cPanel 11.x => List Directories and Folders

Hello,, I Discovered a new bug in cPanel to show the directions Folders Only on the server in Disk Usage part for example, I tried to see the folders in /etc and it worked ! that would show you a list of directions of folders and that including programes on the server, this could be dangerous ! t...

java-1.5.0 Privilege escalation via unstrusted applet and application

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...

SuSE 10 Security Update : gvim and vim (ZYPP Patch Number 4821)

Vim allows to open content via external programs if the argument contains a 'http:' sub-string. It insecurely invoked external web browsers to fetch the remote content. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SOL8424 - Java Runtime Environment Vulnerability - CVE-2008-0657

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges through an untrusted application or applet, as demonstrated by an application or applet that grants...

java-1.5.0 Privilege escalation via unstrusted applet and application

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...

CVE-2008-0657

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...

Update Protections against Recent Malware Threats (04-Feb-08)

Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network...

Debian Security Advisory DSA 342-1 (mozart)

The remote host is missing an update to mozart announced via advisory DSA 342-1. OpenVAS Vulnerability Test $Id: deb3421.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 342-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 811-2 (common-lisp-controller)

The remote host is missing an update to common-lisp-controller announced via advisory DSA 811-2. The bugfix for the problem mentioned below contained an error that caused third party programs to fail. The problem is corrected by this update. For completeness we're including the original advisory...

Debian Security Advisory DSA 039-1 (glibc)

The remote host is missing an update to glibc announced via advisory DSA 039-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 800-1 (pcre3)

The remote host is missing an update to pcre3 announced via advisory DSA 800-1. An integer overflow with subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code. Since several packages link dynamical...

Debian Security Advisory DSA 203-1 (smb2www)

The remote host is missing an update to smb2www announced via advisory DSA 203-1. OpenVAS Vulnerability Test $Id: deb2031.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 203-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

[SECURITY] Fedora 7 Update: postgresql-8.2.6-1.fc7

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

[SECURITY] Fedora 8 Update: postgresql-8.2.6-1.fc8

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

Directory traversal

Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 aka CWebLaunchCtl ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary programs via a ..\ dot dot backslash in the second argument to the DoWebLaunch method. NOTE: some of these...

rpcinfo NSE Script

Connects to portmapper and fetches a list of all registered programs. It then prints out a table including for each program the RPC program number, supported version numbers, port number and protocol, and program name. See also: rpc-grind.nse Script Arguments mount.version, nfs.version,...

CVE-2007-6514

Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "" backslash, which is not handled by the intended AddType directive...

CVE-2007-6514

Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "" backslash, which is not handled by the intended AddType directive...

Mac OS X Multiple Vulnerabilities (Security Update 2007-009)

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2007-009 applied. This update contains several security fixes for a large number of programs. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid29723; scriptversion"1.28";...

CVE-2007-6405

Sergey Lyubka Simple HTTPD shttpd 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended 1 '+' character, 2 '.' character, 3 %2e sequence hex-encoded dot, or 4 hex-encoded character greater than 0x7f. NOTE: the %20 vector is...