5335 matches found
Linux kernel 2.0 Sendmail Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/363/info The 2.0.x kernels have a quirk in the TCP implementation that have to do with the accept call returning after only a syn has been recieved as opposed to the three way handshake having been completed. Sendmail,...
SPChat 0.8 Module Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7780/info SPChat has been reported prone to a remote file include vulnerability. The issue presents itself due to insufficient sanitization performed on the user-supplied URI variable 'statussess' by the SPChat module. It...
microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities
No description provided by source. THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed Authentication Bypass...
HP-UX 10.x stmkfont Alternate Typeface Library Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/6836/info A buffer overflow vulnerability has been reported in the stmkfont utility shipped with HP-UX systems. The problem occurs due to insufficient bounds checking on user-suplied data to the alternate typeface library...
Merak Mail Server 7.4.5 address.html Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...
Apache Tomcat 5 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19106/info Apache Tomcat is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to reveal a complete directory listing from any...
Allaire JRun 2.3 File Source Code Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1833/info Allaire JRun is a web application development suite with JSP and Java Servlets. JRun contains a vulnerability that allows a user to access documents outside of the webroot. Requesting a malformed URL using the...
VWD-CMS - CSRF Vulnerability
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ Title : VWD-CMS CSRF Vulnerability Affected Version : VWD-CMS version 2.1 Discovery : www.abysssec.com Vendor : http://www.vwd-cms.com/ Demo...
XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...
Metinfo 3.0 - Multiple Vulnerabilities
No description provided by source. Exploit Title: metinfo3.0 Mullti Vulnerability Date : 10-11-2010 Author : anT!-Tr0J4n Version : 3.0 DorK : Powered by MetInfo 3.0 Home : www.Dev-PoinT.com : http://milw0rm.ws Email : D3v-PoinTathotmaild0tcom & C1EHatHotmaild0tcom Vendor� : http://www.metinfo.cn/...
Online Rental Property Script <= 4.5 (pid) SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV91$2008 ----------------------------------------------------------------------------------------- ECHOADV91$2008 Online Rental Property Script = 4.5 pid Blind Sql Injection...
SCO Unixware 7.1 pkginstall Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are granted in...
Resin Application Server 4.0.36 Source Code Disclosure Vulnerability
No description provided by source. Resin Application Server 4.0.36 Source Code Disclosure Vulnerability Vendor: Caucho Technology, Inc. Product web page: http://www.caucho.com Affected version: Resin Professional Web And Application Server 4.0.36 Summary: Resin is the Java Application Server for...
bloofox 0.3 (sql/fd) Multiple Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote...
gdm 1.0 .x/2.0 .x BETA/2.2 .0 XDMCP Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/1233/info A buffer overrun exists in the XDMCP handling code used in 'gdm', an xdm replacement, shipped as part of the GNOME desktop. By sending a maliciously crafted XDMCP message, it is possible for a remote attacker to...
Mono XSP 1.x/2.0 Source Code Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21687/info XSP is prone to a source code information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the...
Yaws 1.5x Remote Source Code Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13981/info A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code. Information obtained in this manner may be used by the attacker to launch further attacks against a...
httpdx <= 1.4.6b source disclosure
No description provided by source. httpdx = 1.4.6b Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: httpdx.sourceforge.net/downloads/ - Description - httpdx Web Server = 1.4.6b is a Windows based HTTP server. This is the latest version of the application available. http...
NaviCOPA <= 3.0.1.2 Source Disclosure
No description provided by source. NaviCOPA Web Server = 3.0.1.2 Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: www.navicopa.com/download.html - Description - NaviCOPA Web Server = 3.0.1.2 is a Windows based HTTP server. This is the latest version of the application...
MODx 0.9.6.1 'htcmime.php' Source Code Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27096/info MODx is prone to a vulnerability that allows attackers to access source code because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...