cPanel 11.18.3 - List Directories and Folders Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28300/info cPanel is prone to an information-disclosure vulnerability. An attacker can exploit this issue to determine programs that are running on the affected server and to view folders on other sites that are protected...

AIX 7.1 TL 2 : malloc (IV61314)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

AIX 6.1 TL 9 : malloc (IV60935)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

Trend Micro Interscan Viruswall (Linux) 3.0.1 - Multiple Program Buffer Overflow

source: http://www.securityfocus.com/bid/2579/info Interscan Viruswall is a Virus scanning software package distributed and maintained by Trend Micro. It is designed to scan for virus occurances in both incoming and outgoing traffic via SMTP, FTP, and HTTP at the gateway of the network. A problem...

Libc locale exploit (1)

No description provided by source. / source: http://www.securityfocus.com/bid/1634/info ectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

Trend Micro OfficeScan 3.x CGI Directory Insufficient Permissions Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6616/info A vulnerability has been reported for Trend Micro OfficeScan that may allow attackers to access programs residing in the cgi directory of the OfficeScan installation. http://x.x.x.x/officescan/cgi/cgiMasterPwd.e...

NCSA 1.3/1.4.x/1.5,Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2300/info NSCA httpd prior to and including 1.5 and Apache Web Server prior to 1.0 contain a bug in the ScriptAlias function that allows remote users to view the source of CGI programs on the web server, if a ScriptAlias...

AIX 6.1 TL 8 : malloc (IV61311)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

F-Secure BackWeb 6.31 Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10055/info A vulnerability has been reported in F-Secure BackWeb that may permit local attackers to gain system level privileges. The source of this vulnerability is that certain areas within the BackWeb interface permit...

Opera Web Browser 9.62 History Search Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32015/info Opera Web Browser is prone to an input-validation vulnerability because of the way it stores data used for the History Search feature. Attacker-supplied HTML and script code would run in the context of the...

CylantSecure 1.0 Kernel Module Syscall Rerouting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape monitoring. A user with ro...

RedHat 6 glibc/locale Subsystem Format String

No description provided by source. / source: http://www.securityfocus.com/bid/1634/info Conectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

Symantec Norton AntiVirus 2002/2003 Device Driver Memory Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8329/info It has been reported that a memory corruption vulnerability affects the Symantec Norton AntiVirus Device Driver. According to the report, one of the device control operation handlers attempts to write data to an...

SGI IRIX 6.4 ioconfig Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/213/info A vulnerability exists in the ioconfig program, as shipping with IRIX 6.4 S2MP from Silicon Graphics, Inc. This program is only available on Irix 6.4 for the Origin/Onyx2. Other machines running IRIX are not...

NSHC Papyrus 2.0 - Heap Overflow Vulnerability

No description provided by source. !/usr/bin/python Title: NSHC Papyrus Heap Overflow Vulnerability Date: 13\08\2011 Author: wh1ant Software Link: http://file.atfile.com/ftp/data/03/PapyrusSetup.exe Version: 2.0 Tested On: windows XP SP3 South Korea / windows XP SP3 English VMware Workstation CVE...

Libc locale exploit (2)

No description provided by source. / source: http://www.securityfocus.com/bid/1634/info ectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

Programs Rating postcomments.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35746/info Programs Rating Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

Programs Rating rate.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35746/info Programs Rating Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

openSUSE Security Update : libzip-devel (openSUSE-SU-2011:0449-1)

empty zip archives could crash programs using libzip CVE-2011-0421. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libzip-devel-4188. The text description of this plugin is C SUSE LLC...

CVE-2014-3977 - Privilege Escalation in IBM AIX

Vulnerability title: Privilege Escalation in IBM AIX CVE: CVE-2014-3977 Vendor: IBM Product: AIX Affected version: 6.1.8 and later Fixed version: N/A Reported by: Tim Brown Details: It has been identified that libodm allows privilege escalation via arbitrary file writes with elevated privileges...