Vulnerability in core server (CVE-2006-0553)

A bug in the handling of SET ROLE allows escalation of privileges to any other database user, including superuser. A valid login is required to exploit this vulnerability...

Vulnerability in core server (CVE-2006-0678)

A bug in the handling of SET SESSION AUTHORIZATION can cause a backend crash in Assert enabled builds. This will cause the postmaster to restart all backend, resulting in a denial of service. A valid login is required to exploit this vulnerability...

CVE-2006-0553

PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678...

security flaw

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...

postgresql81-server -- SET ROLE privilege escalation

The PostgreSQL team reports: Due to inadequate validity checking, a user could exploit the special case that SET ROLE normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example...

Citrix Program Neighborhood name buffer overflow

Added: 02/01/2006 CVE: CVE-2005-3652 BID: 15907 OSVDB: 21816 Background Citrix Presentation Server, formerly Citrix MetaFrame, allows applications to be deployed across a network to various client platforms, including Windows, Unix, Macintosh, DOS, and OS/2. The Program Neighborhood Agent running...

Ubuntu 5.10 : bogofilter vulnerability (USN-240-1)

A buffer overflow was found in bogofilter's character set conversion handling. Certain invalid UTF-8 character sequences caused an invalid memory access. By sending a specially crafted email, a remote attacker could exploit this to crash bogofilter or possibly even execute arbitrary code with...

CVE-2006-0207

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the 1 session extension aka ext/session and the 2 header function...

Design/Logic Flaw

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the 1 session extension aka ext/session and the 2 header function...

CVE-2006-0207

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the 1 session extension aka ext/session and the 2 header function...

Advisory 01/2006: PHP ext/session HTTP Response Splitting Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP ext/session HTTP Response Splitting Vulnerability Release Date: 2006/01/12 Last Modified: 2006/01/12 Author: Stefan Esser [email protected] Application: PHP5 = 5.1.1...

USN-240-1: bogofilter vulnerability

A buffer overflow was found in bogofilter's character set conversion handling. Certain invalid UTF-8 character sequences caused an invalid memory access. By sending a specially crafted email, a remote attacker could exploit this to crash bogofilter or possibly even execute arbitrary code with...

WinRAR 3.30 - Filename Local Buffer Overflow (1)

WinRAR 3.30 - Filename Local Buffer Overflow 1 / WinRAR Buffer Overflow 3.30 Exploit Bug founded by: Vredited By Alpha Programmer & Trap-Set U.H Team Exploit made by: K4P0 Contact: [email protected] / include include int mainvoid char EvilBuff1024; // Normal cmd.exe shellcode. char shellcode =...

CVE-2005-4519

Multiple SQL injection vulnerabilities in the manage user page manageuserpage.php in Mantis 1.0.0rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 prefix and 2 sort parameters to the manage user page manageuserpage.php, or 3 the sort parameter to viewallset.php...

The foolish old man document password full brute-force-vulnerability warning-the black bar safety net

Heard a story: one of the passengers seeing going onthe plane, and his tickets and passport to put in the Password box, but also how to remember out of the box password. And the passengers similarly, some friends needed to open a document, but forgotten when the beginning position of the password...

Citrix Program Neighborhood terminal client buffer overflow

Heap buffer overflow on oversized Application Set reply...

CVE-2005-3652

Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response...

MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:220 http://www.mandriva.com/security/ Package : kernel Date : November 30, 2005 Affected: 10.2 Problem Description: Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this...

CVSTrac history.c history_update function overflow

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the historyupdate function in history.c that may allow an attacker to cause a buffer overflow and execute arbitrary code on the remote system. OpenVAS has...

CVSTrac history.c history_update function overflow

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the historyupdate function in history.c that may allow an attacker to cause a buffer overflow and execute arbitrary code on the remote system...