Fedora Core 10 FEDORA-2009-0943 (dia)

The remote host is missing an update to dia announced via advisory FEDORA-2009-0943. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Ubuntu USN-715-1 (linux)

The remote host is missing an update to linux announced via advisory USN-715-1. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use...

Fedora Core 9 FEDORA-2009-1057 (dia)

The remote host is missing an update to dia announced via advisory FEDORA-2009-1057. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Drupal Imagefield Upload / Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Drupal Imagefield Module Multiple Vulnerabilities Security Risk: High Exploitable: Remotely Vulnerabilities: Arbitrary File Upload, Cross Site Scripting Discovered by: Justin C. Klein Keane, Andrew Rosborough Tested: Imagefield 5.x-2.2 on Drupal 5.15...

Directory traversal

Multiple directory traversal vulnerabilities in NavBoard 16 2.6.0 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to 1 adminmodules.php and 2 modules.php...

CVE-2008-3866

The Trend Micro Personal Firewall service aka TmPfw.exe in Trend Micro Network Security Component NSC modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which...

FreeBSD -- netgraph / bluetooth privilege escalation

Problem Description: Some function pointers for netgraph and bluetooth sockets are not properly initialized. Impact: A local user can cause the FreeBSD kernel to execute arbitrary code. This could be used by an attacker directly; or it could be used to gain root privilege or to escape from a jail...

Remote file inclusion

PHP remote file inclusion vulnerability in modules/modmainmenu.php in MosXML 1 Alpha allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

DSA-1667-1 python2.4 - several vulnerabilities

Bulletin has no description...

WebLogic simple catch the chicken law-vulnerability and early warning-the black bar safety net

This article has been published in the hacker X-Files for 2 0 0 8 year 1 1 issue of the magazine on After the author published on the blog, such as reproduced please retain this information! Tomcat is estimated to many people to bring a N meaty chicken server, directly scan weak passwords, into t...

CVE-2008-5032

Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, bu...

e-Vision CMS 2.0.2 - Multiple Local File Inclusions

e-Vision CMS 2.0.2 - Multiple Local File Inclusions starting; $exploit-i...

USN-662-2: Ubuntu kernel modules vulnerability

USN-662-1 fixed vulnerabilities in ndiswrapper in Ubuntu 8.10. This update provides the corresponding updates for Ubuntu 8.04 and 7.10. Original advisory details: Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. For a system using ndiswrapper, a physically near-by...

ftp-anon NSE Script

Checks if an FTP server allows anonymous logins. If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files. See also: ftp-brute.nse Script Arguments ftp-anon.maxlist The maximum number of files to return in the directory listing. By default it is 20, o...

CVE-2008-4793

The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules...

CVE-2008-4793

The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules...

FreeBSD : drupal -- multiple vulnerabilities (12efc567-9879-11dd-a5e7-0030843d3802)

The Drupal Project reports : A logic error in the core upload module validation allowed unprivileged users to attach files to content. Users can view files attached to content which they do not otherwise have access to. If the core upload module is not enabled, your site will not be affected. A...

Design/Logic Flaw

Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the 1 ys-apps/portage, 2 net-mail/fetchmail, 3 app-editors/le...

WebBiscuits Modules Controller <= 1.1 (RFI/RFD) Remote Vulnerabilities

No description provided by source. | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | WebBiscuits Modules Controller = 1.1 RFI/RFD Multiple Remote Vulnerabilities Script : http://webbiscuits.com/download/all11.zip I- Remote File...

webbiscuits-rfirfd.txt

| | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | WebBiscuits Modules Controller = 1.1 RFI/RFD Multiple Remote Vulnerabilities Script : http://webbiscuits.com/download/all11.zip I- Remote File Inclusion Vulnerability...