1574 matches found
NSOADV-2010-001: Panda Security Local Privilege Escalation
Security Advisory NSOADV-2010-001 Title: Panda Security Local Privilege Escalation Severity: Medium Advisory ID: NSOADV-2010-001 Found Date: 02.2008 Date Reported: 30.11.2009 Release Date: 09.01.2010 Author: Nikolas Sotiriu lofi Mail: nso-research at sotiriu.de URL:...
Pandora FMS Monitoring Application SQL Injection
PenTest Information: ==================== GESEC Teamsmash & rem0ve discover a SQL Injection Vulnerability on Pandora FMS Monitoring Software. Attackers can manipulate the application DBMS over a remote sql-injection vulnerability. Details ======= Tested on OS: UBUNTU 5.4 Tested with Software:...
Pandora FMS Monitoring Application 2.1.x /3.x - SQL Injection
PenTest Information: ==================== GESEC Teamsmash & rem0ve discover a SQL Injection Vulnerability on Pandora FMS Monitoring Software. Attackers can manipulate the application DBMS over a remote sql-injection vulnerability. Details ======= Tested on OS: UBUNTU 5.4 Tested with Software:...
security flaw
Mozilla Network Security Service NSS library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatur...
PT-2005-3111 · Grandstream · Grandstream Budgetone (Bt) 100
Name of the Vulnerable Software and Affected Versions: Grandstream BudgeTone BT 100 affected versions not specified Description: The issue concerns the Grandstream BudgeTone BT 100 Voice over IP VoIP phones, which do not properly validate certain values in a NOTIFY message. This allows remote...
PT-2005-1801 · Veritas · Veritas Backup Exec
Name of the Vulnerable Software and Affected Versions: VERITAS Backup Exec versions 9.0 through 10.0 for Windows Servers VERITAS Backup Exec versions 9.0.4019 through 9.1.307 for Netware Description: The issue allows remote attackers to cause a denial of service, resulting in a Remote Agent crash...
[Full-Disclosure] CIS WebServer Directory Traversal Bug
-= x0n3-h4ck Italian Security Team =- /Advisories / Application: CIS WebServer Vendor's Url: www.cisindia.net Version: 3.5.13 Platforms: Windows Bug: Directory Traversal Exploitation: Remote Author: CorryL [email protected] www.x0n3-h4ck.org Description CIS WebServer is an easy http server, A...
HP-UX Security patch : PHNE_14087
The remote host is missing HP-UX Security Patch number PHNE14087 . Security Vulnerability with inetd on HP-UX %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16839;...
Solaris 2.5.1 (sparc) : 104849-09
SunOS 5.5.1: /kernel/fs/cachefs patch. Date this patch was last updated by Sun : Apr/01/03 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...
Solaris 2.5.1 (x86) : 104842-06
SunOS 5.5.1x86: /usr/sbin/vold patch. Date this patch was last updated by Sun : Mar/08/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
Dansie Shopping Cart Discloses Installation Path to Remote Users
Indonesia Security Development Team Advisory Dansie Shopping Cart Discloses Installation Path to Remote Users ================================================================ Advisory Name: Dansie Shopping Cart Discloses Installation Path to Remote Users Release Date: 5:21 AM 10/20/03 Application...
Dansie Shopping Cart Discloses Installation Path to Remote Users
Indonesia Security Development Team Advisory Dansie Shopping Cart Discloses Installation Path to Remote Users ================================================================ Advisory Name: Dansie Shopping Cart Discloses Installation Path to Remote Users Release Date: 5:21 AM 10/20/03 Application...
[SAFER] Security Bulletin 010125.EXP.1.12
S.A.F.E.R. Security Bulletin 010125.EXP.1.12 TITLE : PlanetIntra - Buffer Overflow DATE : January 25, 2001 NATURE : Remote execution of code AFFECTED : PlanetIntra v2.5 software PROBLEM: A buffer overflow exists in PlanetIntra software that allows remote execution of code. DETAILS: A buffer...
DoS by SMTP AUTH command in IPSwitch IMail server
Dear folks, I found a kind of DoS to handle SMTP AUTH command in IPSwitch IMail server version 6.0.5. IPSwitch ships a product titled IMail, an email server for usage on NT servers serving SMTP, POP3, IMAP4, LDAP etc. It supports SMTP AUTH commands RFC2554 and several authenticate methods to...