Lucene search
+L

7973 matches found

0day.today
0day.today
added 2006/04/06 12:0 a.m.60 views

phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================= phpMyChat 0.15.0dev SYS enter Remote Code Execution Exploit ============================================================= !/usr/bin/php -q -d shortopentag=on works with...

7.1AI score
Exploits0
NVD
NVD
added 2006/03/09 1:6 p.m.22 views

CVE-2006-1117

nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...

2.6CVSS6.6AI score0.00927EPSS
Exploits0References7
NVD
NVD
added 2006/03/09 12:2 a.m.22 views

CVE-2006-1079

htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, an...

7.2CVSS6.8AI score0.00393EPSS
Exploits1References8
Cvelist
Cvelist
added 2006/03/02 11:0 p.m.25 views

CVE-2006-0965

NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to bypass security protections and configure privileged options via a long argument to ncpmon.exe, which provides access to alternate privileged menus, possibly due to a buffer overflow...

6.6AI score0.00378EPSS
Exploits0References5
NVD
NVD
added 2006/02/22 2:2 a.m.22 views

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

5CVSS6.7AI score0.01376EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2006/02/22 2:2 a.m.43 views

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

5CVSS5.9AI score0.01376EPSS
Exploits0References1
Prion
Prion
added 2006/02/22 2:2 a.m.19 views

Design/Logic Flaw

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

5CVSS7.2AI score0.01376EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/02/22 2:0 a.m.28 views

CVE-2006-0839

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths...

6.7AI score0.01376EPSS
Exploits0References4
CVE
CVE
added 2006/02/22 2:0 a.m.55 views

CVE-2006-0839

The CVE-2006-0839 entry concerns the frag3 preprocessor in Sourcefire Snort 2.4.3. It states that certain fragmented packets with IP options are not properly reassembled, which can allow remote attackers to evade detection of certain attacks (potentially related to IP option lengths). The existin...

5CVSS6.7AI score0.01376EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2006/02/22 2:0 a.m.47 views

CVE-2006-0839

Removed by vendor...

5CVSS7AI score0.01376EPSS
Exploits0
NVD
NVD
added 2006/02/17 1:2 a.m.16 views

CVE-2006-0737

eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...

5CVSS6.6AI score0.03119EPSS
Exploits0References5
Prion
Prion
added 2006/02/17 1:2 a.m.16 views

Design/Logic Flaw

eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...

5CVSS7.1AI score0.03119EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2006/02/08 12:0 a.m.40 views

Linux kernel ICMP DoS

record-route or timestamp IP options handling vulnerability...

0.9AI score
Exploits0References1Affected Software1
NVD
NVD
added 2006/02/07 6:6 p.m.28 views

CVE-2006-0454

Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmpsend, does not properly handle when the ipoptionsecho function in icmp.c fails, which allows remote attackers to cause a denial of service crash via vectors such as 1 record-route and 2 timestamp IP options wi...

5CVSS6.3AI score0.03774EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2006/02/07 6:6 p.m.34 views

CVE-2006-0454

Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmpsend, does not properly handle when the ipoptionsecho function in icmp.c fails, which allows remote attackers to cause a denial of service crash via vectors such as 1 record-route and 2 timestamp IP options wi...

5CVSS6AI score0.03774EPSS
Exploits0References2
CVE
CVE
added 2006/02/07 6:0 p.m.65 views

CVE-2006-0454

The CVE-2006-0454 issue affects the Linux kernel (2.6.x) where icmp_send mishandles failures in ip_options_echo, enabling remote attackers to crash the host via crafted ICMP options (record-route, timestamp with needaddr and truncated value). Public advisories from SUSE, Red Hat, Fedora, Ubuntu d...

5CVSS6.1AI score0.03774EPSS
Exploits0References18Affected Software1
CVE
CVE
added 2006/01/23 8:0 p.m.63 views

CVE-2004-0592

Summary: CVE-2004-0592 affects the SUSE Linux 2.6.5 kernel with USAGI patches, specifically the netfilter IPv6 path. The issue arises in the tcp_find_option function when using iptables and TCP options rules, where a large option length can yield a negative integer after casting to char, causing ...

5CVSS6.5AI score0.02465EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2006/01/19 12:3 a.m.11 views

Buffer overflow

Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via the DHCP options field...

7.5CVSS8.6AI score0.06503EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/01/19 12:0 a.m.19 views

CVE-2006-0304

Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via the DHCP options field...

8AI score0.06503EPSS
Exploits1References6
securityvulns
securityvulns
added 2006/01/16 12:0 a.m.39 views

Linksys VPN routers DoS

IP packet with invalid IP options causes router to crash...

3AI score
Exploits0References1
Rows per page
Query Builder