PHP-Calendar configfile变量远程文件包含漏洞

CVECAN ID: CVE-2009-3702 php-Calendar是一款基于WEB的日历事务系统。 PHP-Calendar中存在多个绝对路径遍历漏洞，远程攻击者可以通过在提交给update08.php或update10.ph的configfile参数中的完整路径名导致包含并执行任意本地文件。以下是有漏洞的代码段： 36 elseif!empty$GET'configfile' 37 iffileexists$GET'configfile' 38 requireonce$GET'configfile'; PHP-Calendar 1.1 临时解决方法：...

SuSE Security Advisory SUSE-SA:2009:058 (java-1_6_0-sun)

The remote host is missing updates announced in advisory SUSE-SA:2009:058. OpenVAS Vulnerability Test $Id: susesa2009058.nasl 6668 2017-07-11 13:34:29Z cfischer $ Description: Auto-generated from advisory SUSE-SA:2009:058 java-160-sun Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

[security bulletin] HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01655638 Version: 1 HPSBMA02412 SSRT080040 rev.1 - WMI Mapper for HP Systems Insight Manager Running on Windows, Remote Unauthorized Access to Data, Local Unauthorized Access NOTICE: The...

TYPO3多个远程安全漏洞

BUGTRAQ ID: 33376 Typo3是开源内容管理系统（CMS）和内容管理框架（CMF）。 Typo3的实现上存在多个远程安全漏洞，可能导致用户控制Typo3或运行其上的操作系统。包括： 1. 创建弱的加密密钥 2. 认证绕过 3. 不安全的会话管理 4. 跨站脚本执行 5. 远程命令执行 TYPO3版本低于4.0.10、4.1.8、4.2.4的软件受漏洞影响。 TYPO3 TYPO3 ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://typo3.org/...

Verlihub创建不安全文件及远程代码执行漏洞

BUGTRAQ ID: 32889,32420 CVECAN ID: CVE-2008-5705,CVE-2008-5706 Verlihub是运行在Linux操作系统上的Direct Connect协议服务器。 Verlihub没有正确地过滤通过trigger机制传送给shell的用户输入，此外Verlihub守护程序还可能配置为以root用户权限运行，这就允许连接到hub的用户通过提交恶意请求执行任意命令，或允许本地攻击者通过对/tmp/trigger.tmp临时文件的符号链接攻击覆盖任意文件。以下是src/ctrigger.cpp文件的cTrigger::DoIt函数中的有漏洞代码...

[security bulletin] HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01623009 Version: 1 HPSBUX02393 SSRT080057 rev.1 - HP-UX Running DCE, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...

Microsoft IE对象处理内存破坏漏洞

Internet Explorer是微软公司开发的广为流行的网络浏览器。 IE在处理畸形格式的网页标记时存在内存对象处理错误，远程攻击者可能利用此漏洞通过精心构造恶意标记数据导致IE处理时执行攻击者指定的任意指令。 此漏洞目前被挂马攻击者积极利用来向用户系统植入恶意软件，而且微软还未发布针对此漏洞的补丁。 Microsoft Internet Explorer 7.0 临时解决方法： 如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁： 暂时不要使用IE 7浏览网页，可以使用Opera或Firefox。...

FreeBSD Ports: bugzilla, ja-bugzilla

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01502023 Version: 2 HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access NOTICE: The information in this Security Bulletin...

BigAnt IM服务器HTTP GET请求远程栈溢出漏洞

BUGTRAQ ID: 28795 BigAnt Messenger是一款可扩展的企业即时通讯平台。 BigAnt Messenger的AntServer模块（AntServer.exe）中存在栈溢出漏洞，如果向该服务的默认6080/TCP端口发送了超长HTTP GET请求的话，就可以触发这个溢出，导致执行任意指令。 华途软件 BigAnt Messenger 2.2 华途软件 -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.bigant.cn/...

Apple QuickTime多个远程安全漏洞

BUGTRAQ ID: 28583 CVECAN ID: CVE-2008-1013,CVE-2008-1014,CVE-2008-1015,CVE-2008-1016,CVE-2008-1017,CVE-2008-1018,CVE-2008-1019,CVE-2008-1020,CVE-2008-1021,CVE-2008-1022,CVE-2008-1023 Apple QuickTime是一款非常流行的多媒体播放器。 QuickTime的7.4.5之前版本存在多个安全漏洞，允许用户通过畸形的媒体文件获得敏感信息或完全入侵用户系统。 CVE-2008-1013...

Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack

Calyptix Security Advisory CX-2007-05 eSoft InstaGate EX2 Cross-Site Request Forgery Attack Date: 07/11/2007 http://www.calyptix.com/ http://labs.calyptix.com/CX-2007-05.php http://labs.calyptix.com/CX-2007-05.txt Overview Multiple versions of eSoft's InstaGate EX2 UTM device are vulnerable to...

CVE-2007-1732

Cross-site scripting XSS vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

prb-advisory-02-2007.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I - TITLE Security advisory: Arbitrary file disclosure vulnerability in php rrd browser prb II - SUMMARY Description: Arbitrary file disclosure vulnerability in php rrd browser 0.2.1 Author: Sebastian Wolfgarten sebastian at wolfgarten dot com,...

MCGalleryPRO random2.php远程文件包含漏洞

mcGalleryPRO是一款图片收藏管理程序。 mcGalleryPRO的random2.php文件没有正确过滤对pathtofolder参数的输入，允许攻击者通过包含本地或外部资源的任意文件执行PHP代码。 random2.php中有漏洞的代码如下： if !empty$SERVER extract$SERVER, EXTROVERWRITE; if !empty$GET extract$GET, EXTROVERWRITE; if !empty$POST extract$POST, EXTROVERWRITE; if !empty$COOKIE extract$COOKIE,...

Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability ===================================================================== Advisory ID: cisco-sa-20062806-ap.shtml http://www.cisco.com/warp/public/707/cisco-sa-20060628-ap.shtml...

[Full-disclosure] Directory traversal vulnerability in "Quick & Dirty PHPSource Printer" 1.0

== Vendor: Kaf Oseo == Product: http://guff.szub.net/quick-dirty-phpsource-printer/ == Version: 1.0 == Vulnerability: Filtering "../" to "" allowed use of ".../...//" to be inserted and changed to "../" allowing directory traversal. == Fix: Use the following line instead: $file = strstr$fileget,...

IPSwitch IMAP Server - LOGON Remote Stack Overflow

/ IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because of Windows SEH checks. Thats right, in this one...

[VulnWatch] High Risk Vulnerabilities in Eudora Mail Client

John Heasman of NGSSoftware has discovered multiple high risk vulnerabilities in the Windows version of Eudora. Versions affected include: Eudora 6.2.0 and below The flaws permit execution of arbitrary code via: 1 previewing or opening a specially crafted email 2 opening specially crafted...

[SA13660] PHProjekt "path_pre" Parameter Arbitrary File Inclusion Vulnerability

TITLE: PHProjekt "pathpre" Parameter Arbitrary File Inclusion Vulnerability SECUNIA ADVISORY ID: SA13660 VERIFY ADVISORY: http://secunia.com/advisories/13660/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: PHProjekt 4.x http://secunia.com/product/4346/ DESCRIPTION:...