514 matches found
Code injection
Unspecified vulnerability on HP ProLiant DL and ML 100 Series G5, G5p, and G6 servers with ProLiant Onboard Administrator Powered by LO100i formerly Lights Out 100 3.07 and earlier allows remote attackers to cause a denial of service via unknown vectors...
CVE-2009-1426
CVE-2009-1426 affects HP ProLiant DL/ML 100 Series G5, G5p and G6 servers with ProLiant Onboard Administrator Powered by LO100i (Lights Out 100) 3.07 and earlier. The vulnerability allows remote attackers to cause a denial of service via unknown vectors. No root cause, exploit details, or remedia...
AIX 520010 : U815057
The remote host is missing AIX PTF U815057 which is related to the security of the package bos.rte.libc You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...
AIX 530006 : U814218
The remote host is missing AIX PTF U814218 which is related to the security of the package bos.altdiskinstall.bootimages You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...
iSupport v1.8 Local file include vulnerability
iSupport v1.8 Local file Inclusion Vuln found by JuMp-Er http://www.ahc-security.org Script Name : iSupport version : 1.8 Vendor Site : http://www.idevspot.com/iSupport.php Exploit : http://www.site.com/iSupport/index.php?includefile=local file 3 StRoNiX, mawena, ML, n0th1ng...
AIX 610000 : U813961
The remote host is missing AIX PTF U813961 which is related to the security of the package bos.sysmgt.sysbr You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...
win32 download and execute 124 bytes
Exploit for win32 platform in category shellcode ==================================== win32 download and execute 124 bytes ==================================== ; ; relocateable dynamic runtime assembly code example using hash lookup for IE exploits only ; the URLMON.DLL must already be loaded int...
Unfixed XSS vulnerability at ml-st.com
Security researcher MaXWeL, has submitted on 17/03/2007 a cross-site-scripting XSS vulnerability affecting ml-st.com, which at the time of submission ranked 129043 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 17/03/2007. It is currently...
security flaw
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the 1 adminpw or 2 info parameters to the ml-name feature...
security flaw
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the 1 adminpw or 2 info parameters to the ml-name feature...
CVE-2001-1177
ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2001-1177
CVE-2001-1177 affects the Samsung ML-85G GDI printer driver prior to version 0.2.0. The vulnerability arises from a symlink attack on temporary files, allowing a local attacker to overwrite arbitrary files. The impact is described as a local/privilege-bypass style risk with complete confidentiali...
Проблема символьных линков в драйвере Samsung ML-85G (symbolic link)
При создании временного файла используется метка времени...
ml85p - driver for Samsung ML-85G and /tmp
ml85p - driver for Samsung ML-85G GDI printers seems to use /tmp unsecurely. it seems to use the time function to determine the /tmp files name. root@linux exp strings /usr/bin/ml85p | grep tmp /tmp/ml85gd 401070dd iopl0x3 = 0 400cf2bd timeNULL = 994462668 40100cbf brk0 = 0x8064544 40100cbf...