DEBIAN-CVE-2009-0601

Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...

CVE-2009-0601

Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...

[Full-disclosure] FreeBSD zeroday

FreeBSD 7.0-RELEASE telnet daemon local privilege escalation - And possible remote root code excution. There is a rather big bug in the current FreeBSD telnetd daemon. The environment is not properly sanitized when execution /bin/login, what leads to a possible remote root hole. The telnet protoc...

Code injection

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pamsetcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, a...

CVE-2009-0361

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pamsetcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, a...

CVE-2009-0361

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pamsetcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, a...

pam-krb5 KRB5CCNAME环境变量本地权限提升漏洞

BUGTRAQ ID: 33741 CVECAN ID: CVE-2009-0361 pam-krb5提供了支持认证、授权、用户票据缓存处理等功能的Kerberos v5 PAM模块。 在刷新已有的用户凭据时pam-krb5会使用PAMREINITIALIZECREDS或PAMREFRESHCREDS调用pamsetcred，因此会使用已有的KRB5CCNAME环境变量确定已有的Kerberos凭据缓存。如果setuid应用程序没有首先调用PAMESTABLISHCREDS或丢弃权限便调用了这些API的话，pam-krb5就可能覆盖KRB5CCNAME指定给攻击者的文件并更改该文件的权限...

ProFTPD Username Variable Substitution SQL Injection

Binary data 4930.prm...

CVE-2008-6027

Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...

Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability

No description provided by source. Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The problem is that the...

Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability ==================================================================== Written By Michael Brooks...

Coppermine Photo Gallery 1.4.19 - Remote File Upload

Coppermine Photo Gallery 1.4.19 - Remote File Upload Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The...

Coppermine Photo Gallery 1.4.19 - Remote File Upload

Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The problem is that the anti-registerglobals security can b...

Coppermine Photo Gallery 1.4.19 File Upload

Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The problem is that the anti-registerglobals security can b...

Stack overflow

Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via 1 a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; 2 an "HTML GI" in a start tag, which is not properly...

CVE-2009-0260

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with 1 the rename parameter or 2 the drawing parameter aka the basename variable...

CVE-2009-0247

The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting XSS, which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable...

CVE-2009-0247

The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting XSS, which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable...

CVE-2008-5916

gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a craft...

CVE-2008-5916

gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a craft...