708 matches found
Solaris 8 (sparc) : 117000-05
SunOS 5.8: Kernel Patch. Date this patch was last updated by Sun : Apr/30/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 8 (x86) : 111233-01
SunOS 5.8x86: patch in.fingerd. Date this patch was last updated by Sun : Apr/25/01 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 8 (x86) : 110323-02
SunOS 5.8x86: /usr/lib/netsvc/yp/ypbind patch. Date this patch was last updated by Sun : Sep/24/02 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
[Squid 2004-Nuke-001] Inadequate Security Checking in PHPNuke v7.3 and earlier
=========================================================================== =========================================================================== Advisory: 2004-Nuke-001 Affected Software: PHPNuke Affected Versions: Version 7.3 and earlier Main Developer: Francisco Burzi...
Bagle Worm Removal
The remote host had the Bagle worm installed. Nessus attempted to remove it by connecting to port 6777 of the host and using the built-in removal command. However, you should verify that : - The worm was removed properly - The remote host has not been altered in any other way. C Tenable Network...
CVE-2003-0470
Buffer overflow in the "RuFSI Utility Class" ActiveX control aka "RuFSI Registry Information Class", as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings...
Symantec ActiveX control vulnerable to buffer overflow
Overview There is a buffer overflow in a component of Symantec's web-based Security Check. Description Symantec describes Security Check as "a free web-based tool that enables users to test their computer's exposure to a wide range of on-line threats. As part of running the check, users may insta...
PHP 4.3.x - Undefined Safe_Mode_Include_Dir Safemode Bypass
PHP 4.3.x - Undefined SafeModeIncludeDir Safemode Bypass source: https://www.securityfocus.com/bid/8201/info PHP is prone to an issue that may allow programs to bypass Safe Mode by calling external files in restricted directories using include and require. The problem is known to occur when the...
CVE-2003-0470
The CVE-2003-0470 entry concerns the Buffer Overflow in the RuFSI Utility Class ActiveX control (the RuFSI Registry Information Class) used by Symantec Security Check. The vulnerability arises in the ActiveX control’s handling of a long argument to CompareVersionStrings, enabling remote code exec...
CVE-2003-0470
Buffer overflow in the "RuFSI Utility Class" ActiveX control aka "RuFSI Registry Information Class", as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings...
[Full-Disclosure] Symantec ActiveX control buffer overflow
Security Advisory Name: Symantec ActiveX control buffer overflow. Systems Affected : Symantec Security Check service. Severity : High Remote exploitable : Yes Author: Cesar Cerrudo. Date: 06/23/03 Advisory Number: CC060304 Overview: Symantec has a free online service for virus and security scan...
blackicepro.txt
Hi! I'm using BlackICE PC Protection formerly known as BlackICE Defender for a very long time1, 2. It is one of my favorite hostbased intrusion detection systems and personal firewall for windows. During some tests for a paper on cross site scripting I've seen that there is an evasion possibility...
vSignup, vAuthenticate (PHP)
Informations : °°°°°°°°°°°°°° ----------------------- Product : vAuthenticate Version : 2.8 ----------------------- Product : vSignup Version : 2.1 ----------------------- Website : http://www.beanbug.net Problem : SQL Injection PHP Code/Location : °°°°°°°°°°°°°°°°°°° chgpwd.php :...
CVE-2002-1216
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check...
DEBIAN-CVE-2002-1216
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check...
CVE-2002-1216
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check...
CVE-2002-0023
CVE-2002-0023 affects Internet Explorer 5.01, 5.5 and 6.0. The vulnerability arises in the GetObject function, where malformed requests can bypass some security checks, allowing remote attackers to read arbitrary files. The connected records confirm the affected products and the vulnerability cla...
Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution (4)
Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution 4 // source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request...
Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (8)
source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...
Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (7)
source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...