IBM AIX FC contains buffer overflow exploitable during session setup

Overview The FC client in IBM's AIX contains a buffer overflow that may cause a core dump in the client. Description The IBM AIX FC client allows a buffer overflow of a few bytes in the client process, which could cause intermittent core dumps during session setup. Overflowing the buffer is...

CVE-2002-0492

dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter...

CVE-2002-0492

DCShop 1.002 Beta is affected by CVE-2002-0492. The vulnerability lies in dcshop.cgi, allowing remote attackers to delete arbitrary setup files via a null character in the database parameter. Practical impact described in sources is the unauthorized deletion of setup files; no further exploit det...

DCShop Beta 1.0 - Form Manipulation

source: https://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setup by submitting attacker-supplied...

netgear.txt

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ =+ NetGear RO318 HTTP Filter Advisory =+ =+ Null Byte Security =+ =+ http://home.tampabay.rr.com/nbs/ =+ =+ don't call it a come back =+ =+ [email protected] =+...

Cisco PIX Security Notes

Cisco PIX Notes -- Introduction This is a simples paper on which i wrote down some note about "Cisco PIX Firewall" so it isn't well organized or talk specifically about a vulnerability . All test it's about THE latest pix release on this pix: Cisco Secure PIX Firewall Version 5.31 Hardware: SE442...

Дырка в ascsc (buffer overflow)

переполнение буфера при разборе аргументов командной строки. Программа не-suid в установке по-умолчанию...

CVE-2000-0381

CVE-2000-0381 affects the Gossamer Threads DBMan DBMan CGI script (db.cgi). The vulnerability arises when a non-existent database is referenced via the db parameter, allowing remote attackers to view environment variables and setup information (server information leakage). The OpenVAS NASL entrie...

Security Bulletin (MS00-042)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Patch Available for "Active Setup Download" Vulnerability Originally Posted: June 29,...

CVE-2000-0329

The CVE concerns a Microsoft ActiveX control vulnerability in the Active Setup Control that allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML email. Affected component is an ActiveX control; impact is remote code execution with partia...

PT-2000-1324 · Gossamer Threads · Gossamer Threads Dbman

Name of the Vulnerable Software and Affected Versions: Gossamer Threads DBMan version db.cgi Description: The issue allows remote attackers to view environmental variables and setup information. This is achieved by referencing a non-existing database in the db parameter. Recommendations: For...

unsigned.cab.exploit.txt

Vulnerability details and example exploit for Microsoft Active Setup control's unsigned CAB file execution vulnerability. Introduction Microsoft's Active Setup Control asctrls.ocx shipped with Internet Explorer 4 and above has a vulnerability in it as discovered by Juan Carlos Garcia Cuartango ,...

CVE-2000-0160

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft...

CVE-2000-0160

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft...

Update Rollup 3 for System Center Operations Manager 2019 (KB4594078)

Update Rollup 3 for System Center Operations Manager 2019 KB4594078 Applies to: System Center 2019 Operations Manager Introduction This article describes the new features and issues that are fixed in System Center Operations Manager 2019 Update Rollup 3. This article also contains the installatio...

KB4599861: Setup Dynamic Update for Windows 10, version 2004 and 20H2: February 2, 2021

KB4599861: Setup Dynamic Update for Windows 10, version 2004 and 20H2: February 2, 2021 Summary This update makes improvements to Setup binaries or any files that Setup uses for feature updates in Windows 10, version 2004 and 20H2. How to get this update This update is available through Windows...

CVE-2000-0329

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability...

Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution

Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4,Internet Explorer 4.1 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet...

CVE-1999-0372

The installer for BackOffice Server includes account names and passwords in a setup file reboot.ini which is not deleted...

CVE-1999-1484

Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control setupbbs.ocx allows a remote attacker to execute arbitrary commands via the methods 1 vAddNewsServer or 2 bIsNewsServerConfigured...