CVE-2009-0505

The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement from the CICS Application Server CICSAS after an eci response timeout, which might allow remote authenticated users to cause a denial of service forcepurge handling delay, or have unspecified other...

[SECURITY] Fedora 10 Update: sudo-1.6.9p17-5.fc10

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

kernel: enforce a minimum SG_IO timeout

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SGIO requests, which allows local users to cause a denial of service Programmed I/O mode on drives via multiple simultaneous invocations of an unspecified test program...

Wardialer

Scan for dial-up systems that are connected to modems and answer telephony indials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' Extend Object class to include savetofile and loadfromfile methods cla...

CVE-2008-5700

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SGIO requests, which allows local users to cause a denial of service Programmed I/O mode on drives via multiple simultaneous invocations of an unspecified test program...

Code injection

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SGIO requests, which allows local users to cause a denial of service Programmed I/O mode on drives via multiple simultaneous invocations of an unspecified test program...

Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit

No description provided by source. Clean CMS 1.5 fulltxt.php id Blind SQL Injection Exploit url: http://www.4yoursite.nl/scriptcleancms.php Author: JosS mail: sys-projectathotmaildotcom site: http://hack0wn.com && spanish-hackers.com team: Spanish Hackers Team - SHT This was written for education...

kernel security and bug fix update

2.6.9-78.0.8.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...

banner NSE Script

A simple banner grabber which connects to an open TCP port and prints out anything sent by the listening service within five seconds. The banner will be truncated to fit into a single line, but an extra line may be printed for every increase in the level of verbosity requested on the command line...

Fedora 9 : phpMyAdmin-3.0.1.1-1.fc9 (2008-9316)

This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...

Fedora 8 : phpMyAdmin-3.0.1.1-1.fc8 (2008-9336)

This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...

Calendars for the Web 4.02 Admin Auth Bypass Vulnerability

No description provided by source. Exploit discovered by SecVuln from http://secvuln.com Come join our clan! contact [email protected] Author == SecVuln Version == 4.02 Software == Calendars for the web by great hill corporation Calendars for the web has a vulnerability in the administration...

Calendars for the Web 4.02 - Admin Authentication Bypass

Calendars for the Web 4.02 - Admin Authentication Bypass Exploit discovered by SecVuln from http://secvuln.com Come join our clan! contact [email protected] Author == SecVuln Version == 4.02 Software == Calendars for the web by great hill corporation Calendars for the web has a vulnerability in...

Calendars for the Web 4.02 - Admin Authentication Bypass

Exploit discovered by SecVuln from http://secvuln.com Come join our clan! contact [email protected] Author == SecVuln Version == 4.02 Software == Calendars for the web by great hill corporation Calendars for the web has a vulnerability in the administration page. The page saves the past session...

Debian: Security Advisory (DSA-1638-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP iCalendar 2.24 - cookie_language Local File Inclusion Arbitrary File Upload

PHP iCalendar 2.24 - cookielanguage Local File Inclusion Arbitrary File Upload '.$lang'lcalfile'.' '.$filenumber.': '.$lang'lactionsuccess'.''; 84. el...

CVE-2008-4109

A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service connection sl...

CVE-2008-4109

A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service connection sl...

PhpWebGallery 1.3.4 Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl -W PhpWebGallery 1.3.4 Blind SQL Injection Exploit Download: http://puzzle.dl.sourceforge.net/sourceforge/phpwebgallery/phpwebgallery-1.3.4.tar.bz2 File affected: picture.php exploit written by ka0x ka0x01 at gmail dot com D.O.M Labs - Security...

DEBIAN-CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...