Debian Security Advisory DSA 534-1 (mailreader)

The remote host is missing an update to mailreader announced via advisory DSA 534-1. OpenVAS Vulnerability Test $Id: deb5341.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 534-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

MySpace Content Zone 3.x Remote File Upload Vulnerability

No description provided by source. ---------------------------------------------------- +-MySpace Content Zone RFi-+ ---------------------------------------------------- Found By Don & breakerunit ---------------------------------------------------- Vuln file: /admin/uploadgames.php Fix: secure...

Oreon/Centreon - Multiple Remote File Inclusion

By Michael Brooks Vulnerability Type: Multiple Remote File Inclusion. Software: Oreon and Centreon Homepage:http://www.oreon-project.org/ or http://www.centreon.com/ Versions: 1.4Oreon and 1.4.1Centreon The vulnerable file is: ./oreon-1.4/www/include/monitoring/engine/MakeXML.php Another,virtuall...

CVE-2007-5896

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service CPU consumption and crash via an iframe with Javascript that sets the document.location to contain a leading NULL byte \x00 and a 1 res://, 2 about:config, or 3 file:/// URI...

Design/Logic Flaw

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service CPU consumption and crash via an iframe with Javascript that sets the document.location to contain a leading NULL byte \x00 and a 1 res://, 2 about:config, or 3 file:/// URI...

CVE-2007-5896

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service CPU consumption and crash via an iframe with Javascript that sets the document.location to contain a leading NULL byte \x00 and a 1 res://, 2 about:config, or 3 file:/// URI...

CVE-2007-5896

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service CPU consumption and crash via an iframe with Javascript that sets the document.location to contain a leading NULL byte \x00 and a 1 res://, 2 about:config, or 3 file:/// URI...

CVE-2002-2419

Direct connect text client DCTC client 0.83.3 allows remote attackers to cause a denial of service crash via a string ending with a NULL byte character...

phpstats-multi.txt

32 break; 100. 103. $title='?'; 104. if$option'pagetitle' && isset$GET't' 105. 106. $tmpTitle=htmlspecialcharsaddslashesurldecode$GET't'; 107. if$tmpTitle!='\\\" t \\\"' $title=$tmpTitle; 108. 109. 174. if $loaded=='?' && $title!='?' 175. $result=sqlquery"SELECT lastpage FROM...

Directory traversal

c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte %00 sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might b...

Cart32 Arbitrary File Download Vulnerability

======================================================================== = Cart32 Arbitrary File Download Vulnerability = = Vendor Website: = http://www.cart32.com = = Affected Version: = -- All releases prior to and including v6.3 = = Public disclosure on Thursday 4th October 2007 =...

DEBIAN-CVE-2007-4987

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...

Design/Logic Flaw

Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...

CVE-2007-4042

Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...

CVE-2007-4041

Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte %00 and shell metacharacters in a 1 mailto, 2 nntp, 3 news, 4 snews, or 5 telnet URI, a similar issue to CVE-2007-3670...

CVE-2007-4042

Technical details for CVE-2007-4042 are not provided in the connected documents. The initial description mentions remote command execution via URI injection in Netscape Navigator 9, but no vendor/product/version specifics or fixes are supplied here.

CVE-2007-4041

CVE-2007-4041 describes multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and Firefox 3.0alpha that allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in certain URI handlers (mailto, nntp, news, snews, telnet). The issue is a ...

Design/Logic Flaw

Off-by-one error in the fspreaddirr function in fsplib.c in fsplib before 0.9 allows remote attackers to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which prevents a terminating null byte from being added...

webspell-lfi.txt

muH - $Title: Webspell 4.x Local File Inclusion Win $Damage Factor: Medium - High $Requires: Win Box & Php Supporting %00 $Discovered by muH $Usage: http://server.com/index.php?site=c:\windows\repair\sam%00...

dotnet-nullbyte.txt

======================================================================== = Multiple .NET Null Byte Injection Vulnerabilities = = Vendor Website: = http://www.microsoft.com = = Affected Version: = .NET FrameWork v1.1 SP1 = .NET FrameWork v2.0.50727 = = Vendor Notified - October, 2006 = Public...