7249 matches found
CVE-2009-4133
Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...
CVE-2009-4133
Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...
Condor: queue super user cannot drop privs
Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...
Condor: queue super user cannot drop privs
Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...
OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...
Chipmunk Newsletter CSRF Vulnerabilities
No description provided by source. ------------------------------------------------------------------------------------------------- Title: Chipmunk Newsletter CSRF Vulnerabilities Author: Milos Zivanovic Date: 11. December 2009...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Web Administrator in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allow remote attackers to inject arbitrary web script or HTML via the 1 FileName, 2 IsolatedMessageID, 3 ServerName, 4 Dictionar...
Design/Logic Flaw
Sophos PureMessage Scanner service PMScanner.exe in PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service message queue delay and incomplete spam rule update via a crafted 1 RTF or 2 PDF file...
OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...
MDaemon WorldClient form2raw.cgi Stack Buffer Overflow
This module exploits a stack buffer overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed default, a CGI script is provided to accept html FORM based emails and deliver via MDaemon.exe, by writing the CGI output to the Raw Queue. When...
Buffer overflow
Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request...
FreeBSD : cups -- print queue browser denial-of-service (05dcf751-0733-11d9-b45d-000c41e2cdad)
If the CUPS server cupsd receives a zero-length UDP message, it will disable its print queue browser service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques...
Design/Logic Flaw
Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMSIJOB...
CVE-2008-5437
Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMSIJOB...
CVE-2008-5437
Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMSIJOB...
CVE-2008-5437
CVE-2008-5437 affects the Job Queue component in Oracle Database (versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.6). The vulnerability allows remote authenticated users to impact confidentiality and integrity via the DBMS_IJOB interface. Root cause details are not provided in the given d...
OSX/PPC - Stager Sock Find MSG_PEEK + Null-Free Shellcode
OSX/PPC - Stager Sock Find MSGPEEK + Null-Free Shellcode. Shellcode exploit for OSXPPC platform. Tags: Metasploit Framework MSF ;; ; ; Name: stagersockfindpeek ; Qualities: Null-Free ; Platforms: MacOS X / PPC ; Authors: H D Moore ; Version: $Revision: 1.1 $ ; License: ; ; This file is part of th...
CVE-2008-5385
enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfig, allows local users to delete arbitrary files via unspecified vectors...
DEBIAN-CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...