PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is older than 4.4.3 / 5.1.4. Such versions may be affected by several issues, including a buffer overflow, heap corruption, and a flaw by which a variable may survive a call to 'unset'. %NASLMINLEVEL 70300 C Tenable Network...

DEBIAN-CVE-2006-4346

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...

CVE-2006-4262

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...

CVE-2006-4262

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...

[SECURITY] [DSA 1154-1] New squirrelmail packages fix information disclosure

-------------------------------------------------------------------------- Debian Security Advisory DSA 1154-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 20th, 2006 http://www.debian.org/security/faq -...

DSA-1154 squirrelmail - variable overwriting

Bulletin has no description...

Echo Security Advisory 2006.44

ECHOADV44$2006 ------------------------------------------------------------------------------ ECHOADV44$2006 PHP Simple Shop = 2.0 abspath Remote File Inclusion ------------------------------------------------------------------------------ Author : Ahmad Maulana a.k.a Matdhule Date Found : August...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

CVE-2006-4124

The CVE-2006-4124 issue affects the libXm library in LessTif

Startpage &lt;= 1.0 &#40;cfgLanguage&#41; Remote File Inclusion Vulnerability

-------------------------------------------------------------------------------------------- Startpage 1.0 cfgLanguage Remote File Inclusion -------------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/08/10 HomePage : http://www.sh3ll.ir...

Mambo Peoplebook Component 1.0 Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================ Mambo Peoplebook Component 1.0 Remote File Include Vulnerability ================================================================...

miniBloggie &lt;= 1.0 &#40;fname&#41; Remote File Inclusion Vulnerability

--------------------------------------------------------------------------------------- miniBloggie 1.0 fname Remote File Inclusion --------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/05/01 HomePage : http://www.sh3ll.ir Contact :...

Mambo Component Peoplebook 1.0 - Remote File Inclusion

Mambo Component Peoplebook 1.0 - Remote File Inclusion --------------------------------------------------------------------------- Peoplebook Mambo Component = v1.0 Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Matdhule Da...

FreeBSD : squirrelmail -- random variable overwrite vulnerability (21b7c550-2a22-11db-a6e2-000e0c2e438a)

The SquirrelMail developers report : A logged in user could overwrite random variables in compose.php, which might make it possible to read/write other users' preferences or attachments. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

CVE-2006-4019

Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users...

CVE-2006-4019

CVE-2006-4019 affects SquirrelMail up to version 1.4.7, where a dynamic variable evaluation flaw in compose.php can allow an attacker to overwrite variables used by the script and influence actions, potentially reading/writing attachments and other users’ preferences. The issue stems from unsafe ...

Mafia Moblog &lt;= 6 &#40;pathtotemplate&#41; Remote File Inclusion Vulnerability

------------------------------------------------------------------------ ------------------- Mafia Moblog pathtotemplate Remote File Inclusion ------------------------------------------------------------------------ ------------------- Author : Sh3ll Date : 2006/04/30 HomePage : http://www.sh3ll....

squirrelmail -- random variable overwrite vulnerability

The SquirrelMail developers report: A logged in user could overwrite random variables in compose.php, which might make it possible to read/write other users' preferences or attachments...