5335 matches found
CVE-2008-1111
modcgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information...
CVE-2008-1111
CVE-2008-1111 affects lighttpd 1.4.18 through the mod_cgi path. When a fork failure occurs, lighttpd may return the source code of the CGI script instead of a 500 error, potentially allowing remote attackers to obtain sensitive information (information disclosure). Connected documents indicate re...
DESlock+ <= 3.2.6 local kernel ring0 link list zero SYSTEM Exploit
Exploit for unknown platform in category local exploits ================================================================== DESlock+ DESlock+ include include include define DLMFENCIOCTL 0x0FA4204C define DLMFENCFLAG 0xC001D00D define DLKFDISKRIOCTL 0x80002008 define DLKFDISKSLOT 0x00000C5C define...
DSA-1494-1 linux-2.6 - privilege escalation
Bulletin has no description...
IPSwitch WS_FTP Server Manager / Whats Up unauthorized access
It's possible to access script files with localhostnull account without password. Scripts source code leak...
bcoosexoops-xss.txt
bcoos & E-xoops DevTracker module two variables XSS vendor url: http://www.bcoos.net Vendor url: http://www.e-xoops.com Advisore: http://lostmon.blogspot.com/2008/02/ bcoos-and-e-xoops-devtracker-module-two.html vendor notify:yes exploits available: YES bcoos and E-xoops are two content-community...
Safenet IPSecDrv.sys <= 10.4.0.12 Local kernel ring0 SYSTEM Exploit
No description provided by source. / safenet-ipsec-call.c Copyright c 2008 by [email protected] Safenet IPSecDrv.sys = 10.4.0.12 local kernel ring0 indirect call SYSTEM exploit by mu-b - Thu 03 Jan 2008 - Tested on: IPSecDrv.sys 10.4.0.12...
bloofox-multi.txt
WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! -...
Bloofox CMS SQL Injection (Authentication bypass) , Source code disclosure
WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! -...
Bloofox 0.3 (SQL/FD) Multiple Remote Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected...
Bloofox 0.3 (SQL/FD) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ==================================================== Bloofox 0.3 SQL/FD Multiple Remote Vulnerabilities ==================================================== WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilitie...
bloofox 0.3 - SQL Injection / File Disclosure
WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! -...
Debian Security Advisory DSA 1199-1 (webmin)
The remote host is missing an update to webmin announced via advisory DSA 1199-1. Several vulnerabilities have been identified in webmin, a web-based administration toolkit. CVE-2005-3912 A format string vulnerability in miniserv.pl could allow an attacker to cause a denial of service by crashing...
miniweb-multi.txt
MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a single thread, supporting GET and POS...
Debian Security Advisory DSA 169-1 (tomcat4)
The remote host is missing an update to tomcat4 announced via advisory DSA 169-1. OpenVAS Vulnerability Test $Id: deb1691.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 169-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-1064-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1064-1 (cscope)
The remote host is missing an update to cscope announced via advisory DSA 1064-1. Jason Duell discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through speciall...
Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)
The remote host is missing an update to kernel-source-2.4.17, kernel-patch-2.4.17-mips announced via advisory DSA 332-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Debian Security Advisory DSA 114-1 (gnujsp)
The remote host is missing an update to gnujsp announced via advisory DSA 114-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Miniweb 0.8.19 - Multiple Vulnerabilities
Miniweb 0.8.19 - Multiple Vulnerabilities MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients wi...