1273 matches found
SRT2003-04-01-1231 - Progress DLC overflows
Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems IDS, Software Security Validation, and...
Thunderstone Software Texis Crafted Request Information Disclosure
The remote installation of Texis can be abused to disclose potentially sensitive information about the remote host, such as its internal IP address and the path to various components eg, cmd.exe. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
[security bulletin] SSRT2339 (ypxfrd) and SSRT2368 (ypserv) HP Tru64 UNIX Potential Security Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY BULLETIN REVISION: 0 TITLE: SSRT2339 ypxfrd and SSRT2368 ypserv HP Tru64 UNIX Potential Security Vulnerability NOTICE: There are no restrictions for distribution of this Bulletin provided that it remains complete and intact. RELEASE DATE: 07...
[SNS Advisory No.55] Eudora 5.x for Windows Buffer Overflow Vulnerability
---------------------------------------------------------------------- SNS Advisory No.55 Eudora 5.x for Windows Buffer Overflow Vulnerability Problem first discovered: 6 Jun 2002 Published: 5 Aug 2002 ---------------------------------------------------------------------- Overview: --------- Eudo...
wp-02-0008: Apache Tomcat Cross Site Scripting
Westpoint Security Advisory Title: Apache Tomcat Cross Site Scripting Risk Rating: Low Software: Apache Tomcat v4.0.3 Platforms: WinNT, Win2k, Linux Vendor URL: jakarta.apache.org Author: Matt Moore [email protected] Date: 10th July 2002 Advisory ID: wp-02-0008 Overview: ========= Apache Tomc...
Cluestick Advisory #001
Cluestick Advisory 001 June 27, the year of our Lord 2002 Surreal "Unauthenticated remote hyper-annoying denial of service with a side of server reboot, using IManage. Netware 6.0 and NW6 SP1." OK, I may possibly ramble a bit, but is that any reason to SHUN a body? It's been 30 to 45 days, and I'...
Taskpads ActiveX Control incorrectly marked safe-for-scripting
Overview The taskpads ActiveX control included with some resource kit products circa February 1999 was incorrectly marked safe-for-scripting. Description The taskpads ActiveX control included with the Microsoft Windows 98 resource kit, the Microsoft Windows 98 resource kit sampler, and the Back...
Security Advisory: Cisco Secure Access Control Server Novell Directory Service Expired/Disabled User Authentication Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Cisco Secure Access Control Server Novell Directory Service Expired/Disabled User Authentication Vulnerability ========================================================================== Revision 1.0 For Public Release 2002 February 07...
Microsoft Windows NT PPTP DoS Vulnerability
Description A remote attacker could cause a denial of service condition in Windows NT. Submitting multiple maliciously crafted packets to the PPTP services will cause the consumption of all available system resources. Technologies Affected Microsoft Windows NT 4.0 Microsoft Windows NT Enterprise...
Security Bulletin (ASB01-02) JRun 3.0
Allaire posted the following security bulletin to their site recently. The online version can be found at: http://www.allaire.com/handlers/index.cfm?ID=19546&Method=Full ------------------------------------ Allaire Security Bulletin ASB01-02 JRun 3.0: Patch available for JRun malformed URI WEB-IN...
News Publisher CGI Vulnerability
Product: News Publisher Versions: Tested v1.05, 1.05a, 1.05b and 1.06 newest OS: Unix and Winnt Vendor: Notified Web Site: www.gwscripts.com The Problem, yet again CGI authors use nested IF statements to decide what action to take upon and incoming request. This time the problem allows ppl to add...
php-nuke bug
php-nuke bug by StarmanJones 22/08/00 Disclaimer: I am not responsible for whatever you do with the knowledge you get from reading this advisorie. I am not telling you to go and post messages on sites that use PHP-nuke. Recently there was an advisory on bugtraq about An access validation error th...
Account Manager CGI Vulnerability
Product: Account Manager Versions: ALL including LITE and PRO haven't been able to test ENTERPRISE OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: The Script allows any remote user access to the Administration Control Panel through overwriting the Admin Password...
Re[2]: mailbox parsing problem in imap-4.7c
Hello Mark, I have tested MDAs of different vendors under few OSs. All of them assume empty line to be at the end of message. Most of them comment out "From " in any "nnFrom " pattern. At least qpoper and BSD mail check for empty line under any supported OS and I never heard of any problem becaus...
Security Bulletin #00196
Sun Microsystems, Inc. Security Bulletin Bulletin Number: 00196 Date: August 07, 2000 Cross-Ref: S21SEC-004 Title: AnswerBook2 The information contained in this Security Bulletin is provided "AS IS." Sun makes no warranties of any kind whatsoever with respect to the information contained in this...
Roxen security alert: Problems with URLs containing null characters.
Roxen 2.0 up to version 2.0.68 has a vulnerability where using URLs containing null characters can gain the browser access to information he is not authorized to: Directory listings in directories with index files In normal filesystems: the sourcecode for RXML files, Pike scripts, CGIs etc...
BluePanda Vulnerability Announcement: WFTPD/WFTPD Pro 2.41 RC11
================================================================ BluePanda Vulnerability Announcement: WFTPD/WFTPD Pro 2.41 RC11 21/07/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================ Problem: If an MLST command is se...
CVE-2020-12538
...
CVE-2025-53162
CVE-2025-53162 entry is rejected/not used and does not represent an active vulnerability.
DUO-PSA-2019-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2019-001 Publication Date: 2019-04-16 Revision Date: 2019-04-16 Status: Confirmed, Fixed Document Revision: 1 Overview A Duo customer has identified an issue where Duo Authentication for Windows Logon could incorrectly enforce "failmode" followin...