic PHP-MySQL SQL Injection Vuln question as well. I was working on this vulnerability. I came across the following advisory on SecurityFocus-BugTraq: http://online.securityfocus.com/archive/1/301572 I find that Php's mysqlquery only allows one SQL...

CVE-2002-1254

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."...

CVE-2002-1290

The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the 1 ClipBoardGetText and 2 ClipBoardSetText methods of the INativeServices class...

CVE-2002-1254

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."...

CVE-2002-1254

The vulnerability (CVE-2002-1254) affects Internet Explorer 5.5 and 6.0. Affected component: cross-domain verification via cached methods/objects. Root cause: security model bypass that allows remote attackers to access information on the local system or in other domains, and potentially execute ...

TFTPD32 Directory Traversal Vulnerability

Advisory available at: http://www.securiteam.com/windowsntfocus/6D00D2061G.html TFTPD32 Directory Traversal Vulnerability -------------------------------------------- SUMMARY http://tftpd32.jounin.net TFTPD32 is a Freeware TFTP server for windows 9x/NT/XP. It provides an implementation of the...

CVE-2002-1290

The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the 1 ClipBoardGetText and 2 ClipBoardSetText methods of the INativeServices class...

iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.01.02 Sendmail smrsh bypass vulnerabilities DESCRIPTION It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium’s Restricted Shell SMRSH and execute a binary of his choosing by inserti...

idefense.smrsh.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.01.02 Sendmail smrsh bypass vulnerabilities DESCRIPTION It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium’s Restricted Shell SMRSH and execute a binary of his choosing by inserti...