CVE-2006-4191

Directory traversal vulnerability in memcp.php in XMB Extreme Message Board 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server...

CVE-2006-3920

The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service resource exhaustion via a TCP packet with an incorrect sequence number, which triggers an ACK storm...

CVE-2006-3920

The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service resource exhaustion via a TCP packet with an incorrect sequence number, which triggers an ACK storm...

CVE-2006-3524

Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message...

Graphic explanation: hacking demo-vulnerability warning-the black bar safety net

A simple"hacker"invasion TCP/IP Protocol sequence number prediction attack is the most simple"hacker"invasion, is also a system security the biggest threat. On the network, each computer has a unique IP address, the computer of the target IP address and a unique sequence number loaded in the...

Cross site scripting

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...

security flaw

The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service crash via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite...

ocrshopxtr_freebie.pl.txt

!/usr/bin/perl use IO::Socket; ocrshopxtrfreebie.pl - VeNoMouS This code bypasses the OCR Shop XTR vvlicense. I was doing some ocr related stuff at work, and I didnt like how windows was limited in what it could do, so I googled and came across OCR Shop XTR, it even picked up order numbers that...

Design/Logic Flaw

Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL...

Firefox Tag Order Vulnerability

nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors involving a "particular sequence...

Firefox Tag Order Vulnerability

nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors involving a "particular sequence...

DEBIAN-CVE-2006-0749

nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors involving a "particular sequence...

CVE-2006-0905

A "programming error" in fastipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and...

CVE-2006-0905

A "programming error" in fastipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and...

CVE-2006-0905

A "programming error" in fastipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and...

CVE-2006-0905

The CVE-2006-0905 entry concerns a programming error in fast_ipsec on FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2–3 that fails to properly update the Security Association sequence number. This flaw lets remote attackers bypass sequence-number checks, enabling interception of IPSec packets...

FreeBSD-SA-06:11.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:11.ipsec Security Advisory The FreeBSD Project Topic: IPsec replay attack vulnerability Category: core Module: sysnetipsec Announced: 2006-03-22 Credits: Pawel...

ipsec -- reply attack vulnerability

Problem Description IPsec provides an anti-replay service which when enabled prevents an attacker from successfully executing a replay attack. This is done through the verification of sequence numbers. A programming error in the fastipsec4 implementation results in the sequence number associated...

FreeBSD IPSec replay attack

fastipsec implementation doesn't increment packet sequence number, allowing replay attack for captured packet...

Session fixation

gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows attackers with physical access to cause the screensaver to crash and access the session via the Ctl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome...