IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption

IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption source: https://www.securityfocus.com/bid/16593/info IBM Tivoli Directory Server is prone to an unspecified memory corruption. This issue may be triggered by malformed LDAP data. The exact impact of this vulnerability is not known at this...

Ubuntu 4.10 / 5.04 : tiff vulnerability (USN-130-1)

Tavis Ormandy discovered a buffer overflow in the TIFF library. A malicious image with an invalid 'bits per sample' number could be constructed which, when decoded, would have resulted in execution of arbitrary code with the privileges of the process using the library. Since this library is used ...

ibm_css.txt

----------------------------------------------------------- + IBM WEBSPHERE 6 Sample scripts Cross site scripting + ----------------------------------------------------------- Release Date: 12/12/2005 Severity: low Product:...

Codebrws.asp Source Disclosure Vulnerability

Microsoft's IIS 5.0 web server is shipped with a set of sample files to demonstrate different features of the ASP language. One of these sample files allows a remote user to view the source of any file in the web root with the extension .asp, .inc, .htm, or .html. OpenVAS Vulnerability Test $Id:...

JRun Sample Files

This host is running the Allaire JRun web server and has sample files installed. Several of the sample files that come with JRun contain serious security flaws. An attacker can use these scripts to relay web requests from this machine to another one or view sensitive configuration information...

Oracle XSQL Sample Application Vulnerability

One of the sample applications that comes with the Oracle XSQL Servlet allows an attacker to make arbitrary queries to the Oracle database under an unprivileged account. Whilst not allowing an attacker to delete or modify database contents, this flaw can be used to enumerate database users and vi...

IIS 5.0 Sample App reveals physical path of web root

A sample application shipped with IIS 5.0 discloses the physical path of the web root. An attacker can use this information to make more focused attacks. OpenVAS Vulnerability Test $Id: iis5samplepath.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: IIS 5.0 Sample App reveals physical path of...

IIS 5.0 Sample App reveals physical path of web root

A sample application shipped with IIS 5.0 discloses the physical path of the web root. An attacker can use this information to make more focused attacks. SPDX-FileCopyrightText: 2000 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

IIS 5.0 Sample App vulnerable to cross-site scripting attack

The script /iissamples/sdk/asp/interaction/FormJScript.asp or FormVBScript.asp allows you to insert information into a form field and once submitted re-displays the page, printing the text you entered. This .asp doesn SPDX-FileCopyrightText: 2000 Matt Moore Some text descriptions might be excerpt...

Allaire/Macromedia JRun Sample Files (HTTP) - Active Check

This host is running the Allaire JRun web server and has sample files installed. SPDX-FileCopyrightText: 2001 Digital Defense Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

aspReady FAQ - open for SQL-injections

The free, open source project called "aspReady FAQ" is open for SQL-injection. This results is admin access with the ability change/delete the entire database. An example on SQL-inject that works could be: 1'or'1'='1 After doing a google search, I've found out that some companies are actually usi...

libtiff TIFF graphics library buffer overflow

Buffer overflow on invalid bits per sample value...

CVE-2002-1634

CVE-2002-1634 affects Novell NetWare 5.1. The vulnerability is described as an issue where the installation of sample applications could allow remote attackers to obtain sensitive information through eight components: ndsobj.nlm, allfield.jse, websinfo.bas, ndslogin.pl, volscgi.pl, lancgi.pl, tes...

CVE-2002-1634

Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via 1 ndsobj.nlm, 2 allfield.jse, 3 websinfo.bas, 4 ndslogin.pl, 5 volscgi.pl, 6 lancgi.pl, 7 test.jse, or 8 env.pl...

CVE-2002-1632

Oracle 9i Application Server 9iAS installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via 1 info.jsp, 2 printenv, 3 echo, or 4 echo2...

Microsoft Windows - JPEG GDI+ Overflow Shellcode

Microsoft Windows - JPEG GDI+ Overflow Shellcode // launch a local cmd.exe not bound to the net... // GDI+ buffer overrun exploit by FoToZ // NB: the headers here are only sample headers taken from a .JPG file, // with the FF FE 00 01 inserted in header1. // Sample shellcode is provided // You ca...

CVE-1999-1520

The CVE-1999-1520 issue is a configuration problem in the Ad Server Sample directory (AdSamples) of Microsoft Site Server 3.0. The root cause is misconfiguration that allows an attacker to obtain the SITE.CSC file, exposing sensitive SQL database information. Affected software: Microsoft Site Ser...

Ollydbg <= 1.10 Format String Bug

Exploit for unknown platform in category local exploits ================================= Ollydbg include include pragma commentlib,"kernel32.lib" void main unsigned char buffer = "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90...

security flaw

The OSS code for the Sound Blaster sb16 driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service crash via a sample with an odd number of bytes...

CVE-2004-0178

The OSS code for the Sound Blaster sb16 driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service crash via a sample with an odd number of bytes...