Design/Logic Flaw

REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain undocumented syntax within branching logic and calculations, which allows remote authenticated users to bypass intended access restrictions via 1 the Online Designer or 2 the Data Dictionary upload, as demonstrated by an eval call...

Updated php-geshi package fix security vulnerabilities

A directory traversal and information disclosure local file inclusion flaws were found in the cssgen contrib module application to generate custom CSS files of GeSHi, a generic syntax highlighter, performed sanitization of 'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote...

Fedora Update for curl FEDORA-2013-7797

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2013-7797 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 17 Update: curl-7.24.0-9.fc17

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

UBUNTU-CVE-2013-2083

The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-data filtering via a crafted request...

Fedora Update for curl FEDORA-2013-7813

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2013-7813 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 18 Update: curl-7.27.0-9.fc18

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

[SECURITY] Fedora 19 Update: curl-7.29.0-5.fc19

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

Fedora Update for curl FEDORA-2013-5618

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2013-5618 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Crafty Syntax Live Help RFI / Path Disclosure

Exploit Title : Crafty Syntax Live Help = 2.. & 3.. RFI + Path Disclosure Date : 4/19/2013 Author : ITTIHACK Home : http://ittihack.com Vendor : http://www.craftysyntax.com Download : http://www.craftysyntax.com/craftysyntax3.4.1.zip Version : 2. and 3. , All versions Category : webapps Google do...

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input...

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure

source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to obtain sensitive...

[Hackersh] Free shell (command interpreter) written in Python

Hackersh "Hacker Shell " is a free and open source license shell command interpreter written in Python with Pythonect-like syntax, builtin security commands, and out of the box wrappers for various security tools. It is like Unix pipeline, but for processing security information and metadata rath...

RedHat Update for bind RHSA-2013:0689-01

Check for the Version of bind OpenVAS Vulnerability Test RedHat Update for bind RHSA-2013:0689-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CentOS Update for bind CESA-2013:0689 centos6

Check for the Version of bind OpenVAS Vulnerability Test CentOS Update for bind CESA-2013:0689 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for bind CESA-2013:0689 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20130328)

A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. CVE-2013-2266 Note: This update disables the syntax...

USN-1783-1: Bind vulnerability

Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. A remote attacker could use this flaw to cause Bind to consume an excessive amount of memory, possibly resulting in a denial of service. This issue was corrected by disabling RDATA regular expression syntax...

bind security update

CentOS Errata and Security Advisory CESA-2013:0689 Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...

RHEL 6 : bind (RHSA-2013:0689)

"Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...