737 matches found
PT-2008-3012 · Microsoft · Windows Xp +1
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 versions SP1 through SP2 Description: The issue arises from improper validation of the option length field in Pragmatic General Multicast PGM packets, allowing remote...
JFFNms 0.8.3 - 'auth.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure issues. An attacker can exploit these...
phpBB Import Tools Mod <= 0.1.4 Remote File Include Vulnerability
Exploit for unknown platform in category web applications ================================================================= phpBB Import Tools Mod = 0.1.4 Remote File Include Vulnerability ================================================================= Title: phpBB Import Tools Mod = 0.1.4...
JRun mod_jrun WriteToLog buffer overflow
Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...
JRun mod_jrun WriteToLog buffer overflow
Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...
[SA14507] Xerox MicroServer Web Server Unauthorised Access Vulnerability
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
GLSA-200503-06 : BidWatcher: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200503-06 BidWatcher: Format string vulnerability Ulf Harnhammar discovered a format string vulnerability in 'netstuff.cpp'. Impact : Remote attackers can potentially exploit this vulnerability by sending specially crafted respons...
RHEL 3 : imap (RHSA-2005:128)
Updated imap packages to correct a security vulnerability in CRAM-MD5 authentication are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The imap package provides server daemons for both the IMAP...
HP-UX PHCO_21567 : HPSBUX0005-113 Sec. Vulnerability with shutdown command (rev.1)
s700800 11.04 VVOS patch for shutdown1M : shutdown1M improperly handles input variables. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHCO21567. The text itself is copyright C Hewlett-Packard Development...
HP-UX PHSS_27921 : HPSBUX0209-222 Security Vulnerability in VVOS tomcat 3.2.x
s700800 11.04 Virtualvault 4.5 IWS Tomcat update : HP-UX 11.04 VVOS with Apache-Tomcat 3.2.x versions have a connector issue allowing potential unauthorized access to files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted fr...
HP-UX PHSS_27782 : HPSBUX0208-214 SSRT2334 Security Vulnerability in VJE.VJE-RUN (rev.1)
s700800 11.00 VJE-gamma cumulative patch : The VJE.VJE-RUN adds 'bin' to /etc/PATH. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS27782. The text itself is copyright C Hewlett-Packard Development Company,...
HP-UX PHNE_28143 : HPSBUX0305-261 SSRT3451 Potential Security Vulnerability in HP-UX network drivers (Data Leakage) (rev. 01)
s700800 11.00 LAN product cumulative patch : Potential for Ethernet device drivers to reuse packet data for padding. Cross-reference: CERT/cc VU412115 and CVE CAN-2003-0001. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted fr...
HP-UX PHNE_27902 : HP-UX, Remote Execution of Arbitrary Code, Denial of Service (DoS) from Network Traffic (HPSBUX00271 SSRT2443 rev.3)
s700800 11.00 Cumulative STREAMS Patch : Certain network traffic can cause programs to fail. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHNE27902. The text itself is copyright C Hewlett-Packard Development...
Important: Red Hat Security Advisory: mailman security update
Updated mailman packages that correct a mailman security issue are now available. The mailman package is software to help manage email discussion lists. A flaw in the truepath function of Mailman was discovered. A remote attacker who is a member of a private mailman list could use a carefully...
Microsoft OLE buffer overflow
Overview A vulnerability in a way that various programs handle OLE objects could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft OLE is a technology that allows applications to create and edit compound documents. Compound documents are those...
BIND 9.3.0 vulnerable to denial of service in validator code
Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. BIND supports the DNS...
BIND 8.4.4 and 8.4.5 vulnerable to buffer overflow in q_usedns
Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A buffer overflow err...
Oracle extproc buffer overflow (#NISR23122004A)
NGSSoftware Insight Security Research Advisory Name: Oracle 10g extproc buffer overflow Systems Affected: Oracle 10g on all operating systems Severity: High Risk Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...
Mandrake Linux Security Advisory : logcheck (MDKSA-2004:155)
A vulnerability was discovered in the logcheck program by Christian Jaeger. This could potentially lead to a local attacker overwriting files with root privileges. The updated packages have been patched to prevent the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
XFree86 vulnerable to buffer overflow via crafted font directory in 'fonts.alias' file
Overview XFree86 contains a vulnerability in the parsing of the 'fonts.alias' file, which could be exploited by a local user to execute arbitrary code with elevated privileges. Description XFree86 contains a flaw during the processing of the 'fonts.alias' file. XFree86 is an implementation of the...