openssl dtls out of order vulnerabilitiy

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors...

FreeBSD : ImageMagick -- multiple vulnerabilities (f5b29ec0-71f9-11dc-8c6a-00304881ac9a)

Multiple vulnerabilities have been discovered in ImageMagick. ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers 1 an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or 2 an infinite...

FreeBSD : png -- multiple vulnerabilities (172acf78-780c-11dc-b3f4-0016179b2dd5)

A Secunia Advisory reports : Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS Denial of Service. Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency...

[SECURITY] [DSA 1379-2] New openssl packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1379-2 [email protected] http://www.debian.org/security/ Noah Meyerhans October 10, 2007 - ------------------------------------------------------------------------ Package : openssl097,...

Security fix for the ALT Linux 8 package openssl10 version 0.9.8d-alt4

Oct. 10, 2007 Dmitry V. Levin 0.9.8d-alt4 - Backported upstream fix for off-by-one bug in the SSLgetsharedciphers function CVE-2007-5135...

Security fix for the ALT Linux 9 package openssl10 version 0.9.8d-alt4

Oct. 10, 2007 Dmitry V. Levin 0.9.8d-alt4 - Backported upstream fix for off-by-one bug in the SSLgetsharedciphers function CVE-2007-5135...

Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8d-alt4

Oct. 10, 2007 Dmitry V. Levin 0.9.8d-alt4 - Backported upstream fix for off-by-one bug in the SSLgetsharedciphers function CVE-2007-5135...

Stack overflow

Off-by-one error in the dologinloop function in libwzd-core/wzdlogin.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote attackers to cause a denial of service daemon crash via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtain...

GLSA-200710-06 : OpenSSL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200710-06 OpenSSL: Multiple vulnerabilities Moritz Jodeit reported an off-by-one error in the SSLgetsharedciphers function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the BNfrommontgomery...

PHP Homepage M 1.0 - galerie.php SQL Injection

PHP Homepage M 1.0 - galerie.php SQL Injection ',30; $user = explode'',$user; $user = strrev$user1; $user = substr$user,4,100; $user = strrev$user; echo "--EXPLOIT FINISHED--\n"; echo "userid : $userid\n"; echo "username: $user\n"; echo "password: $pw\n"; echo '--------------------'; ? milw0rm.co...

png -- multiple vulnerabilities

A Secunia Advisory reports: Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS Denial of Service. Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency...

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an implementation of the Secure Socket Layer and Transport Layer Security protocols. Description Moritz Jodeit reported an off-by-one error in the SSLgetsharedciphers function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the...

Debian DSA-1379-1 : openssl - off-by-one error/buffer overflow

An off-by-one error has been identified in the SSLgetsharedciphers routine in the libssl library from OpenSSL, an implementation of Secure Socket Layer cryptographic libraries and utilities. This error could allow an attacker to crash an application making use of OpenSSL's libssl library, or...

[SECURITY] [DSA 1379-1] New openssl packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1379 [email protected] http://www.debian.org/security/ Noah Meyerhans October 02, 2007 - ------------------------------------------------------------------------ Package : openssl Vulnerability...

DSA-1379-1 openssl - arbitrary code execution

Bulletin has no description...

MDPro 1.0.76 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================= MDPro 1.0.76 Remote SQL Injection Exploit ========================================= !/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author =...

DEBIAN-CVE-2007-5135

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

CVE-2007-5135

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

CVE-2007-5135

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

clansphere-sql.txt

Inclusion Hunter Team http://www.ihteam.net Clansphere 2007.4 Class: SQL Injection Found: 22/09/2007 Remote: Yes Site: http://www.clansphere.net/ Download: http://sourceforge.net/project/showfiles.php?groupid=95430 Vulnerable code: mods/banners/navlist.php...