34 matches found
Red Hat DHCP client NetworkManager integration script command injection
Added: 05/18/2018 CVE: CVE-2018-1111 BID: 104195 Background The DHCP client on Red Hat Enterprise Linux includes a script which provides integration with the NetworkManager subsystem. Problem A command injection vulnerability in the NetworkManager integration script could allow arbitrary command...
Red Hat DHCP client NetworkManager integration script command injection
Added: 05/18/2018 CVE: CVE-2018-1111 BID: 104195 Background The DHCP client on Red Hat Enterprise Linux includes a script which provides integration with the NetworkManager subsystem. Problem A command injection vulnerability in the NetworkManager integration script could allow arbitrary command...
TWiki View Script debugenableplugins Request Parameter Vulnerability
Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...
ALCASAR index.php Crafted HTTP host Header Vulnerability
Added: 09/16/2014 BID: 69662 OSVDB: 111026 Background ALCASAR is a free Network Access Controller that allows network managers to restrict Internet service access to authenticated users. ALCASAR allows control and logging of all network activity by users and/or defined user groups. Problem ALCASA...
Novell iPrint Client IPP Response URI handling buffer overflow
Added: 07/05/2013 CVE: CVE-2013-1091 BID: 59612 OSVDB: 92938 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability within the handling...
Wireshark Lua Untrusted Search Path vulnerability
Added: 11/25/2011 CVE: CVE-2011-3360 BID: 49528 OSVDB: 75347 Background Wireshark is a network packet analyzer. Problem A vulnerability in Wireshark allows execution of arbitrary Lua scripts placed in untrusted directories which are included in Wireshark's search path. Resolution Upgrade to...
Wireshark DECT Dissector Remote Stack Buffer Overflow
Added: 10/19/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshark...
Wireshark DECT Dissector Remote Stack Buffer Overflow
Added: 10/19/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshark...
Adobe Reader CoolType.dll buffer overflow
Added: 09/17/2010 CVE: CVE-2010-2883 BID: 43057 OSVDB: 67849 Background Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING tabl...
Adobe Reader CoolType.dll buffer overflow
Added: 09/17/2010 CVE: CVE-2010-2883 BID: 43057 OSVDB: 67849 Background Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING tabl...
ARP Spoof
Added: 08/23/2010 Background The Address Resolution Protocol ARP is used to resolve IP addresses into the hardware addresses which are used for delivering packets on a local network. Problem It is possible to send a computer a forged ARP reply, which is then stored in that computer's cache. This...
Automatic Drive-by Download
Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
ProFTP welcome message buffer overflow
Added: 10/01/2009 BID: 36128 OSVDB: 57394 Background Labtam ProFTP is an FTP client program for Microsoft Windows. Problem A buffer overflow vulnerability allows command execution when a user connects to an FTP server which sends a specially crafted welcome message. Resolution Apply a fix from th...
ProFTP welcome message buffer overflow
Added: 10/01/2009 BID: 36128 OSVDB: 57394 Background Labtam ProFTP is an FTP client program for Microsoft Windows. Problem A buffer overflow vulnerability allows command execution when a user connects to an FTP server which sends a specially crafted welcome message. Resolution Apply a fix from th...