Lucene search
K

1158 matches found

securityvulns
securityvulns
added 2003/07/24 12:0 a.m.32 views

VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems) vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Description - ----------- The following products have a vulnerability that can allow a user of the host system to start an arbitrary program with root privileges: VMware GSX Server 2.5.1 for Linux systems build 4968 and earlier releases VMware...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/07/24 12:0 a.m.100 views

MS03-031: Cumulative Patch for MS SQL Server (815495)

The remote Microsoft SQL server is vulnerable to several flaws : - Named pipe hijacking - Named Pipe Denial of Service - SQL server buffer overrun These flaws could allow a user to gain elevated privileges on this host. C Tenable Network Security, Inc. include"compat.inc"; if description...

7.2CVSS6AI score0.36179EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2003/07/22 12:0 a.m.400 views

MS03-039: Microsoft Windows RPC DCOM Interface epmapper Pipe Hijack Local Privilege Escalation (824146) (intrusive check)

It is possible to disable the remote RPC DOM interface by sending it a malformed request. The system will need to be rebooted to recover. A remote attacker could exploit this flaw to remotely disable RPC- related programs on this host. If a denial of service attack is successful, a local attacker...

7.5CVSS5.5AI score0.60799EPSS
Exploits1References3
securityvulns
securityvulns
added 2003/06/28 12:0 a.m.24 views

VMware Workstation 4.0: Possible privilege escalation on the host via symlink manipulation

It is possible for a user to gain an esclation in privileges on a system running VMware Workstation 4.0 for Linux systems by symlink manipulation in a world-writable directory such as /tmp. Affected systems: VMware Workstation 4.0 for Linux systems Dates: This was reported to VMware on 2003-06-17...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2003/06/06 12:0 a.m.22 views

Solaris syslogd overflow

Synopsis: Solaris syslogd is vulnerable to a remote buffer overflow. Versions: Solaris 2.6 SPARC: Not vulnerable Solaris 2.7 SPARC/x86: Untested Solaris 8 SPARC: Vulnerable Solaris 8 x86: Vulnerable Solaris 9 SPARC: Not vulnerable Solaris 9 x86: Untested Impact: Low-Medium. While I've not been ab...

0.8AI score
Exploits0
CERT
CERT
added 2003/05/07 12:0 a.m.20 views

Microsoft Windows Media Player fails to properly evaluate URLs when downloading skin files

Overview Microsoft Media Player contains a vulnerability in the parsing of "Skin Files" that may permit a remote attacker to download arbitrary files to a known location on the local system. Description Microsoft Media Player is an application that plays various types of media files. The user can...

7.5CVSS6.8AI score0.46315EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2003/04/01 3:50 p.m.6 views

Important: Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities

Updated OpenSSL packages are available that fix a potential timing-based attack and a modified Bleichenbacher attack. OpenSSL is a commercial-grade, full-featured, and open source toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a...

7.5CVSS7.3AI score0.06393EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2003/02/28 12:0 a.m.31 views

MS02-060: Flaw in WinXP Help center could enable file deletion (328940)

There is a security vulnerability in the remote Windows XP Help and Support Center which can be exploited by an attacker to delete arbitrary files on this host. To do so, an attacker needs to create malicious web pages that must be visited by the owner of the remote system. C Tenable Network...

5CVSS5.7AI score0.13669EPSS
Exploits0References2
FreeBSD Advisory
FreeBSD Advisory
added 2003/02/24 12:0 a.m.4 views

FreeBSD-SA-03:02.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:02.openssl Security Advisory The FreeBSD Project Topic: OpenSSL timing-based SSL/TLS attack Category: core Module: openssl Announced: 2003-02-25 Credits: Brice...

5.8AI score
Exploits0
Debian
Debian
added 2003/01/23 6:51 p.m.25 views

[SECURITY] [DSA 240-1] New kdegames packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 240-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.1AI score0.03671EPSS
Exploits0
securityvulns
securityvulns
added 2002/04/19 12:0 a.m.21 views

MHonArc v2.5.2 Script Filtering Bypass Vulnerability

MHonArc v2.5.2 Script Filtering Bypass Vulnerability ==================================================== Affected: --------- MHonArc v2.5.2 http://www.mhonarc.org/ Fixed: ------ MHonArc v2.5.3 http://www.mhonarc.org/MHonArc/CHANGES Problem: -------- MHonArc has a feature which filters out...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2002/03/10 12:0 a.m.20 views

DoS in SurfControl's EmailFilter

Just an FYI: I did communicate heavily with SurfControl on this before posting it here: On February 12, 2002, I contacted SurfControl concerning a denial of service condition in the EmailFilter Version 4.0. The DoS was successfully carried out on a Windows 2000 Professional SP2 box. On February 1...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2001/11/24 12:0 a.m.37 views

Redhat Stronghold Secure Server File System Disclosure Vulnerabil ity

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Redhat Stronghold Secure Server File System Disclosure Vulnerability Advisory Code: VIGILANTE-2001002 Release Date: November 23, 2001 Systems affected: Stronghold/3.0 Apache/1.3.19 RedHat/3014 Unix PHP/3.0.18 modssl/2.8.1 OpenSSL/0.9.6 modperl/1.25...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2001/11/15 12:0 a.m.26 views

Postfix session log memory exhaustion bugfix

The Postfix SMTP server maintains a record of SMTP conversations for debugging purposes. Depending on local configuration details this record is mailed to the postmaster whenever an SMTP session terminates with errors. During code maintenance, a stupid error was introduced into the code due to...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2001/10/19 12:0 a.m.41 views

GroupWise Padlock Speculative Info

---------------------- GroupWise Padlock Info ---------------------- History ------- Novell was notified by someone around the 6th of August about a security flaw in GroupWise that apparently allowed basically anyone with access to the GroupWise server to do "bad stuff". August 14th brought the...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2001/10/13 12:0 a.m.24 views

def-2001-29

====================================================================== Defcom Labs Advisory def-2001-29 Ipswitch Web Calendaring 7.04 Buffer Overflow Author: Andreas Junestam [email protected] Release Date: 2001-10-12 ======================================================================...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2001/08/31 12:0 a.m.47 views

Sun Security Bulletin #00207 (fwd) [Patches for snmpXdmid.]

Sun Microsystems, Inc. Security Bulletin Bulletin Number: 00207 Date: August 30, 2001 Cross-Ref: CERT Advisory CA-2001-05 Title: snmpXdmid The information contained in this Security Bulletin is provided "AS IS." Sun makes no warranties of any kind whatsoever with respect to the information...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/07/12 12:0 a.m.27 views

Product Security Bulletin (MPSB01-07)

Macromedia Product Security Bulletin MPSB01-07 Macromedia releases patch that addresses ColdFusion Server security issues. Originally Posted: July 11, 2001 Summary Macromedia has released a patch that addresses two ColdFusion Server security issues which affect all server versions from 2.0 throug...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2001/05/29 12:0 a.m.48 views

Vulnerability discovered in SpearHead NetGap

Background --------------- SpearHead's NetGAP™ appliance physically disconnects a company's network from the Internet. The product consists of two separate computers, an Untrusted CPU and a Trusted CPU, that are never directly connected at any given time. NetGap™ includes a content checking engin...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2001/03/16 12:0 a.m.29 views

def-2001-11: MDaemon 3.5.4 Dos-Device DoS

====================================================================== Defcom Labs Advisory def-2001-11 MDaemon 3.5.4 Dos-Device DoS Author: Peter Grьndl [email protected] Release Date: 2001-03-15 ======================================================================...

0.5AI score
Exploits0
Rows per page
Query Builder