Design/Logic Flaw

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the 1 route, 2 mv, and 3 cp programs, a different vulnerability than CVE-2010-1671...

CVE-2010-2929

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the 1 route, 2 mv, and 3 cp programs, a different vulnerability than CVE-2010-1671...

CVE-2010-2929

The CVE-2010-2929 entry identifies an untrusted search path vulnerability in hsolinkcontrol (part of hsolink 1.0.118). The underlying issue is a modified PATH environment variable that is used when executing the programs route, mv, and cp, enabling local users to gain privileges through PATH mani...

CVE-2010-2929

Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the 1 route, 2 mv, and 3 cp programs, a different vulnerability than CVE-2010-1671...

MDVA-2009:207 : tcsh

Tcsh as shipped with Mandriva Linux 2010.0 would abort on startup with the Unknown colorls variable mh. error, caused by inability to handle the MULTIHARDLINK color parameter bug 53139. This update fixes this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associate...

Mandriva Update for php MDVSA-2010:139 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2010:139 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Automatic Drive-by Download

Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...

Automatic Drive-by Download

Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...

Memory corruption

The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or...

Microsoft Office Access ActiveX Controls Remote Code Execution Vulnerabilities (982335)

This host is missing a critical security update according to Microsoft Bulletin MS10-044. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

IrcDelphi Daemon Server - Denial of Service

IrcDelphi Daemon Server - Denial of Service DCA-0010 Software - IrcDelphi Daemon Server Vendor Product Description - IRC Daemon IRCd, IRC Server coded in Delphi/Kylix using Indy components. Easy to use and light irc daemon. Bug Description - The IRC Daemon does not sanitize the variable NICK...

Фрагментированные sql инъекции

На основе PHP + MYSQL + Рассмотрим вариант проведение sql injection с использованием функций усечения строк, на примере функции substr Структура БД: Цитата: CREATE TABLE stats id int unsigned not null PRIMARY KEY AUTOINCREMENT, ip varchar16, useragent varchar255, referer varchar255; --- Скрипт: P...

cyask system background Getshell vulnerabilities-vulnerability warning-the black bar safety net

cyask will set the parameters to the write cache, the write cache when removed from the database unfiltered data directly to write the file, resulting in can get webshell Analysis: admin/settingmanage. php file: ? php adminfooter; exit; elseif$adminaction=='settingedit' ifisset$POST'editsubmit'...

openSUSE Security Update : cifs-mount (openSUSE-SU-2010:0346-1)

"This update of the Samba server package fixes security issues and bugs. Following security issues were fixed: CVE-2010-2063: A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-0787: Take extra...

SuSE9 Security Update : Samba (YOU Patch Number 12622)

This update of the Samba server package fixes the following security issue : - A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-2063 Also, the following bug has been fixed : - An uninitialized...

Fedora 12 : systemtap-1.1-1.fc12 (2010-0688)

Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...

PHP code execution vulnerability-summary-vulnerability warning-the black bar safety net

Reference from:http://php-security.org/2010/05/20/mops-submission-07-our-dynamic-php/index.html A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1....

Cross site scripting

Cross-site scripting XSS vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php...

PHPCMS 2 0 0 7 Site Management System common. inc. php page the variable overwrite vulnerability-vulnerability warning-the black bar safety net

Affected version: PHPCMS 2 0 0 7 Vulnerability description: PHPCMS is a PHP-based+Mysql architecture of the web content management system, it is an open-source PHP development platform. Phpcms uses a modular approach to the development, functional and easy to use to facilitate the expansion, for...

Sudo protection bypass

It's possible to bypass PATH variable sanitization be setting few PATH variables...