[SECURITY] Fedora 11 Update: maildrop-2.4.0-12.fc11

maildrop is the mail filter/mail delivery agent that's used by the Courier Mail Server. This is a standalone build of the maildrop mail filter that can be used with other mail servers. maildrop is a replacement for your local mail delivery agent. maildrop reads a mail message from standard input,...

[SECURITY] Fedora 12 Update: maildrop-2.4.0-12.fc12

maildrop is the mail filter/mail delivery agent that's used by the Courier Mail Server. This is a standalone build of the maildrop mail filter that can be used with other mail servers. maildrop is a replacement for your local mail delivery agent. maildrop reads a mail message from standard input,...

[SECURITY] Fedora 12 Update: dokuwiki-0-0.4.20091225.c.fc12

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

Fedora Core 11 FEDORA-2009-12575 (cacti)

The remote host is missing an update to cacti announced via advisory FEDORA-2009-12575. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Design/Logic Flaw

Microsoft Internet Information Services IIS, when used in conjunction with unspecified third-party upload applications, allows remote attackers to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : colon and a safe extension, as demonstrate...

CVE-2009-4445

Microsoft IIS, when used with unspecified third‑party upload applications, is vulnerable to remote file creation via a filename containing an initial extension, a colon, and a safe extension. For example, uploading a file named ".asp:.jpg" can result in an empty ".asp" file being created, related...

Fedora 11 : cacti-0.8.7e-3.fc11 (2009-12575)

This fix contains several official patches from cacti: Command Line Add Graphs Syntax SNMP Invalid Responses Template Import/Export Duplication Cross-Site Scripting Fixes http://www.cacti.net/downloadpatches.php Note that Tenable Network Security has extracted the preceding description block...

[SECURITY] Fedora 11 Update: monodevelop-2.0-8.fc11

This package provides MonoDevelop, a full-featured IDE for Mono with syntax colouring, code completion, debugging, project management and support for C sharp, Visual Basic.NET, Java, Boo, Nemerle and MSIL...

Billwerx RC 3.1 XSS / SQL Injection

Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the context of the admin's browser. If the user...

Billwerx RC v3.1 Multiple Vulnerabilities

No description provided by source. Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the context o...

Billwerx RC 3.1 - Multiple Vulnerabilities

Billwerx RC 3.1 - Multiple Vulnerabilities Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the...

Billwerx RC 3.1 - Multiple Vulnerabilities

Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the context of the admin's browser. If the user...

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

MDVA-2009:235 : freeradius

The cron files included in freeradius-web package were syntactically invalid, by lacking mention of the user expected to run the task. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Networ...

Clientless SSL VPN products break web browser domain-based security models

Overview Clientless SSL VPN products from multiple vendors operate in a way that breaks fundamental browser security mechanisms. An attacker could use these devices to bypass authentication or conduct other web-based attacks. Description Web browsers enforce the same origin policy to prevent one...

google hacking advanced applications-vulnerability warning-the black bar safety net

Commonly used google keyword: foo1 foo2 which is associated, such as search xx company xx beauty operator:foo filetype:1 2 3 Type site:foo.com relatively straightforward to see the website more interesting, you can get many unexpected information intext:foo intitle: fooltitle title Oh allinurl:fo...

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

[SECURITY] Fedora 11 Update: monodevelop-2.0-6.fc11

This package provides MonoDevelop, a full-featured IDE for Mono with syntax colouring, code completion, debugging, project management and support for C sharp, Visual Basic.NET, Java, Boo, Nemerle and MSIL...