Microsoft Active Template Library (ATL) multiple security vulnerabilities

Memory corruptions, information leak, initialization problem, leading to killbit protection bypass...

Cisco ACE XML Gateway <= 6.0 Internal IP disclosure

Exploit for unknown platform in category remote exploits =================================================== Cisco ACE XML Gateway = 6.0 Internal IP disclosure =================================================== Title: Cisco ACE XML Gateway = 6.0 Internal IP disclosure CVE-ID: OSVDB-ID: Author:...

Cisco ACE XML Gateway 6.0 - Internal IP Disclosure

Cisco ACE XML Gateway 6.0 - Internal IP Disclosure +----------------------------------------------------------------------- -+ | ....... | | ..''xxxxxxxxxxxxxxx'... | | ..'xxxxxxxxxxxxxxxxxxxxxxxxxxx.. | | ..'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'. | | .'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'''.......'. | |...

Linux Kernel 2.4/2.6 sock_sendpage() Local Root Exploit (ppc)

No description provided by source. / Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwar...

Linux Kernel 2.4/2.6 sock_sendpage() Local Root Exploit (ppc)

Exploit for linux platform in category local exploits ============================================================= Linux Kernel 2.4/2.6 socksendpage Local Root Exploit ppc ============================================================= / Linux socksendpage NULL pointer dereference Copyright 2009...

dnsmasq -- TFTP server remote code injection vulnerability

Simon Kelley reports: Fix security problem which allowed any host permitted to do TFTP to possibly compromise dnsmasq by remote buffer overflow when TFTP enabled. Fix a problem which allowed a malicious TFTP client to crash dnsmasq...

openSUSE Security Update : memcached (memcached-1165)

This update of memcached fixes a signedness problem which may lead to a buffer too small to hold all data received from the network, this may allow arbitrary remote code execution. CVE-2009-2415 Additionally an information leak was fixed CVE-2009-1494, CVE-2009-1255 %NASLMINLEVEL 70300 C Tenable...

News website management system vulnerability-vulnerability warning-the black bar safety net

News website management system vulnerabilities author: xk8888888 This system has N of the Year Edition,General government, schools and enterprises with much more, Special permit: to display news NewsView. asp? NewsID= Login login. asp? id=3,The main special permit is available one has a EDIT the...

openSUSE Security Update : samba (samba-174)

This is an update to version 3.2.3 of Samba. This release includes several bugfixes and performance enhancements for Samba and its components. It is recommended for every user to update to this version. Among several other bugs the following list shows some detail : - Fix a race condition in...

Fedora Core 11 FEDORA-2009-4967 (mingw32-opensc)

The remote host is missing an update to mingw32-opensc announced via advisory FEDORA-2009-4967. OpenVAS Vulnerability Test $Id: fcore20094967.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-4967 mingw32-opensc Authors: Thomas Reinke Copyright:...

中国游戏中心游戏大厅 (CGAgent.dll) ActiveX Remote Code Execution Exploit

No description provided by source. ChinaGames CGAgent.dll ActiveX Remote Code Execution Exploit Exploit made by etirah Download: www.chinagames.com Problem DLL : CGAgent.dll Problem Func : CreateChinagamesparam1 Problem Param : param1 References: 1. http://bbs.pediy.com/showthread.php?t=87615 2...

ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit

Exploit for windows platform in category remote exploits ============================================================== ChinaGames CGAgent.dll ActiveX Remote Code Execution Exploit ============================================================== ChinaGames CGAgent.dll ActiveX Remote Code Execution...

ChinaGames - CGAgent.dll ActiveX Remote Code Execution

ChinaGames - CGAgent.dll ActiveX Remote Code Execution ChinaGames CGAgent.dll ActiveX Remote Code Execution Exploit Exploit made by etirah Download: www.chinagames.com Problem DLL : CGAgent.dll Problem Func : CreateChinagamesparam1 Problem Param : param1 References: 1...

BaoFeng - config.dll ActiveX Remote Code Execution

BaoFeng - config.dll ActiveX Remote Code Execution BaoFeng config.dll ActiveX Remote Code Execution Exploit Exploit made by etirah Download: www.baofeng.com Problem DLL : config.dll Problem Func : SetAttributeValueparam1,param2,param3 Problem Param : param1 References: 1...

ChinaGames - &#039;CGAgent.dll&#039; ActiveX Remote Code Execution

ChinaGames CGAgent.dll ActiveX Remote Code Execution Exploit Exploit made by etirah Download: www.chinagames.com Problem DLL : CGAgent.dll Problem Func : CreateChinagamesparam1 Problem Param : param1 References: 1. http://bbs.pediy.com/showthread.php?t=87615 2. http://www.milw0rm.com/exploits/857...

Claroline 1.8.11 Cross Site Scripting

Author: Gerendi Sandor Attila Original Advisory: http://gsasec.blogspot.com/2009/05/claroline-v1811-cross-site-scripting.html Date: May 05, 2009 Package: Claroline 1.8.11 Product Homepage: http://www.claroline.net/ Versions Affected: v.1.8.11 Other versions may also be affected Severity: Medium...

Ubuntu 8.04 LTS / 8.10 / 9.04 : Apport vulnerability (USN-768-1)

Stephane Chazelas discovered that Apport did not safely remove files from its crash report directory. If Apport had been enabled at some point, a local attacker could remove arbitrary files from the system. Note that Tenable Network Security has extracted the preceding description block directly...

Companies still dragging their feet with patches

From IDG News Service Jeremy Kirk A study from security vendor Qualys has found that companies are patching just a hair faster than they were five years ago. The latest data was collected throughout 2008, said Wolfgang Kandek, Qualys’ CTO. Qualys scanned 80 million IP Internet Protocol addresses...

MDKA-2007:026 : krb5

The krb5 packages provided with Mandriva Linux 2007.1 had a compilation problem where the kerberos utilities were looking for modules in the wrong location. This update corrects the problem. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently...

MDVA-2008:027 : mandriva-kde-config

The KDE panel has a clock applet which includes de hability to change its appearance and behavior. Because of a configuration problem, this applet was not properly saving these changes were not properly saved, being lost at every user login. This update fixes the problem. %NASLMINLEVEL 70300...