CVE-2007-5474

The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service device reboot or...

Akamai Technologies Security Advisory 2008-0001 (Download Manager)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------- Akamai Technologies Security Advisory 2008-0001 Akamai ID: 2008-0002 Date: 2008/04/20 Product Name: Download Manager Affected Versions: 2.2.3.6 Fixed Version: 2.2.3.7 CVE IDs: CVE-2008-1770 CVSS...

Apple QuickTime多个远程安全漏洞

BUGTRAQ ID: 28583 CVECAN ID: CVE-2008-1013,CVE-2008-1014,CVE-2008-1015,CVE-2008-1016,CVE-2008-1017,CVE-2008-1018,CVE-2008-1019,CVE-2008-1020,CVE-2008-1021,CVE-2008-1022,CVE-2008-1023 Apple QuickTime是一款非常流行的多媒体播放器。 QuickTime的7.4.5之前版本存在多个安全漏洞，允许用户通过畸形的媒体文件获得敏感信息或完全入侵用户系统。 CVE-2008-1013...

silc -- pkcs_decode buffer overflow

Core Security Technologies reports: A remote buffer overflow vulnerability found in a library used by both the SILC server and client to process packets containing cryptographic material may allow an un-authenticated client to executearbitrary code on the server with the privileges of the user...

Intel® LAN Driver Buffer Overflow Local Privilege Escalation

Summary: A software vulnerability exists in the specified PCI, PCI-X and PCIe Intel network component drivers that could allow unprivileged code executing on an affected system to perform a local privilege escalation. Description: This software vulnerability is due to a buffer overflow that could...

Macrovision Installshield isusweb.dll SEH Overwrite Exploit

No description provided by source. !-- written by e.b. Macrovision Installshield isusweb.dll SEH Overwrite Exploit Tested on Windows XP SP2fully patched English, IE6, isusweb.dll version 5.1.100.47363 Thanks to h.d.m. and the Metasploit crew -- html head...

SuSE 10 Security Update : vim and gvim (ZYPP Patch Number 4095)

This update of Vim addresses a format-string bug in 'helptags'. This bug can be exploited to execute code with the privileges of the user running Vim. CVE-2007-2953 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Citrix Presentation Server远程未授权代码执行漏洞

Citrix Presentation Server是一款集中部署应用和提供按需接入的解决方案。 Citrix Presentation Server存在一个设计问题，远程攻击者可以利用漏洞以授权用户上下文执行任意未授权代码。 如果授权用户被诱使调用ICA连接到Citrix Presentation Server，它可能被攻击者利用并以授权用户上下文执行未授权代码。 ICA连接可通过起用.ica文件或使用ICA客户端插件来调用，因此攻击者构建恶意的.ICA文件，诱使用户打开，可导致任意代码未授权执行。 测试方法 Citrix Presentation Server 4.0 Citrix...

Cross out privileges—century hotline whole Station program perfect version of the exploit-vulnerability warning-the black bar safety net

Note:this article starting in the hacker manual,. Reprint please indicate the source Cross-site although not a new technology. But in foreign countries is also very seriously. In fact, cross-site code if the structure is good, then you can do a lot of things. Not, in online shopping to a movie...

HP OpenView Storage Data Protector unauthorized code execution

No description provided...

boastmachine31-rfi.txt

AuThor:Silitoad emA!l:SilitoadathotmaildotCom HoMePaGe:http://www.Arabian-FighterZ.com Powered By Silitoad From Arabian-Fighterz Info cms:boastMachine v3.1 website:http://boastology.com download:http://boastology.com/pages/dload.php?id=bmachine-3.1.zip bug: GENERAL/COMMON FUNCTIONS includeonce...

CVE-2007-1972

PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote attackers to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNMP parameters. NOTE: the...

CVE-2007-1437

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution...

Authentication flaw

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution...

CVE-2007-1437

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution...

CVE-2007-1437

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution...

CVE-2007-1437

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution...

UltraVNC 1.0.1 - Multiple Remote Error Logging Buffer Overflow Vulnerabilities (1)

source: https://www.securityfocus.com/bid/17378/info UltraVNC is susceptible to multiple error-logging remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. A...

Milliscript 1.4 Multiple Vulnerabilities

Full PDF Advisory: http://securitynation.com/files/sndown.php?id=22 english http://securitynation.com/files/sndown.php?id=22 spanish Multiple Bugs On MilliScripts 1.4 Redirection http://www.milliscripts.at Date: 01-Diciembre-2005 Researchers: Luis Alberto Cortes Zavala, Vicente Perez 1.-Overview...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...