CVE-2006-3859

IBM Informix Dynamic Server IDS allows remote authenticated users to create and overwrite arbitrary files via the 1 LOTOFILE and 2 trltracefileset functions, and the 3 "SET DEBUG FILE" commands...

DEBIAN-CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

CVE-2006-3215

Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set...

Back-End CMS <= 0.7.2.1 (jpcache.php) Remote Include Vulnerability

No description provided by source. Federico Fazzi, [email protected] Back-end = 0.7.2.1 jpcache.php Remote command execution 08/06/2006 1:04 Bug: jpcache.php: line 40 --- $includedir = $PSL'classdir' . "/jpcache"; --- Proof of concept: Back-end have a default path pre-set on jpcache.php, and...

TIBCO Rendezvous daemon components contain a buffer overflow in the HTTP administrative interface

Overview A vulnerability in the TIBCO Rendezvous daemon components may allow a remote attacker to execute arbitrary code on an affected system. Description TIBCO Rendezvous is a distributed messaging software platform. A buffer overflow vulnerability has been discovered in the HTTP administrative...

MySQL -- SQL-injection security vulnerability

MySQL reports: An SQL-injection security hole has been found in multibyte encoding processing. An SQL-injection security hole can include a situation whereby when inserting user supplied data into a database, the user might inject his own SQL statements that the server will execute. With regards ...

DEBIAN-CVE-2006-2607

docommand.c in Vixie cron vixie-cron 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in...

CVE-2006-2516

mainfile.php in XOOPS 2.0.13.2 and earlier, when registerglobals is enabled, allows remote attackers to overwrite variables such as $xoopsOption'nocommon' and conduct directory traversal attacks or include PHP files via 1 xoopsConfiglanguage to misc.php or 2 xoopsConfigthemeset to index.php, as...

portmap 5 beta (Set/Dump) Local Denial of Service Exploit

Exploit for linux platform in category dos / poc ========================================================= portmap 5 beta Set/Dump Local Denial of Service Exploit ========================================================= ///////////////////////////////////// // portmap Set+Dump Local DoS - PoC...

DEBIAN-CVE-2006-1726

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the jsValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method...

Aztek Forum 4.0 - myadmin.php User Privilege Escalation

Aztek Forum 4.0 - myadmin.php User Privilege Escalation !/usr/bin/perl use IO::Socket; Aztek Forum 4.00 Change User Rights Remote Exploit only if the magicquote are : OFF aztekgar.pl 127.0.0.1 /aztek/ Admin Attacker +------------------------------------------------------------+ - Aztek 4.0 Give...

DEBIAN-CVE-2006-1258

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

CVE-2006-1258

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

Ubuntu 4.10 / 5.04 / 5.10 : postgresql-7.4, postgresql-8.0, postgresql vulnerability (USN-258-1)

Akio Ishida discovered that the SET SESSION AUTHORIZATION command did not properly verify the validity of its argument. An authenticated PostgreSQL user could exploit this to crash the server. However, this does not affect the official binary Ubuntu packages. The crash can only be triggered if th...

USN-258-1: PostgreSQL vulnerability

Akio Ishida discovered that the SET SESSION AUTHORIZATION command did not properly verify the validity of its argument. An authenticated PostgreSQL user could exploit this to crash the server. However, this does not affect the official binary Ubuntu packages. The crash can only be triggered if th...

PostgreSQL privilege escalation

With SET ROLE or SET SESSION AUTHORIZATION it's possible to elevate privileges to any database acccount, including superuser or cause database engine crash...

Security feature bypass

PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678...

Vulnerability in core server (CVE-2006-0553)

A bug in the handling of SET ROLE allows escalation of privileges to any other database user, including superuser. A valid login is required to exploit this vulnerability...

Vulnerability in core server (CVE-2006-0678)

A bug in the handling of SET SESSION AUTHORIZATION can cause a backend crash in Assert enabled builds. This will cause the postmaster to restart all backend, resulting in a denial of service. A valid login is required to exploit this vulnerability...