206 matches found
Multiple vendors' HTTP content/virus scanners do not check data tunneled via HTTP CONNECT method
Overview Multiple vendors' HTTP anti-virus and content filters do not inspect the contents of HTTP CONNECT method tunnels. As a result, viruses or other restricted HTTP content may not be blocked as specified by policy. Description Many anti-virus and content filter products that are designed to...
Input-validation vulnerability in PHP-Nuke allows arbitrary command execution via request for remote web site
Overview PHP-Nuke has an input-validation vulnerability that can lead to execution of arbitrary PHP code hosted on another web server. Description PHP-Nuke is a tool designed to ease web site creation and maintenance. PHP-Nuke includes a script named index.php, which uses PHP's include function t...
[SECURITY] [DSA 151-1] New xinetd packages fix local denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 151-1 [email protected] http://www.debian.org/security/ Martin Schulze August 13th, 2002 - -------------------------------------------------------------------------- Package : xinetd...
CVE-1999-1021
CVE-1999-1021 affects SunOS 4.1–4.1.2 NFS: the high-order 16 bits of a 32-bit UID are ignored, enabling a local user to gain root if the lower 16 bits are 0. The issue is mitigated/fixed by the NFS jumbo patch upgrade. The connected sources confirm the affected OS and the patch-based fix; exploit...
gnats update
Hia, I found a securityhole in gnatsweb. The author was contacted and a patch was provided within hours. People running the following versions should upgrade: - Gnatsweb 2.7 beta - Gnatsweb 2.8.0 - Gnatsweb 2.8.1 - Gnatsweb 3.95 for GNATS 4, versions from CVS prior to June 26 The patch, and more...
PT-2009-6760 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux kernel versions 2.4.21 openSUSE kernel-ps3-debuginfo affected versions not specified openSUSE kernel-ps3-debugsource affected versions not specified Linux kernel versions prior to 2.6.32-rc8 Description: The issue...