cURL 6.1 - 7.4 - Remote Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1804/info Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 and FreeBSD prior to 4.2 release. Note that cURL...

Crafty Syntax Live Help 2.9.9 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20711/info Crafty Syntax Live Help is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

Crafty Syntax Image Gallery <= 3.1g Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your option any later version. This...

Crafty Syntax Live Help 2.14.6 'livehelp_js.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30543/info Crafty Syntax Live Help CSLH is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script...

All4WWW-HomePageCreator 1.0 Index.PHP Arbitrary Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13169/info All4WWW-Homepagecreator is affected by an arbitrary remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an 'include'...

Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution

No description provided by source. ============================================================ Wordpress Plugin WP-Syntax = 0.9.1 Remote Command Execution ============================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /...

PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)

No description provided by source. !/usr/bin/perl 0day exploit for PHP-nuke =8.0 Final Blind sql injection attack in INSERT syntax version for mysql = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke =8.0 Final Sql injection attack in...

Exim 3.x Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax...

mystats (hits.php) Multiple Vulnerabilities exploit

No description provided by source. myStats hits.php Multiple Remote Vulnerabilities Exploit url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk...

Crafty Syntax Live Help <= 2.14.6 (department) SQL Injection Vuln

No description provided by source. Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online...

Xine 0.9.x And Xine-Lib 1 Multiple Remote File Overwrite Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10193/info It has been reported that the xine media player and the xine media library are affected by multiple remote file overwrite vulnerabilities. This is due to a design error that allows various media resource file...

ZeroCMS 1.0 SQL Injection Vulnerability

ZeroCMS version 1.0 suffers from a remote SQL injection vulnerability. ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 -...

openSUSE Security Update : fail2ban (openSUSE-SU-2014:0348-1)

The fail2ban tool was updated to version 0.8.12 to fix various security issues and also brings bugfixes and features. Security issues fixed: A remote unauthenticated attacker may cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services...

openSUSE Security Update : nss-201112 (openSUSE-SU-2012:0030-1) (BEAST)

The Mozilla NSS libraries were updated to version 3.13.1 to fix various bugs and security problems. Following security issues were fixed : - SSL 2.0 is disabled by default - A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong CVE-2011-3389 is...

openSUSE Security Update : icinga (openSUSE-SU-2014:0069-1)

imported upstream version 1.10.2 - includes fix for possible denial of service in CGI executables: CVE-2013-7108 bnc856837 - core: Add an Icinga syntax plugin for Vim 4150 - LE/MF - core: Document dropped options logexternalcommandsuser and eventprofilingenabled 4957 - BA - core: type in spec...

openSUSE Security Update : mozilla-js192 (mozilla-js192-5749)

mozilla xulrunner was updated to 1.9.2.26 security update, fixing security issues and bugs. Following security bugs were fixed : MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these...

openSUSE Security Update : openssl (openSUSE-SU-2012:0547-1)

The implementation of Cryptographic Message Syntax CMS and PKCS 7 in OpenSSL was vulnerable to a Million Message Attack MMA adaptive chosen ciphertext attack CVE-2012-0884. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

CentOS Update for libtasn1 CESA-2014:0596 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 20 Update: libtasn1-3.6-1.fc20

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

Fedora Update for fish FEDORA-2014-5783

Check for the Version of fish OpenVAS Vulnerability Test Fedora Update for fish FEDORA-2014-5783 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...