68 matches found
HP-UX PHNE_24419 : HP-UX running sendmail(1M), Remote Unauthorized Access (HPSBUX00179 SSRT071387 rev.3)
s700800 11.00 sendmail1m 8.9.3 patch : In HP sendmail1m release 8.8.6 and 8.9.3 under certain conditions an email queue warning message is returned with the Diagnostic-Code and incorrect information not intended to be seen without authorization. However, HP sendmail1m release 8.11.1 does not...
Symantec products vulnerable to buffer overflow via a specially crafted UPX file
Overview The Symantec AntiVirus Library DEC2EXE component is vulnerable to remote arbitrary code execution. Description The Symantec AntiVirus Library is used in many Symantec and third-party virus scanning products, including Symantec Norton Antivirus and Symantec BrightMail AntiSpam.The AntiVir...
Mandrake Linux Security Advisory : sharutils (MDKSA-2002:052)
The uudecode utility creates output files without checking to see if it is about to write to a symlink or pipe. This could be exploited by a local attacker to overwrite files or lead to privilege escalation if users decode data into share directories, such as /tmp. This update fixes this...
Mandrake Linux Security Advisory : squid (MDKSA-2001:066)
The Squid proxy server has a serious security flaw in versions 2.3.STABLE2 through 2.3.STABLE4. This problem surfaces when Squid is used in httpdaccel mode. If you configure httpaccelwithproxy off then any request to Squid is allowed. Malicious users may use your proxy to portscan remote systems,...
Solaris 2.5.1 (i386) : 104500-05
The remote host is missing Sun Security Patch number 104500-05 CDE 1.0.2x86: dtappgather patch. Date this patch was last updated by Sun : Tue Jan 26 17:00:00 MST 1999 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated ...
VP-ASP shopexd.asp catalogid Parameter SQL Injection
The remote host is using the VP-ASP software suite. This set of CGIs is vulnerable to a SQL injection bug which may allow an attacker to take the control of the server as an administrator. From there, he can obtain the list of customers, steal their credit card information and more. In addition t...
SLMail < 5.1.0.4433 Multiple Command Remote Overflows
The remote host is running a version of the SLmail SMTP server which is vulnerable to various overflows which may allow to execute arbitrary commands on this host or to disable it remotely. C Tenable Network Security, Inc. Refs: From: "NGSSoftware Insight Security Research" To: Subject: Multiple...
RealServer Malformed viewsource Directory Request DoS
The version of RealServer running on the remote host has a denial of service vulnerability. It was possible to crash the remote host by sending a malformed HTTP request for a page in the viewsource directory. %NASLMINLEVEL 70300 This script was written by John Lampe [email protected] See the...