linksys-bypass.txt

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities

Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...

Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

Design/Logic Flaw

LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via 1 a malformed Transport header, which triggers misparsing in parsetransportheader in RTSPsetup.c, as demonstrated by a Transport header that contains only a...

CVE-2007-6619

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language...

Design/Logic Flaw

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language...

CVE-2007-6619

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language...

CVE-2007-6619

CVE-2007-6619 affects Atlassian Jira Enterprise Edition prior to 3.12.1. The Setup Wizard does not properly restrict setup attempts after completion, enabling remote actors to change the default language. The issue is described alongside related vulnerabilities in 3.12.0-era Jira (noted in Nessus...

Atlassian JIRA < 3.12.1 Multiple Vulnerabilities

Binary data 4329.prm...

MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...

MailMachine Pro 2.2.4 - SQL Injection

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Remote Sql...

SuSE 10 Security Update : rsync (ZYPP Patch Number 4798)

This update fixes a bug in rsync that allowed remote attackers to access restricted files outside a module's hierarchy if no chroot setup was used. CVE-2007-6199 Please read http://rsync.samba.org/security.html entry from November 28th, 2007 to get more information about a secure configuration of...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

hc-multi.txt

Title: Multiple Security Bugs In Hosting Controller Critical: Extremely critical Impact: Full system administrator access Vendor: Hosting Controller Version: 6.1 Hot fix = 3.3 Vendor URL: www.hostingcontroller.com Solution: N/A From company - There is temporary solution in this report Exploit:...

SERV-U 6.4 provide the right method,pass to kill SERV-U version-bug warning-the black bar safety net

Modify ftpport 2 1 Modify the newdomain behind goldsun| IPas to the right of the server's IP address| Modify the newuser behind-IP=IP address the same as aboveto the right of the IP address of the server...OK..... Provide the right...will use FTP to add a can Execute command the user..... Have a...

openssh security and bug fix update

4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 4.3p2-23 - document where the nss certificate and token dbs are looked for 4.3p2-22 - experimental support for PKCS11 tokens through libnss3 183423 4.3p2-21 - fix an information leak in Kerberos password authentication CVE-2006-505...

Ubuntu 5.10 / 6.06 LTS : gdm vulnerability (USN-293-1)

If the admin configured a gdm theme that provided an user list, any user could activate the gdm setup program by first choosing the setup option from the menu, clicking on the user list and entering his own instead of root's password. This allowed normal users to configure potentially dangerous...

DEBIAN-CVE-2007-5386

Cross-site scripting XSS vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string...