CVE-2010-3835

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service mysqld server crash by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be...

[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities

------------------------------------------------------------------------- Debian Security Advisory DSA-2143-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 14, 2011 http://www.debian.org/security/faq -...

Stack overflow

Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable...

CVE-2010-4604

Stack-based buffer overflow in the GeneratePassword function in dsmtca aka the Trusted Communications Agent or TCA in the backup-archive client in IBM Tivoli Storage Manager TSM 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows...

Stack overflow

Stack-based buffer overflow in the GeneratePassword function in dsmtca aka the Trusted Communications Agent or TCA in the backup-archive client in IBM Tivoli Storage Manager TSM 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows...

Gitweb <=1.7.3.3 Cross Site Scripting

Exploit for cgi platform in category web applications -8 Description 8--8 Proof Of Concept 8- " -8 Credits 8- -8 Responsible Disclosure 8- 13-12-2010 Initial contact with upstream and vendor-sec 13-12-2010 Vendor Response and CVE-2010-3906 assignation 15-12-2010 Public Disclosure 0day.today...

PHP168 V6. 01/6. 0 2 elevation of privilege and storm the local path vulnerability-vulnerability warning-the black bar safety net

PHP168 whole Station is the PHP field of the current most powerful build system, The code is all open source, can be extremely convenient for secondary development, all modules can be freely installed and removed, individual users completely free to use PHPCMS V6. 0 1 There is a serious security...

gitWeb 1.7.3.3 - Cross-Site Scripting

gitWeb 1.7.3.3 - Cross-Site Scripting -8 Description 8--8 Proof Of Concept 8- " -8 Credits 8- -8 Responsible Disclosure 8- 13-12-2010 Initial contact with upstream and vendor-sec 13-12-2010 Vendor Response and CVE-2010-3906 assignation 15-12-2010 Public Disclosure...

iDefense Security Advisory 12.14.10: Microsoft Internet Explorer CSS Style Table Layout Uninitialized Memory Vulnerability

iDefense Security Advisory 12.14.10 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 14, 2010 I. BACKGROUND Internet Explorer is a graphical web browser developed by Microsoft Corp. that has been included with Microsoft Windows since 1995. For more information about Internet Explorer,...

WAP form content can be leaked to other sites

When accepting user input in form fields on a WAP page, WML requires that the input contents are remembered, and used to populate every further input sharing the same name. This should continue as long as the user continues to click links known as a WAP session, even populating similarly named...

Abtp Portal Project 0.1.0 LFI Exploit

Exploit for php platform in category web applications ===================================== Abtp Portal Project 0.1.0 LFI Exploit ===================================== !/usr/bin/perl =about ---------------------------------------------------------------------------------------------------- Name :...

CVE-2010-4170

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

DEBIAN-CVE-2010-4170

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

CVE-2010-4170

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

Design/Logic Flaw

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

CVE-2010-4170

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

CVE-2010-4170

CVE-2010-4170 affects SystemTap, where the staprun runtime does not properly sanitize the environment before invoking modprobe in version 1.3, enabling a local user to escalate privileges by setting MODPROBE_OPTIONS to point to a malicious configuration file. Public references document this issue...

CVE-2010-4170

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

Oracle Secure Backup Administration preauth variable command injection

Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...

SuSE 11 Security Update : (SAT Patch Number 2544)

This update of the Samba server package fixes the following security issues : - A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-2063 - Take extra care that a mount point of mount.cifs does not...