Lucene search
K

4576 matches found

securityvulns
securityvulns
added 2006/10/02 12:0 a.m.50 views

migrationtools symbolic links problem

Symbolic links problem on temporary files creation...

1.4AI score
Exploits0References1
OSV
OSV
added 2006/09/30 12:0 a.m.21 views

DSA-1187-1 migrationtools

Bulletin has no description...

2.1CVSS6.2AI score0.00341EPSS
Exploits0
Saint
Saint
added 2006/05/11 12:0 a.m.34 views

AWStats migrate parameter command injection

Added: 05/11/2006 CVE: CVE-2006-2237 BID: 17844 OSVDB: 25284 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem AWStats uses the value of the migrate input parameter in a PERL open call without sufficient checks for invalid characters, allowing remot...

5.1CVSS6.6AI score0.58356EPSS
Exploits10
exploitpack
exploitpack
added 2006/05/06 12:0 a.m.17 views

AWStats 6.5 - migrate Remote Shell Command Injection

AWStats 6.5 - migrate Remote Shell Command Injection !/usr/bin/env python http://secunia.com/advisories/19969/ by [email protected] May 5, 2006 - HAPPY CINCO DE MAYO HAPPY BIRTHDAY DAD private plz redsand@jinxy / $ nc -l -p 31337 -v listening on any 31337 ... connect to 65.99.197.147 from...

0.5AI score
Exploits0
Cvelist
Cvelist
added 2006/04/01 2:0 a.m.29 views

CVE-2005-4759

BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migration across operating system platforms, do not warn the administrative user about platform differences in URLResource case sensitivity, which might cause local users to inadvertently lose protection of Web Application pages...

6.3AI score0.01066EPSS
Exploits0References3
CVE
CVE
added 2006/04/01 2:0 a.m.47 views

CVE-2005-4759

CVE-2005-4759 affects BEA WebLogic Server and WebLogic Express 8.1 and 7.0. During OS platform migrations, it does not warn the admin about URLResource case-sensitivity differences, which may cause local users to inadvertently lose protection of Web Application pages. The NVD metrics show a base ...

5CVSS6.7AI score0.01066EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2006/02/02 11:2 a.m.3 views

DEBIAN-CVE-2006-0512

PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by 1 migrateallonline.sh, 2 migratealloffline.sh, 3 migrateallnetinfoonline.sh, 4 migrateallnetinfooffline.s...

2.1CVSS6.7AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2005/12/31 5:0 a.m.23 views

CVE-2005-4759

BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migration across operating system platforms, do not warn the administrative user about platform differences in URLResource case sensitivity, which might cause local users to inadvertently lose protection of Web Application pages...

5CVSS6.3AI score0.01066EPSS
Exploits0References3
OSV
OSV
added 2005/12/31 5:0 a.m.3 views

DEBIAN-CVE-2005-4683

PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are not properly managed by 1 migrateallonline.sh, 2 migratealloffline.sh, 3 migrateallnetinfoonline.sh...

2.1CVSS6.7AI score0.00374EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/09/12 12:0 a.m.29 views

Fedora Core 3 : mailman-2.1.5-32.fc3 (2005-242)

A cross-site scripting XSS flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2004-1177 to this issue. Users of mailman should upda...

4.3CVSS5.3AI score0.01782EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/06/15 12:0 a.m.54 views

Microsoft Security Bulletin MS05-029 Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)

Microsoft Security Bulletin MS05-029 Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks 895179 Issued: June 14, 2005 Version: 1.0 Summary Who should read this document: System administrators who have servers that are running Outlook Web Access for...

4.3CVSS0.14217EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/01/11 12:0 a.m.29 views

poppassd_pam: Unauthorized password changing

Background poppassdpam is a PAM-enabled server for changing system passwords that can be used to change POP server passwords. Description Gentoo Linux developer Marcus Hanwell discovered that poppassdpam did not check that the old password was valid before changing passwords. Our investigation...

10CVSS6.5AI score0.02444EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.94 views

Debian DSA-086-1 : ssh-nonfree - remote root exploit

We have received reports that the 'SSH CRC-32 compensation attack detector vulnerability' is being actively exploited. This is the same integer type error previously corrected for OpenSSH in DSA-027-1. OpenSSH the Debian ssh package was fixed at that time, but ssh-nonfree and ssh-socks were not...

10CVSS7.6AI score0.32416EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.44 views

AWStats < 6.6 migrate Variable Command Execution

Binary data 3536.prm...

5.1CVSS7.3AI score0.58356EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.15 views

IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities

Binary data 5077.prm...

10CVSS7.3AI score0.04254EPSS
Exploits1References9
securityvulns
securityvulns
added 2004/05/06 12:0 a.m.22 views

Multiple vulnerabilities in P4DB

Product: P4DB URL: http://www.mydata.se/ftp/P4DB/ Version: P4DB v2.01 and earlier Risk: Multiple vunlerabilities high Description: P4DB is a CGI based tool that provides a web-based interface to Perforce source code repositories. It is third-party software, developed by an individual and...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/07/24 12:0 a.m.963 views

[SEC] Hole in PHPLib 7.2 prepend.php3

The PHPLib Team announces phplib-7.2d, availible now. This release fixes the recently discovered hole in prepend.php3 that can allow a remote attacker to inject non-local code into any phplib based script. Please note that this affects all applications that depend on PHPLib. Some apps have decide...

0.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.101 views

Update Rollup 7 for System Center 2016 Virtual Machine Manager

None None...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.68 views

Update Rollup 2 for System Center 2019 Virtual Machine Manager

None None...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.20 views

Update Rollup 10 for System Center 2016 Virtual Machine Manager

None None...

5.8AI score
Exploits0
Rows per page
Query Builder