CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool...

Java (.java / .class) Source Code Disclosure

The remote web server is hosting Java .java and/or .class files. These files may contain sensitive or proprietary information. If so, a remote attacker could use this information to mount further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

CVS contains a heap overflow in the handling of flag insertion

Overview A heap overflow vulnerability in the Concurrent Versions System CVS could allow a remote attacker to execute arbitrary code on a vulnerable system. Description CVS is a source code maintenance system that is widely used by open-source software development projects. There is a heap memory...

Dotnetnuke Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------ DOTNETNUKE MULTIPLE VULNBERABILITIES - - ------------------------------------------------------ Online URL : http://ferruh.mavituna.com/?429 1 Source Code & File Access; Severity : Highly...

GoAhead script source leak

It's possible to obtain content of .asp or cgi-bin file by adding special characters to filename...

Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure

Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure source: https://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpecte...

Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure

source: https://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpected HTTP requests it may divulge the source code of the login script. The login page is...

Whale Communications e-Gap security appliance discloses source code via HTTP TRACE Method

Overview Whale communications e-Gap security appliance is a tool to provide a secure remote web access platform. A vulnerability exists that may permit a remote attacker to gain access to the source code of the login page. Description Whale communications e-Gap security appliance version 2.5...

CVE-2003-1102

Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code...

CVE-2003-1408

Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot...

Server side scripts viewing in Goahead webserver <= 2.1.7

Luigi Auriemma Application: Goahead webserver http://12.129.4.11/webserver/webserver.htm Versions: = 2.1.7 Platforms: multiplatform Bug: source code viewing of server side script files Risk: low/medium Exploitation: easy via browser Date: 17 Dec 2003 Author: Luigi Auriemma e-mail:...

OpenBSD kernel holes ...

once again i am honored to present you a generic and robust way to own OpenBSD 2.x-3.x, enjoy ; it is quite funny to name ring 0 overflow patches as "reliability fixes". who does theo thinks he is fooling ? kiddies in his cult ? you can patch your useless/old openbsd systems by visiting;...

myPHPCalendar : Informations Disclosure, File Include

Informations : °°°°°°°°°°°°° Language : PHP Version : 10192000 Build 1 Beta Website : http://myphpcalendar.sourceforge.net/ Problems : - Informations Disclosure - File Include PHP Code/Location : °°°°°°°°°°°°°°°°°°° admin.php, contacts.php, convert-date.php : ------------------------ include...

Hummingbird CyberDOCS sets insecure permissions on script source code files

Overview Hummingbird CyberDOCS running on Microsoft Internet Information Services IIS sets insecure permissions on script source code files. A remote attacker could read the contents of unprotected files. Description Hummingbird CyberDOCS Hummingbird DM is a web-based enterprise document manageme...

ChatZilla <=v0.8.23 remote DoS vulnerability

/ m00 security advistory 003 ChatZilla =v0.8.23 remote DoS vulnerability www.m00security.org / --------------------------------- Product: ChatZilla Version: 0.8.23 and bellow OffSite: www.mozilla.org --------------------------------- Overview: ChatZilla is a popular? linux irc-client. Mozilla/5.0...

CVE-2003-0423

parsexml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter...

Advisory 02/2003: emule/xmule/lmule vulnerabilities

e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: eMule/lmule/xmule multiple remote vulnerabilities Release Date: 2003/08/17 Last Modified: 2003/08/17 Author: Stefan Esser [email protected] Application: eMule = 0.29c xmule = 1.4.3, = 1.5.6a lmule = 1.3.1 Severity: Several...

CVE-2003-0424

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space %20 or . %2e characters to an HTTP request for the script, e.g. viewbroadcast.cgi...

CVE-2003-0423

parsexml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter...

CVE-2003-0424

The CVE-2003-0424 entry affects Apple QuickTime/Darwin Streaming Server prior to 4.1.3f. The vulnerability allows an attacker to disclose script source code by appending encoded characters (%20 space or %2e dot) to an HTTP request for a script (e.g., /view_broadcast.cgi). The issue is a Script So...