CVE-2005-4524

Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak...

CVE-2005-4524

Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak...

CVE-2005-4192

Multiple cross-site scripting XSS vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 the notepad's name or 2 description, when creating a new notepad...

CVE-2005-4192

Multiple cross-site scripting XSS vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 the notepad's name or 2 description, when creating a new notepad...

CVE-2005-4192

Multiple cross-site scripting XSS vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 the notepad's name or 2 description, when creating a new notepad...

CVE-2005-4192

CVE-2005-4192 affects Horde Mnemo Note Manager H3 prior to 2.0.3. The vulnerability is a cross-site scripting (XSS) flaw in templates/notepads/notepads.inc, allowing remote authenticated users to inject arbitrary script or HTML via the notepad name or description when creating a new notepad. Impa...

The latest hacking techniques: the XSS cross-site scripting attack detailed description-vulnerability warning-the black bar safety net

General description A simple description of what isXSSattack How to findXSSvulnerability ForXSSattack the General idea From internal attacks: How to find the internalXSSvulnerability How to construct attack How to use The junction of any instances of attacks, such as DVBBS&BBSXP From external...

Blog System v1.2 SQL inj. vuln.

Blog System v1.2 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html vendor:http://www.netartmedia.net/blogsystem/ affected version:v1.2 and prior Product Description: Blog System allows you to launch and...

US-CERT Technical Cyber Security Alert TA05-292A -- Oracle Products Contain Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-292A Oracle Products Contain Multiple Vulnerabilities Original release date: October 19, 2005 Last revised: -- Source: US-CERT Systems Affected Oracle Database Server 10g Oracle9i Databas...

HSQLDB Server Detection

The remote host is running HSQLDB, an open source database written in Java, and its database engine is listening on TCP port 9001 for network server database connections using JDBC. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid20065; scriptversion"1.16";...

Fedora Core 4 : kernel-2.6.12-1.1447_FC4 (2005-820)

Fri Aug 26 2005 Dave Jones 2.6.12-1.1447FC4 - Better identify local builds. 159696 - Fix disk/net dump & netconsole. 152586 - Fix up sleeping in invalid context in sym2 driver. 164995 - Fix 'semaphore is not ready' error in snd-intel8x0m. - Restore hwclock functionality on some systems. 144894 -...

CVE-2005-1320

Cross-site scripting XSS vulnerability in Horde Mnemo Note Manager before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...

CVE-2005-1320

CVE-2005-1320 affects Horde Mnemo Note Manager prior to 1.1.4. It is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the parent frame page title. Exploitation details are limited to this vector in the provided documents; there is ...

CVE-2005-1320

Cross-site scripting XSS vulnerability in Horde Mnemo Note Manager before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...

Download Center Lite (DCL) - Arbitrary File Inclusion (VXSfx)

-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: Download Center Lite DCL Version: = 1.5 free/commercial Homepage: http://www.stadtaus.com/ Author: Filip Groszynski VXSfx Date: 4 March 2005 -- == -- == -- == -- == -- == -- == -- == -- == -- == -- Vulnerable code in...

Fedora Core 1 : mailman-2.1.5-6 (2004-167)

Fixes security issue CVE-2004-0412 noted in bug https://bugzilla.redhat.com/bugzilla/showbug.cgi?id=123559 Mailman subscriber passwords could be retrieved by a remote attacker. Security hole is fixed in mailman-2.1.5 Important Installation Note: Some users have reported problems with bad queue...

[Full-Disclosure] IRIX Update Some Network Drivers May Leak Data

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : Some Network Drivers May Leak Data Number : 20030601-01-I Date : April 2, 2004 Reference: CERT Vulnerability Note VU412115 Reference: CVE CAN-2003-0001 Reference: SGI BUG 878043 SGI provides this information freely to the SGI user...

WebDAV Detection

WebDAV is an industry standard extension to the HTTP specification. It adds a capability for authorized users to remotely add and manage the content of a web server. If you do not use this extension, you should disable it. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...

Multiple vendor ypxfrd map handling vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: ypxfrd Version: read the details CERT vulnerability note: http://www.kb.cert.org/vuls/id/538033 Author: Janusz Niewiadomski [email protected] Date: October 10, 2002 Issue: ====== Improper arguments validation in ypxfrd may allow local attacker to...

CVE-2002-0735

Format string vulnerability in the logging function in C-Note Squid LDAP authentication module squidauthLDAP 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages...