2371 matches found
CVE-2005-3189
Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read arbitrary email messages via ".." sequences in the SELECT command...
CVE-2005-3189
Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read arbitrary email messages via ".." sequences in the SELECT command...
forumSQL.txt
Class: Input Validation Error CVE: CVE-MAP-NOMATCH Remote: Yes Discovered BY ABDUCTER & Expliot BY DEVIL-00 [email protected] OR [email protected] Vulnerable:powered by oaboard 1.0 ////////////////////////////////// info:- FOR INFORMATION VISIT http://oaboard.myserver.at/oaboard/forum.ph...
VERITAS-OSX.pl.txt
!/usr/bin/perl VERITAS-OSX.pl - VERITAS NetBackup Format Strings OSX/ppc Remote Exploit Original code by johnhatdigitalmunitiondotcom modified by KF to work on OSX / ppc bug found by kflistsatdigitalmunitiondotcom http://www.digitalmunition.com/ This exploit May NOT be posted to a public Archive...
CVE-2004-2513
Buffer overflow in the IMAP service of Mercury Pegasus Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command...
Stoney FTPd - rxBot mods ftpd Denial of Service
Stoney FTPd - rxBot mods ftpd Denial of Service / untested /str0ke / / rx-dos.c by D-oNe There exists a buffer overflow in Stoneys FTPd that most rxBot mod's use. The problem lies in how the code parses the PORT command and gives an opportunity for a buffer overflow. Problem is that the ftpd also...
CVE-2005-2073
Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents...
CVE-2005-2073
CVE-2005-2073 affects IBM DB2 versions 8.1.4–8.1.9 and 8.2.0–8.2.2. The description states an unknown vulnerability that allows local users with SELECT privileges to perform unauthorized activities and to insert, update, or delete table contents. The currently provided connected documents do not ...
IBM DB2 universal database protection bypass
User with only SELECT permissions can can insert, update or delete records...
CVE-2005-1254
Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service crash via a SELECT command with a large argument...
CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit FGA after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection...
CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit FGA after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection...
Oracle Fine Grained Auditing Issue in Oracle 9i / 10g
Name Oracle Fine Grained Auditing Issue Systems Affected Oracle Database 9i / 10g Severity Medium Risk Category Auditing disabled Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 02 May 2005 V 1.00 Details Fine grained audit FGA does not work if the...
CVE-2005-0247
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...
DEBIAN-CVE-2005-0544
phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...
UBB Thread printthread.php SQL Injection
UBB Thread /ubbthreads/printthread.php SQL Injection YesNo vulnerability Full Disclosure Bug discovered By: Axl Exploit By: HLL hllhll at gmail.com 1. Introduction There Is a flaw in printthread.php due to insufficient bound checking of the 'main' query parameter wich allows a malicues SQL to be...
exp3.pl.txt
!/usr/bin/perl Mysql CREATE FUNCTION libc arbitrary code execution. Author: Stefano Di Paola Vulnerable: Mysql 0; use constant PASS = "USEYOURPASSHERE"; Connect to the database. my $dbh = DBI-connect"DBI:mysql:database=test;host=localhost", "root", PASS ,'RaiseError' = 1; This is the opcode point...
security flaw
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...
fd_set -- bitmap index overflow in multiple applications
3APA3A reports: If programmer fails to check socket number before using select or fdset macros, it's possible to overwrite memory behind fdset structure. Very few select based application actually check FDSETSIZE value. ... Depending on vulnerable application it's possible to overwrite portions o...
CVE-2002-1420
OpenBSD 3.1 and earlier are affected by a local privilege escalation due to an integer signedness error in select(2): a negative size value passes the boundary check as signed but is then used as unsigned during a data copy, allowing a local user to overwrite kernel memory. Impact: local code/ker...