MySQL 5.0.18 Query Logging Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue...

Solaris 2.6/7.0/8 netpr Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1200/info A buffer overrun exists in the 'netpr' program, part of the SUNWpcu LP package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7, on both Sparc and x86 have been confirmed as...

webgrind 1.0 (file param) Local File Inclusion Vulnerability

No description provided by source. webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in PHP5...

Debian: Security Advisory (DSA-2827-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[USN-2029-1] Apache Commons FileUpload vulnerability

========================================================================== Ubuntu Security Notice USN-2029-1 November 13, 2013 libcommons-fileupload-java vulnerability ========================================================================== A security issue affects these releases of Ubuntu and...

Ubuntu: Security Advisory (USN-2029-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2029-1: Apache Commons FileUpload vulnerability

It was discovered that Apache Commons FileUpload incorrectly handled file names with NULL bytes in serialized instances. An attacker could use this issue to possibly write to arbitrary files...

Ubuntu 10.04 LTS : libcommons-fileupload-java vulnerability (USN-2029-1)

It was discovered that Apache Commons FileUpload incorrectly handled file names with NULL bytes in serialized instances. An attacker could use this issue to possibly write to arbitrary files. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...

PHP 5.4.x < 5.4.19 Multiple Vulnerabilities

According to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.19. It is, therefore, potentially affected by the following vulnerabilities : - A heap corruption error exists in numerous functions in the file 'ext/xml/xml.c'. CVE-2013-4113 / Bug 65236 - An...

MGASA-2013-0250 Updated python packages fix CVE-2013-4238 and pip

Updated python packages fix security vulnerability: Ryan Sleevi of the Google Chrome Security Team has discovered that Python's SSL module doesn't handle NULL bytes inside subjectAltNames general names. This could lead to a breach when an application uses ssl.matchhostname to match the hostname...

Updated python packages fix CVE-2013-4238 and pip

Updated python packages fix security vulnerability: Ryan Sleevi of the Google Chrome Security Team has discovered that Python's SSL module doesn't handle NULL bytes inside subjectAltNames general names. This could lead to a breach when an application uses ssl.matchhostname to match the hostname...

Mandriva Linux Security Advisory : ruby (MDVSA-2013:201)

A vulnerability has been discovered and corrected in ruby : A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers...

Scientific Linux Security Update : ruby on SL5.x, SL6.x i386/srpm/x86_64 (20130717)

A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to...

Mod_Security Cross Site Scripting Bypass

Product: Modsecurity Author: Rafay Baloch Status: Fixed Details: The ModSecurity firewall is one of the most known WAF around, It has an online smoke test where we can check if a vector bypassed the regular expressions. Payload: It was though detecting null bytes, but it was generating a false...

GLPI v0.83.7 (itemtype) Parameter Traversal Arbitrary File Access Exploit

Summary GLPI, an initialism for Gestionnaire libre de parc informatique Free Management of Computer Equipment, was designed by Indepnet Association a non profit organisation in 2003. GLPI is a free asset and IT management software package, it also offers functionalities like servicedesk ITIL or...

DEBIAN-CVE-2013-2478

The dissectserverinfo function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service application crash via a malformed packet that 1...

Linux/x86 - Reverse TCP Shellcode (67 bytes)

Linux/x86 - Reverse TCP Shellcode 67 bytes. Shellcode exploit for Linx86 platform / Tiny Shell Reverse TCP Shellcode - C Language Linux/x86 Written in 2013 by Geyslan G. Bem, Hacking bits http://hackingbits.com [email protected] This source is licensed under the Creative Commons...

TikiWiki unserialize() Function Arbitrary Code Execution

The version of the TikiWiki installed on the remote host contains a flaw that could allow a remote attacker to execute arbitrary code. The 'unserialize' function is not properly sanitized before being used in the 'lib/banners/bannerlib.php', 'tiki-printmultipages.php', 'tiki-sendobjects.php' and...

Microsoft Internet Explorer Multiple Vulnerabilities (2699988)

This host is missing a critical security update according to Microsoft Bulletin MS12-037. OpenVAS Vulnerability Test $Id: secpodms12-037.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2699988 Authors: Rachana Shetty Copyright: Copyright c 2012 SecPo...

Path traversal

The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as...