Lucene search
K

2171 matches found

Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.28 views

HP-UX PHSS_29734 : s700_800 11.00 CDE Runtime Periodic Patch

s700800 11.00 CDE Runtime Periodic Patch : The remote HP-UX host is affected by multiple vulnerabilities : - Certain dtterm escape sequences have the potential to be misused. HPSBUX00309 SSRT3507 - A potential buffer overflow exists in a function called by the suid root program dtmailpr...

5.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2005/02/15 9:55 a.m.8 views

security flaw

Directory traversal vulnerability in the truepath function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences...

5CVSS6AI score0.02856EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/02/15 5:0 a.m.32 views

CVE-2004-1488

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code...

7AI score0.11919EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2005/02/15 5:0 a.m.23 views

CVE-2004-1488

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code...

5CVSS3.8AI score0.11919EPSS
Exploits1
Cvelist
Cvelist
added 2005/02/10 5:0 a.m.21 views

CVE-2005-0329

Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. dot dot sequences...

6.8AI score0.01551EPSS
Exploits0References6
securityvulns
securityvulns
added 2005/02/05 12:0 a.m.35 views

PowerDNS DNS server DoS

Random sequence of deta causes server to hang...

1.6AI score
Exploits0References1Affected Software1
OSV
OSV
added 2005/01/27 5:0 a.m.1 views

DEBIAN-CVE-2004-0916

Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. dot dot sequences in a filename...

5CVSS6.7AI score0.03588EPSS
Exploits0References1
OSV
OSV
added 2005/01/27 5:0 a.m.7 views

CVE-2004-0916

Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. dot dot sequences in a filename...

6.5AI score
Exploits0References7
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-2480

Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer...

5CVSS6.9AI score0.03028EPSS
Exploits1References3
NVD
NVD
added 2004/12/31 5:0 a.m.15 views

CVE-2004-2294

Canonicalize-before-filter error in the sendreview function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leadin...

4.3CVSS5.2AI score0.01736EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2004/11/16 12:0 a.m.3 views

PT-2004-1119 · Unarj · Unarj

Name of the Vulnerable Software and Affected Versions: unarj affected versions not specified Description: The issue is related to a directory traversal vulnerability in the -x extract command line option. This vulnerability allows remote attackers to overwrite arbitrary files by using an arj...

5CVSS6.2AI score0.02737EPSS
Exploits0References14
securityvulns
securityvulns
added 2004/09/30 12:0 a.m.25 views

ParaChat directory traversal

Directory traversal with ..5C/...

3.5AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.40 views

Debian DSA-380-1 : xfree86 - buffer overflows, denial of service

use wml::fmt::verbatim Four vulnerabilities have been discovered in XFree86. - CAN-2003-0063- xterm window title reporting escape sequence can deceive user The xterm package provides a terminal escape sequence that reports the window title by injecting it into the input buffer of the terminal...

7.5CVSS7AI score0.05427EPSS
Exploits0References6
0day.today
0day.today
added 2004/09/26 12:0 a.m.18 views

solaris/SPARC execve /bin/sh 52 bytes

Exploit for solaris/sparc platform in category shellcode ===================================== solaris/SPARC execve /bin/sh 52 bytes ===================================== //Solaris/Sparc - LSD char shellcode= "\x20\xbf\xff\xff" / bn,a / "\x20\xbf\xff\xff" / bn,a / "\x7f\xff\xff\xff" / call /...

7AI score
Exploits0
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.32 views

CVE-2003-0020

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

7.7AI score0.10872EPSS
Exploits7References38
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.15 views

CVE-2002-1385

openwebmailinit in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. dot dot sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be...

7.2AI score0.0041EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.41 views

CVE-2003-0020

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...

5CVSS6.4AI score0.10872EPSS
Exploits7
CVE
CVE
added 2004/09/01 4:0 a.m.207 views

CVE-2003-0020

CVE-2003-0020 concerns Apache HTTP Server: the product does not filter terminal escape sequences from error logs, enabling potential insertion of escape sequences into terminal emulators vulnerable to such sequences. Connected documents show multiple related CVEs affecting different Apache branch...

5CVSS7.7AI score0.10872EPSS
Exploits7References38Affected Software1
securityvulns
securityvulns
added 2004/09/01 12:0 a.m.22 views

Keene Digital Media Server directory traversal

Directory traversal with escape sequences...

3.7AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.53 views

GLSA-200405-22 : Apache 1.3: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200405-22 Apache 1.3: Multiple vulnerabilities On 64-bit big-endian platforms, modaccess does not properly parse Allow/Deny rules using IP addresses without a netmask which could result in failure to match certain IP addresses...

7.5CVSS6AI score0.11549EPSS
Exploits7References5
Rows per page
Query Builder