Lucene search
+L

1275 matches found

Tenable Nessus
Tenable Nessus
added 2007/04/19 12:0 a.m.24 views

Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2007:084)

The ipsec-tools package prior to version 0.6.7 allows remote attackers to cause a Denial of Service tunnel crash via crafted DELTE and NOTIFY messages. Updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

4.3CVSS5.4AI score0.02851EPSS
Exploits0References1
NVD
NVD
added 2007/04/10 10:19 p.m.17 views

CVE-2007-1841

The isakmpinforecv function in src/racoon/isakmpinf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service tunnel crash via crafted 1 DELETE ISAKMPNPTYPED and 2 NOTIFY ISAKMPNPTYPEN messages...

4.3CVSS6.3AI score0.02851EPSS
Exploits0References20
seebug.org
seebug.org
added 2006/11/09 12:0 a.m.21 views

HP OpenView客户端配置管理器远程执行代码和拒绝服务漏洞

HP OpenView客户端配置管理器(CCM)是一套简单易用的软件和HP硬件管理解决方案。 HP OpenView CCM的Radia Notify守护程序radexecd.exe存在安全漏洞,远程攻击者可能利用此漏洞执行任意指令。 这个守护程序默认绑定在TCP 3465端口上,接收以下格式的数据: port\x00username\x00password\x00command...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/15 12:0 a.m.34 views

GnuPG 1.x - Detached Signature Verification Bypass

source: https://www.securityfocus.com/bid/16663/info GnuPG is affected by a detached signature verification-bypass vulnerability because it fails to properly notify scripts that an invalid detached signature was presented and that the verification process has failed. Exploiting this issue allows...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/01/22 12:0 a.m.33 views

cubecartXSS.txt

CubeCart 3.0.7-pl1 multiple variable Cross site scripting Vendor url: www.cubecart.com bug report:http://bugs.cubecart.com/?do=details&id=459 Advisore:http://lostmon.blogspot.com/2006/01/ cubecart-307-pl1-indexphp-multiple.html. vendor notify:yes exploit avalable: yes I recomended to all vendors ...

7.4AI score
Exploits0
Debian
Debian
added 2006/01/10 3:24 a.m.60 views

[SECURITY] [DSA 933-1] New hylafax packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 933-1 [email protected] http://www.debian.org/security/ Michael Stone January 9, 2006 http://www.debian.org/security/faq -...

7.5CVSS0.7AI score0.1265EPSS
Exploits1
securityvulns
securityvulns
added 2006/01/07 12:0 a.m.50 views

HylaFAX Security advisory - fixed in HylaFAX 4.2.4

I'm passing this on for Patrice Fournier who is not around today. ------------------------------------------------------------------------------ HylaFAX security advisory 4 Jan 2006 Subject: HylaFAX hfaxd and notify/faxrcvd vulnerabilities Introduction: HylaFAX is a mature est. 1991...

7.5CVSS0.2AI score0.1265EPSS
Exploits1
Debian CVE
Debian CVE
added 2006/01/06 11:0 a.m.39 views

CVE-2005-3539

Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via 1 the notify script in HylaFAX 4.2.0 to 4.2.3 and 2 crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3...

7.5CVSS7.7AI score0.1265EPSS
Exploits1
CVE
CVE
added 2006/01/06 11:0 a.m.59 views

CVE-2005-3539

CVE-2005-3539 affects HylaFAX up to version 4.2.x (notably 4.2.3 and earlier). The root cause is evaluation of untrusted input in HylaFAX components: the notify script and crafted CallID parameters to faxrcvd, enabling remote attackers to execute arbitrary commands with the HylaFAX server privile...

7.5CVSS7.6AI score0.1265EPSS
Exploits1References12Affected Software1
UbuntuCve
UbuntuCve
added 2005/12/31 5:0 a.m.24 views

CVE-2005-3539

Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via 1 the notify script in HylaFAX 4.2.0 to 4.2.3 and 2 crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3...

7.5CVSS6.1AI score0.1265EPSS
Exploits1References1
OSV
OSV
added 2005/12/31 5:0 a.m.4 views

DEBIAN-CVE-2005-3539

Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via 1 the notify script in HylaFAX 4.2.0 to 4.2.3 and 2 crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3...

7.5CVSS8.1AI score0.1265EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2005/10/27 12:0 a.m.23 views

flysprayXSS.txt

Flyspray "The bug killer" multiple variable Cross-Site Scripting vendor url:http://flyspray.rocks.cc/ Vendor specific bug report: http://flyspray.rocks.cc/bts/task/703 Advisore:http://lostmon.blogspot.com/2005/10/ flyspray-bug-killer-multiple-variable.html vendor notify:yes exploit available:yes...

7.4AI score
Exploits0
CVE
CVE
added 2005/09/28 4:0 a.m.55 views

CVE-2005-3095

CVE-2005-3095 concerns the Avi Alkalay notify program (dated 19 Aug 2001). The available documents indicate that remote attackers could execute arbitrary commands by injecting shell metacharacters into the from parameter. CVSS metrics (NVD) specify a Network attack vector with Low complexity, no ...

7.5CVSS7.7AI score0.02282EPSS
Exploits0References7Affected Software1
Packet Storm
Packet Storm
added 2005/08/09 12:0 a.m.25 views

dvbbsXSS.txt

DVBBS Multiple variable Cross site scripting vendor url:http://down.dvbbs.net/ SoftView/SoftView2455.html Advisory:http://lostmon.blogspot.com/2005/08/ dvbbs-multiple-variable-cross-site.html vendor notify:yes exploit available:yes OSVDB ID:18512 DVBBS contains a flaw that allows a remote cross...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/08/07 12:0 a.m.32 views

quickForum.txt

Quick.Forum 'topic field' XSS and 'page' & 'iCategory' SQL injection vendor url:http://qc.dotgeek.org/os/index.php?p=productsQuickForum advisore:http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.html vendor notify: yes exploit available: yes Quick.Forum contais a flaw which...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/07/28 12:0 a.m.43 views

bmforumXSS.txt

Multiple Cross site scripting in BMForum vendor url:http://www.bmforum.com/ Advisore:http://lostmon.blogspot.com/2005/07/ multiple-cross-site-scripting-in.html Vendor notify:yes Exploit available:yes BMForum contains a flaw that allows a remote cross site scripting attack.This flaw exists because...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/07/15 12:0 a.m.22 views

cleverXSS.txt

Clever copy 'calendar.php' 'yr' variable cross site scripting vendor url:http://clevercopy.bestdirectbuy.com advisory:http://lostmon.blogspot.com/2005/07/ clever-copy-calendarphp-yr-variable.html vendor notify: yes exploit available:yes Clever Copy is a free, fully scalable web site portal and ne...

7.4AI score
Exploits0
NVD
NVD
added 2005/07/11 4:0 a.m.14 views

CVE-2005-2181

Cisco 7940/7960 Voice over IP VoIP phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message...

7.5CVSS7.5AI score0.01189EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/07/10 4:0 a.m.20 views

CVE-2005-2181

Cisco 7940/7960 Voice over IP VoIP phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message...

7.5AI score0.01189EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/07/10 4:0 a.m.23 views

CVE-2005-2182

Grandstream BudgeTone BT 100 Voice over IP VoIP phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message...

7.5AI score0.01189EPSS
Exploits0References4
Rows per page
Query Builder