PuTTy.exe <= v0.53 Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ class Metasploit3 'PuTTy.exe %q This module exploi...

Joomla! Component com_mygallery - cid SQL Injection

Joomla! Component commygallery - cid SQL Injection Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability becaus...

Joomla! 'com_mygallery' Component 'cid' Parameter SQL Injection Vulnerability

No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...

Joomla! Component com_mygallery - &#039;cid&#039; SQL Injection

Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied...

IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...

Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution

Added: 11/20/2009 CVE: CVE-2009-2997 BID: 36638 OSVDB: 58926 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...

IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...

Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability

No description provided by source. Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHa...

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat...

Expat 2.0.1 UTF-8 Character XML Parsing Remote DOS Vulnerability

Exploit for unknown platform in category dos / poc ============================================================================== Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability ============================================================================== Title:...

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux WS 4 RedHat...

Microsoft Word Formatted Disk Pages Table Memory Corruption (MS07-014; CVE-2006-6561)

Microsoft Word is a document authoring product released by the Microsoft Corporation. Microsoft Word is shipped with the Microsoft Office suite and also available as a standalone product. The default file extension of Word documents is .doc. There exists a memory corruption vulnerability in...

Apache Tomcat URIencoding Directory Traversal (CVE-2007-0450; CVE-2008-2938)

Apache Tomcat is an implementation of the Java Servlet and JavaServer pages technologies. The software provides the servlet container used in development and deployment of Java based web applications. Users access Tomcat applications using web browsers that communicate to the server via the HTTP...

GLSA-200910-01 : Wget: Certificate validation error

The remote host is affected by the vulnerability described in GLSA-200910-01 Wget: Certificate validation error The vendor reported that Wget does not properly handle Common Name CN fields in X.509 certificates that contain an ASCII NUL \0 character. Specifically, the processing of such fields is...

Rhino Software Serv-U FTP Server RNTO Command Directory Traversal (CVE-2008-4501)

Serv-U FTP Server is developed by Rhino Software. It is a widely-used FTP server that includes enterprise-grade features such as SSL support, ODBC and Windows NT/SAM user account management, virtual directories, compression etc. By default configuration, Serv-U FTP Server listens on 21/TCP for...

Gentoo Security Advisory GLSA 200909-06 (amule)

The remote host is missing updates announced in advisory GLSA 200909-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Oracle Database Server REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection (CVE-2009-1021)

Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. Remote authenticated attackers having Create Session privileges can exploit this vulnerability to inject and execute malicious SQL...

Apache Roller 'q' Parameter Cross Site Scripting Vulnerability

This host is running Apache Roller and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbapacherollerxssvulnaug09.nasl 4865 2016-12-28 16:16:43Z teissa $ Apache Roller 'q' Parameter Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009...

Apache Roller 2.x < 4.0.1 XSS Vulnerability

Apache Roller is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:roller...

MDPro Surveys Module SQL Injection Vulnerability

This host is installed with MDPro and is prone to SQL Injection vulnerability. OpenVAS Vulnerability Test $Id: gbmdprosqlinjvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ MDPro Surveys Module SQL Injection Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH,...