Design/Logic Flaw

The Event Dispatch Thread in Robocode before 1.5.1 allows remote attackers to execute arbitrary Java code by using a robot to invoke the SwingUtilities.invokeLater method...

CVE-2007-6382

The Event Dispatch Thread in Robocode before 1.5.1 allows remote attackers to execute arbitrary Java code by using a robot to invoke the SwingUtilities.invokeLater method...

CVE-2007-6382

Summary: Robocode versions before 1.5.1 are affected by an arbitrary code execution vulnerability involving the Event Dispatch Thread (EDT). According to the documents, a robot can trigger Java code execution by invoking SwingUtilities.invokeLater on the EDT. Affected product/component: Robocode ...

CVE-2007-6382

The Event Dispatch Thread in Robocode before 1.5.1 allows remote attackers to execute arbitrary Java code by using a robot to invoke the SwingUtilities.invokeLater method...

CVE-2007-6382

The Event Dispatch Thread in Robocode before 1.5.1 allows remote attackers to execute arbitrary Java code by using a robot to invoke the SwingUtilities.invokeLater method...

IBM Director fails to properly time-out connection requests from clients

Overview IBM Director Systems, specifically CIM Server, contains a denial-of-service vulnerability that can allow a remote, unauthenticated attacker to render Director inoperative. Description IBM Director is a suite of system management tools.When a rogue connection request is made to IBM Direct...

smf-sql.txt

!/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL Injection filter. I submitted a...

Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection

!/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL Injection filter. I submitted a...

Solaris 8 (x86) : 126126-01

SunOS 5.8x86: thread patch. Date this patch was last updated by Sun : Aug/29/07 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom...

Sun Solaris线程处理本地拒绝服务漏洞

BUGTRAQ ID: 25821 Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris内核中处理线程上下文中的竞争条件安全漏洞可能允许本地非特权用户导致系统忙碌，从而造成拒绝服务的情况。 可能出现一些不同类型的忙碌，因此很难迅速锁定这个漏洞，但做为示例，可对崩溃dump运行以下命令： echo "panicthread::findstack !grep kcpcfree" |mdb unix.0 vmcore.0 如果生成类似于以下的输出的话： 000002a101168a61 kcpcfree+18 就可能出现了这个漏洞。 Sun Solaris 9.0...

HP-UX Security Patch : PHKL_28267

thread perf, user limit, cumulative VM %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26387; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

HP-UX Security Patch : PHKL_27278

mmap io,VM-JFS ddlock,thread perf,user limit %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26371; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

Race condition

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service panic via unspecified vectors related to "the handling of thread contexts."...

CVE-2007-5132

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service panic via unspecified vectors related to "the handling of thread contexts."...

Solaris 8 (sparc) : 126125-01

SunOS 5.8: thread patch. Date this patch was last updated by Sun : Aug/29/07 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...

asp,PHP and. net forge HTTP-REFERER method and forgery preventing REFERER-bug warning-the black bar safety net

HTTP-REFERER this variable has been increasingly unreliable, and completely is what can be forged out of the stuff. The following is the forged method: ASP/Visual Basic code dim http set http=server. createobject"MSXML2. XMLHTTP" '//MSXML2. serverXMLHTTP also can Http. open "GET",url,false Http...

[SECURITY] Fedora 7 Update: quagga-0.99.9-1.fc7

Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Rout...

cyrus security update

CentOS Errata and Security Advisory CESA-2007:0795 An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The...

Moderate: cyrus-sasl security and bug fix update

2.1.19-14 - Related: bz250732 Fixed a conflict with an earlier test patch 2.1.19-13 - Related: bz250732 Fixed uninitialized stack variable causing segfault 2.1.19-12 - Resolves: bz250732 sasl-sample-server crashes with null realm 2.1.19-11 - Resolves: bz243910 krb5-libs are not thread-safe -...

Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities

source: https://www.securityfocus.com/bid/25258/info Systrace is prone to multiple concurrency vulnerabilities due to its implementation of system call wrappers. This problem can result in a race condition between a user thread and the kernel. Attackers can exploit these issues by replacing certa...