PT-2010-1400 · Roseonline · Roseonlinecms

Name of the Vulnerable Software and Affected Versions: RoseOnlineCMS versions 3 B1 and earlier Description: The issue allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the admin parameter in the modules/admincp.php file when magic quotes gpc...

CentOS 5 : apr-util (CESA-2009:1107)

Updated apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. apr-util is a utility library used with the Apache Portable Runtime APR. It aims...

CentOS 5 : kernel (CESA-2009:0326)

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Joomla MemoryBook 1.2 SQL Injection / RFI

SQL Injection ------------- requires: magic quotes OFF, user account Add this as the description of a new event: ', 63,SELECT CONCATusername,0x20,email FROM users WHERE gid=25 LIMIT 1,1,1,1 -- ' NOTE: 63 MUST be your Joomla user ID. extracted info can be found on View Events page Remote File...

Mandriva Security Advisory MDVSA-2009:314 (apr)

The remote host is missing an update to apr announced via advisory MDVSA-2009:314. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

CoreHTTP Web server buffer overflow

Off-by-one buffer overflow on request method handling...

The command line to kill various antivirus and security software of the method summary-the vulnerability warning-the black bar safety net

At the command line please use ntsd –c-q-p PID 或者 使用 c:\pskill.exe ravmon command to kill rising software About Norton Enterprise Edition“automatic File Protection“of the close method: 1Turn off the service:net stop "Symantec AntiVirus" successfully closed! 2closing process:Rtvscan, the CCAPP and...

GLSA-200911-03 : UW IMAP toolkit: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200911-03 UW IMAP toolkit: Multiple vulnerabilities Multiple vulnerabilities were found in the UW IMAP toolkit: Aron Andersson and Jan Sahlin of Bitsec reported boundary errors in the 'tmail' and 'dmail' utilities when processing...

Apache module mod_rewrite LDAP protocol Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apache modul...

eNdonesia CMS 8.4 - Local File Inclusion

eNdonesia CMS 8.4 - Local File Inclusion Endonesia 8.4 CMS Site: http://www.endonesia.org/ Download: http://sourceforge.net/projects/endonesia Bug: Local File Inclusion in mod.php file ! Author: s4r4d0 Mail: [email protected] Team: Fatal Error...

Wireshark Multiple Denial Of Service Vulnerabilities - Nov09 (Windows)

This host is installed with Wireshark and is prone to multiple Denial of Service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultdosvulnnov09win.nasl 4906 2017-01-02 13:06:55Z teissa $ Wireshark Multiple Denial Of Service Vulnerabilities - Nov09 Windows Authors: Antu Sanadi...

DEBIAN-CVE-2009-3551

Off-by-one error in the dissectnegprotresponse function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace. NOTE: some of these details are obtained from thir...

CVE-2009-3551

CVE-2009-3551 is an off-by-one vulnerability in Wireshark 1.2.0–1.2.2 that affects the SMB dissector (dissect_negprot_response in packet-smb.c). This flaw could cause an application crash (denial of service) when processing a crafted packet trace file. Public advisories indicate the issue is fixe...

CVE-2009-3551

Off-by-one error in the dissectnegprotresponse function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service application crash via a file that records a malformed packet trace. NOTE: some of these details are obtained from thir...

PT-2009-5840 · Wireshark · Wireshark

Name of the Vulnerable Software and Affected Versions: Wireshark versions 1.2.0 through 1.2.2 Description: The issue is caused by an off-by-one error in the dissect negprot response function in packet-smb.c in the SMB dissector. This allows remote attackers to cause a denial of service, resulting...

Oscailt CMS 3.3 Local File Inclusion

Exploit for unknown platform in category web applications ==================================== Oscailt CMS 3.3 Local File Inclusion ==================================== 0 Oscailt 3.3 CMS 0 Download: http://sourceforge.net/projects/oscailt/ 0 Bug: Local File Inclusion in index.php file ! 0 Poc:...

织梦(Dedecms) 5.1 feedback_js.php 注入漏洞

同样是在magicquotesgpc=off的情况下可用 此漏洞可拿到后台管理员的帐号和加密HASH,漏洞存在文件plus/feedbackjs.php,未过滤参数为$arcurl ...... $urlindex = 0; ifempty$arcID $row = $dlist-dsql-GetOne"Select id From @cachefeedbackurl where url='$arcurl' "; //此处$arcurl没有过滤 ifisarray$row $urlindex = $row'id';...

Debian: Security Advisory (DSA-1907-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

织梦(DEDECMS) 5.1 plus/feedback_js.php存在注入漏洞

在magicquotesgpc=off的情况下可用 此漏洞可拿到后台管理员的帐号和加密HASH,漏洞存在文件plus/feedbackjs.php,未过滤参数为$arcurl ...... $urlindex = 0; ifempty$arcID $row = $dlist-dsql-GetOne"Select id From @cachefeedbackurl where url='$arcurl' "; //此处$arcurl没有过滤 ifisarray$row $urlindex = $row'id';...

Debian Security Advisory DSA 1902-1 (elinks)

The remote host is missing an update to elinks announced via advisory DSA 1902-1. OpenVAS Vulnerability Test $Id: deb19021.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1902-1 elinks Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...