7636 matches found
Debian DSA-2014-1 : moin - several vulnerabilities
Several vulnerabilities have been discovered in moin, a python clone of WikiWiki. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0668 Multiple security issues in MoinMoin related to configurations that have a non-empty superuser list, the xmlrpc...
PhpBB 'feed.php' Security Bypass Vulnerability
PhpBB is prone to a security-bypass vulnerability. Attackers may exploit the issue to bypass certain security restrictions, view restricted content, and perform unauthorized actions. PhpBB 3.0.7 is vulnerable; other versions may also be affected. OpenVAS Vulnerability Test $Id: gbphpbb38599.nasl...
CVE-2009-4644
Accellion Secure File Transfer Appliance before 80105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program...
Design/Logic Flaw
Accellion Secure File Transfer Appliance before 80105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program...
CVE-2009-4644
The CVE-2009-4644 issue affects the Accellion Secure File Transfer Appliance, specifically versions prior to 8_0_105. It allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands by injecting shell metacharacters via the cli program (demonstrated wit...
CVE-2009-4644
Accellion Secure File Transfer Appliance before 80105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program...
Confluence adminsistrators can still view a restricted page if the type in the URL or click on a link in an email
If I set page viewing restrictions on a wki page to one group of which I am a member, other users, including confluence adminsistrators, cannot see the page when navigating within the application. If they type in the URL of the restricted page or click on a link to the restricted page, then can...
Microsoft Windows Kernel Exception Handler Local Denial Of Service Vulnerability
Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. The issue stems from an error in the kernel's exception handler. Attackers may exploit this issue to restart the system, causing a denial-of-service condition. Technologies Affected...
Design/Logic Flaw
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...
CVE-2009-3564
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...
DEBIAN-CVE-2009-3564
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...
CVE-2009-3564
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...
CVE-2009-3564
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...
Out-of-bounds
The eisaeepromread function in the parisc isa-eeprom component drivers/parisc/eisaeeprom.c in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds read ...
CVE-2009-2846
The eisaeepromread function in the parisc isa-eeprom component drivers/parisc/eisaeeprom.c in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds read ...
Whitepaper - Using XFS To Create XSS From SQL Injection
XFS - XSS From SQL Author : 599eme Man Contact : [email protected] ------------------------------------------------------------------------ + Summary 1 Presentation 2 Explanation 3 Demonstration 4 Bibliography ------------------------------------------------------------------------ 1 --Presentation--...
Waverider Systems Perlshop - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/43158/info Perlshop is prone to multiple input-validation vulnerabilities including a nondescript input-validation vulnerability, multiple cross-site scripting vulnerabilities, and a directory-traversal vulnerability because it fails to sufficiently...
PT-2009-3491
Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio .NET versions 2003 SP1 through 2008 Microsoft Visual C++ versions 2005 SP1 through 2008 SP1 Windows versions 2000 SP4 through XP SP3, Server 2003 SP2, Vista Gold through SP2, and Server 2008 Gold through SP2 Description...
Microsoft Virtual PC and Virtual Server Privilege Escalation Vulnerability
Description Microsoft Virtual PC and Virtual Server are prone to a privilege-escalation vulnerability caused by an error in decoding privileged instructions. Note that this issue affects only systems that do not use hardware-assisted virtualization. Successful exploits may allow local attackers t...
Allow Site Admin to discover restricted pages
A customer mentioned that this functionality is important to have for automation and integration purposes. Currently confluence-administrators are not able to discover restricted pages, despite of their ability to access ie. read the page if they know the url. The customer argued that "this makes...