1834 matches found
Jason Hines PHPWebLog 0.4/0.5 - Remote File Inclusion
source: https://www.securityfocus.com/bid/12747/info phpWebLog is prone to remote file include vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'includeonce' function call. An attacker may leverage this issue to...
PerlDesk Language Variable - Server-Side Script Execution
PerlDesk Language Variable - Server-Side Script Execution source: https://www.securityfocus.com/bid/11160/info It is reported that PerlDesk is susceptible to a server-side script execution vulnerability. This vulnerability may be exploited to execute the contents of Perl scripts contained on the...
[slackware-security] Qt
New Qt packages are available for Slackware 9.0, 9.1, 10.0, and -current to fix security issues. Bugs in the routines that handle PNG, BMP, GIF, and JPEG images may allow an attacker to cause unauthorized code to execute when a specially crafted image file is processed. These flaws may also cause...
[slackware-security] metamail security update (SSA:2004-049-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security metamail security update SSA:2004-049-02 Metamail is a set of utilities for processing MIME mail. New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflo...
Multiple vulnerabilities in H.323 implementations
Overview A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol VoIP and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks...
MySQL 3.23.x/4.0.x Remote Exploit
No description provided by source. / Mysql 3.23.x/4.0.x remote exploit proof of concept using jmp eax bkbll bkbll cnhonker.net,bkbll tom.com 2003/09/12 compile:gcc -o mysql mysql.c -L/usr/lib/mysql -lmysqlclient DO NOT DISTRUBITED IT / include stdio.h include stdlib.h include unistd.h include...
Phorum 3.4.x - Message Form HTML Injection
Phorum 3.4.x - Message Form HTML Injection source: https://www.securityfocus.com/bid/7545/info An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a...
Phorum 3.4.x - 'Message Form' HTML Injection
source: https://www.securityfocus.com/bid/7545/info An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in Phorum. This may be done by includi...
Samba contains multiple buffer overflows
Overview Samba contains several buffer overflow vulnerabilitites. At least one of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. Description Samba is a widely used open-source implementation of Server Message Block...
NBActiveX Sure ActiveX Big Vulnerability
Lorenzo Hernandez garcia-hierro Webmaster of LORENZOHGH.COM LHGHPRODS PROGRAMACIN TIENDA ONLINE. NBActiveX Sure ActiveX New Vulnerability Dear firends, INTODUCTION This vulnerability is an important failure because the malicious code writed in NeoBook 4 can be executed out of permission and silen...
PHP source injection in phpWebSite
-------------------------------------- | PHP source injection in phpWebSite | -------------------------------------- Product Description =================== phpWebSite is written in the PHP Programming Language, making it ideal for developers to write customized plug-ins. PHP is a server side...
MyGuestbook 1.0 - Script Injection
source: https://www.securityfocus.com/bid/4651/info MyGuestbook is freely available guestbook software. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. MyGuestbook does not adequately filter script code from various fields. This may enable an attacker ...
aol4.0.DoS.txt
Date: Sat, 10 Oct 1998 19:31:59 PDT From: HIGH TIMES To: [email protected] ---------------------------------------------------------------------- The A-TEAM Presents... Date: 10/10/98 Advisory: 01 Author: JOHN BISSELL ---------------------------------------------------------------------- There...
823559: Security Update for Microsoft Windows
An identified security issue in Microsoft Windows could allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions. For example, an attacker could execute code on the system. By installing this update, you can help protect your computer. After you install...