Message Board / Threaded Discussion Forum SQL INJECTION

A R I A - S E C U R I T Y Message Board / Threaded Discussion Forum SQL INJECTION Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...

Guidance Software response to iSEC report on EnCase

Guidance Software Response to iSEC Report Guidance Software received and reviewed the report drafted by two presenters at the upcoming Black Hat USA conference. We have also spoken to Alex Stamos, one of the testing leaders. The report authors disclose that they conducted, over a period of six...

httpd mod_cache segfault

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

Design/Logic Flaw

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

DEBIAN-CVE-2007-1863

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

httpd mod_cache segfault

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

httpd mod_cache segfault

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

Tracing execution of a threaded executable causes kernel BUG report

The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service system hang related to "MT exec + utraceattach spin failure mode," as demonstrated by ptrace-thrash.c...

CVE-2006-4155

Unspecified vulnerability in functopicthreaded.php aka threaded view mode in Invision Power Board IPB before 2.1.7 21013.60810.s allows remote attackers to "access posts outside the topic."...

CVE-2006-4155

CVE-2006-4155 affects Invision Power Board (IPB) prior to 2.1.7. The vulnerability is in func_topic_threaded.php (threaded view mode) and allows remote attackers to access posts outside the topic. The available references describe the issue as an unspecified vulnerability with network exposure (b...

panic-reloaded - TCP Denial of Service Tool

/ ----------------------------------------------------------------------------- / \ / / / / / / / / / / / / / / / / / // / / // / / / / // // // / / / / / / // // ,/ ,/ // / Security Community ----------------------------------------------------------------------------- Software for...

FreeBSD : perl -- vulnerabilities in PERLIO_DEBUG handling (a5eb760a-753c-11d9-a36f-000a95bc6fae)

Kevin Finisterre discovered bugs in perl's I/O debug support : - The environmental variable PERLIODEBUG is honored even by the set-user-ID perl command usually named sperl or suidperl. As a result, a local attacker may be able to gain elevated privileges. CVE-2005-0155 - A buffer overflow may occ...

Stream / Raped Denial of Service Attack (win version)

Exploit for multiple platform in category dos / poc ===================================================== Stream / Raped Denial of Service Attack win version ===================================================== / Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded...

Stream / Raped Denial of Service Attack (win version)

No description provided by source. / Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded program! MSVC++ compile with /MT. Remember: This program requires raw socket support! You can't use it on Windows XP SP2 and if you've done MS05-019 update you'll have to re-enabl...

CVE-2005-1125

Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the libsafedie function call is completed...

CVE-2005-1125

Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the libsafedie function call is completed...

CVE-2005-1108

The ijuntrustedurl function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request...

DSA-719-1 prozilla - format string problems

Bulletin has no description...

CVE-2005-1108

The ijuntrustedurl function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request...