CVE-2013-1582

The dissectclnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service infinite loop or application crash via a malformed packet...

DEBIAN-CVE-2013-1580

The dissectcmstatustlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service infinite loop via a malform...

AIX 5.3 TL 0 : nddstat (IZ17058)

The nddstat family of commands contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the commands are setuid root. The following files are vulnerable : /usr/sbin/atmstat /usr/sbin/entstat /usr/sbin/fddistat...

Web page security vulnerability detection - hidden field-vulnerability warning-the black bar safety net

Some poorly designed web site system may contain a lot of may be the use of security vulnerabilities, these security vulnerabilities as giving the remote attacker to open a backdoor, so an attacker can easily perform some malicious attack. For example, the Common Vulnerabilities and Exposures...

Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading (MS11-003) - ver 2 (CVE-2011-0038)

A code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer handles the loading of IESHIMS.DLL. A remote attacker can exploit this vulnerability by enticing a target user to save a maliciously crafted dynamic link library DLL file on...

SuSE 11.2 Security Update : libproxy (SAT Patch Number 7092)

This update for libproxy fixes a heap-based buffer overflow that could have allowed remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request. CVE-2012-4505 Additionally, it fixes parsing of the $noproxy environment...

AIX 5.2 TL 0 : lsmcode (IZ15276)

The lsmcode command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root. The following files are vulnerable : /usr/sbin/lsmcode. %NASLMINLEVEL 70300 C Tenable Network Security,...

AIX 5.3 TL 0 : iostat (IZ22350)

The iostat command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root. The following files are vulnerable : /usr/bin/iostat. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

AIX 5.3 TL 0 : lsmcode (IZ15100)

The lsmcode command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root. The following files are vulnerable : /usr/sbin/lsmcode. %NASLMINLEVEL 70300 C Tenable Network Security,...

AIX 6.1 TL 0 : iostat (IZ22349)

The iostat command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root. The following files are vulnerable : /usr/bin/iostat. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Scientific Linux Security Update : httpd on SL5.x i386/x86_64 (20130108)

Input sanitization flaws were found in the modnegotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use these flaws to conduct cross-site scripting and HTTP response splitting attacks against users...

[20130202] - Core - Information Disclosure

Undefined variable caused information disclosure in some situations...

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2013:0130 Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common...

Low: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Struts2 vulnerability analysis of the Ognl expression characteristics of the initiator of the idea-vulnerability warning-the black bar safety net

0×0 1 Summary 0×0 2 background and principles of analysis 0×0 3 example simulation and tracking 0×0 4 Summary 0×0 1 Summary: In the Ognl expression, will be the brackets“”contains the variable content as a Ognl expression execution. Ognl expressions of this characteristic, triggering a new attack...

[祝PKAV以及wooyun所有白帽子元旦快乐]anwsion缺陷大结合.

简要描述： foreach处理不当爆路径,程序设置缺陷,绕过全局变量的包含----变量覆盖 详细说明： 1.foreach处理不当爆路径 http://wenda.anwsion.com/search/ajax/searchresult/ 缺陷: searchresult AS $key = $val 代码没有检测$this-searchresult是否为空,是否没数组.... \wenda\views\default\inbox\readmessage.tpl.htm list AS $key = $val 缺陷一样. 2程序设置缺陷...

Struts2 vulnerability analysis of the Ognl expression characteristics of the initiator of new ideas-vulnerability warning-the black bar safety net

A, summary In Ognl expression, it will be in parentheses“”contains the variable content as a Ognl expression execution. Ognl expressions of this characteristic, triggering a new attack ideas. By the malicious code is stored into a variable, and then call in Ognl expressions in the function that...

PHPCMS2008 Yellow Pages module vulnerability-vulnerability warning-the black bar safety net

PHPCMS2008 Yellow Pages module vulnerability variable initialization is not strict lead to arbitrary PHP code execution PHPCMS2008 system string2array function calls eval with high-risk, in/yp/web/include/common. inc. php$menu variable initialization is not strict, the result can be injected to...

MyBB KingChat SQL Injection

Exploit Title: KingChat MyBB plugin SQL Injection 0day Google Dork: inurl:"kingchat.php" Date: 13.10.2012 Exploit Author: RedHat NullSec Software Link: http://mods.mybb.com/view/kingchat Tested on: Windows & Linux. Vulnerable code : query"SELECT FROM ".TABLEPREFIX."users WHERE...

CVE-2012-5136

Removed by vendor...