7817 matches found
Atlassian JIRA < 3.12.1 Multiple Vulnerabilities
Binary data 4329.prm...
MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...
MailMachine Pro 2.2.4 - SQL Injection
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Remote Sql...
SuSE 10 Security Update : rsync (ZYPP Patch Number 4798)
This update fixes a bug in rsync that allowed remote attackers to access restricted files outside a module's hierarchy if no chroot setup was used. CVE-2007-6199 Please read http://rsync.samba.org/security.html entry from November 28th, 2007 to get more information about a secure configuration of...
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...
hc-multi.txt
Title: Multiple Security Bugs In Hosting Controller Critical: Extremely critical Impact: Full system administrator access Vendor: Hosting Controller Version: 6.1 Hot fix = 3.3 Vendor URL: www.hostingcontroller.com Solution: N/A From company - There is temporary solution in this report Exploit:...
SERV-U 6.4 provide the right method,pass to kill SERV-U version-bug warning-the black bar safety net
Modify ftpport 2 1 Modify the newdomain behind goldsun| IPas to the right of the server's IP address| Modify the newuser behind-IP=IP address the same as aboveto the right of the IP address of the server...OK..... Provide the right...will use FTP to add a can Execute command the user..... Have a...
openssh security and bug fix update
4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 4.3p2-23 - document where the nss certificate and token dbs are looked for 4.3p2-22 - experimental support for PKCS11 tokens through libnss3 183423 4.3p2-21 - fix an information leak in Kerberos password authentication CVE-2006-505...
Ubuntu 5.10 / 6.06 LTS : gdm vulnerability (USN-293-1)
If the admin configured a gdm theme that provided an user list, any user could activate the gdm setup program by first choosing the setup option from the menu, clicking on the user list and entering his own instead of root's password. This allowed normal users to configure potentially dangerous...
DEBIAN-CVE-2007-5386
Cross-site scripting XSS vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string...
CVE-2004-2739
The setup routine setup.php in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors...
Buffer overflow
Buffer overflow in NetSupport Manager NSM Client 10.00 and 10.20, and NetSupport School Student NSS 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor...
Magic magiclink-vulnerability warning-the black bar safety net
Magic control MagicLink1. 4 remote control software Version 1.4 update 1. Using a more complex encryption algorithm, the encrypted message information. 2. You can set the Message ID to make the connection more secure,1.4the previous Server version, the message identity is set toCMJSPY2INFO 1....
CIFS signing sec= mount options don't work correctly
The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request...
Live for Speed S1/S2/Demo (.ply file) Buffer Overflow Exploit
No description provided by source. / 0day Live for speed patch x s2 /s1 and demo local .ply File buffer over flow Live for speed .ply file is a set up file,This file is shared amongst user's Who want stylish number plate's on there car's the buffer over flow happened with An overly long number...
DSA-1304 kernel-source-2.6.8 - several
Bulletin has no description...
[SECURITY] Fedora 7 Update: NetworkManager-0.6.5-3.fc7
NetworkManager attempts to keep an active network connection available at a ll times. It is intended only for the desktop use-case, and is not intended f or usage on servers. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using ...
CVE-2007-0748
Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request...