CVE-2006-2932

A regression error in the restoreall code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service panic via unspecified vectors...

security flaw

A regression error in the restoreall code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service panic via unspecified vectors...

[NT] Microsoft Internet Explorer Drag-and-Drop Redeux

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

To xp_cmdshell March-vulnerability warning-the black bar safety net

To xpcmdshell March - Using MSSQLDatastore expansion madeserviceis the management right In MSSQL having sysadmin permission to the user through the xpcmdshell stored extensions to the system permissions to execute arbitrary system commands, and therefore most of the security attention of the...

CVE-2005-2100

CVE-2005-2100 is defined in the 4GB split patch of the Linux kernel for Red Hat Enterprise Linux 4; the rw_vm function in usercopy.c lacks proper bounds checking, enabling a local attacker to cause a denial of service (crash). Publicly linked advisories (RHSA-2005:514 and CentOS/CESA-2005:514) co...

sakeru.txt

!/usr/bin/perl sakeru.pl v0.1 URL Filtering Bypass proof of concept By sinhack research labs first version Dec 23 2002 last update Jun 06 2004 Usage: 1 perl sakeru.pl 2 Configure your browser's proxy at localhost:5050 3 Have fun. Known bugs: - This proxy is not multitask, so your browser will...

CVE-2005-0090

A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service crash...

security flaw

Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls...

security flaw

split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / slash in the Host: header...

CVE-2001-0730

CVE-2001-0730 affects Apache 1.3.x by a flaw in the split-logfile support: a crafted HTTP request with a slash in the Host header can cause the server to overwrite any file ending in ".log" on the system. Affected version in public reports centers on Apache 1.3.20 with the ability to write arbitr...

NIDS Evasion Options

This plugin configures Nessus for NIDS evasion see the 'Prefs' panel. NIDS evasion options are useful if you want to determine the quality of the expensive NIDS you just bought. TCP Evasion techniques : - Split : send data one byte at a time. This confuses NIDS which do not perform stream...

CVE-2001-1033

Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state...

CVE-2001-1033

The CVE-2001-1033 entry describes a vulnerability in Compaq TruCluster 1.5 where remote attackers can trigger a denial of service by performing a port scan from a system lacking a DNS PTR record, causing the cluster to enter a split-brain state.

Apache Httpd < 1.3.22 : split-logfile can cause arbitrary log files to be written to

A vulnerability was found in the split-logfile support program. A request with a specially crafted Host: header could allow any file with a .log extension on the system to be written to...

CVE-2001-1033

Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state...

CVE-2001-0435

The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate...

CVE-2001-0435

The CVE-2001-0435 entry concerns the split key mechanism in PGP 7.0 . The root issue is that a key share holder can obtain access to the entire key by enabling the “Cache passphrase while logged on” option and then capturing the passphrases of other share holders as they authenticate. Documents s...

[wsir-01/02-03] PGP 7.0 Split Key/Cached Passphrase Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: PGP 7.0 Split Key/Cached Passphrase Vulnerability ADVISORY ID: WSIR-01/02-03 DISCOVERED BY: Patrik Birgersson, Wkit Security AB CONTACT: [email protected] CLASS: --- OBJECT: PGP Desktop Security 7.0 VENDOR: Network Associates Technology Inc...

Security update 1970-01-01

...

Security update 1970-01-01

...