5148 matches found
sql injection vulnerability in WBB 2.0 RC1 and below
Hi, I discovered a serious vulnerability in Woltlab Burning Board 2.0 RC 1 and below some weeks ago. The latest version WBB 2.0 RC 2 seems not vulnerable, but there are still sites using vulnerable versiones. versions tested vulnerable WBB 2.0 RC 1 WBB 2.0 beta 5 WBB 2.0 beta 4 WBB 2.0 beta 3...
TinySSL Vendor Statement: Basic Constraints Vulnerability
TinySSL is an open source, compact 125k jar, SSLv3 client implementation written in Java 1.1+. Version 1.02 and earlier is vulnerable to the attack posted last week by Mike Benham: http://online.securityfocus.com/archive/1/286290 An updated version 1.03 has been posted which fixes this...
DSA-149 glibc - integer overflow
Bulletin has no description...
DSA-138 gallery - remote exploit
Bulletin has no description...
PT-2002-1447 · Apache · Apache +1
Name of the Vulnerable Software and Affected Versions: Apache versions 1.3 through 1.3.24 Apache versions 2.0 through 2.0.36 Description: The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes the software to...
Yahoo! Messenger contains buffer overflow in "message" field
Overview Yahoo! Messenger is an instant messaging client. There is a remotely exploitable buffer overflow vulnerability in the "message" field of Yahoo! Messenger. Description A remotely exploitable buffer overflow exists in the "message" field that may permit a remote attacker to execute arbitra...
[SECURITY] [DSA-123-1] listar buffer overflow
Package : listar Problem type : remote exploit Debian-specific: no Janusz Niewiadomski and Wojciech Purczynski reported a buffer overflow in the addressmatch of listar a listserv style mailing-list manager. This has been fixed in version 0.129a-2.potato1. wget url will fetch the file for you dpkg...
[SECURITY] [DSA-105-1] enscript creates temporary files insecurely
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-105-1 [email protected] http://www.debian.org/security/ Wichert Akkerman January 21, 2002 -...
Bounce vulnerability in SpoonFTP 1.1.0.1
The vulnerability: The FTP server is vulnerable to the FTP bounce attack, even against ports lower than 1024. Vendor Response: Pi-Soft have created a new version that among other things fix this vulnerability. Their response was very nice and quick. /Arne Vidstrom, http://ntsecurity.nu...
PT-2001-2592 · Openssh +1 · Openssh +1
Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 3.0.1 Description: The issue concerns improper user authentication when Kerberos V is enabled. This could potentially allow remote attackers to login without being challenged. Recommendations: For versions prior to...
Advanced Poll does not adequately authenticate users
Overview Advanced Poll is a polling system written in PHP for use on web sites. When a flat file database is used, Advanced Poll does not adequately authenticate users, thereby allowing any user to gain Advanced Poll administrative privileges. Description On versions of Advanced Poll older than...
[SECURITY] [DSA-094-1] mailman cross-site scripting problem
Package : mailman Problem type : cross-site scripting hole Debian-specific: no Barry A. Warsaw reported several cross-site scripting security holes in Mailman, due to non-existent escaping of CGI variables. These have been fixed upstream in version 2.0.8, and the relevant patches have been...
Interactive Story story.pl next Parameter Traversal Arbitrary File Access
By requesting : GET /cgi-bin/story.pl?next=../../../filetoread%00 An attacker may use this flaw to read arbitrary files on this server. %NASLMINLEVEL 70300 This script was written by Georges Dagousset See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title 1/13/2009 ...
[SECURITY] [DSA 084-1] New gftp packages won't display the password
-------------------------------------------------------------------------- Debian Security Advisory DSA 084-1 [email protected] http://www.debian.org/security/ Martin Schulze October 18th, 2001 - -------------------------------------------------------------------------- Package : gftp...
[SECURITY] [DSA-061-1] multiple gnupg problems
Package : gnupg Problem type : printf format attack web of trust pollution Debian-specific: no The version of GnuPG GNU Privacy Guard, an OpenPGP implementation as distributed in Debian GNU/Linux 2.2 suffers from two problems: fish stiqz reported on bugtraq that there was a printf format problem ...
More Icecast remote vulnerabilities
Following the announcement yesterday about buffer overflow vulnerabilities in Icecast, Andreas Hasenack [email protected] identified several more likely buffer overflow vulnerabilities. Matt Messier [email protected] took a look, and determined that at least some of them are definitely...
Sudo version 1.6.3p6 now available
Sudo version 1.6.3p6 is now available ftp sites listed at the end. This fixes a buffer overflow in sudo which is a potential security problem. I don't know of any exploits that currently exist but I suggest that you upgrade none the less. Sudo has a good track record wrt secure coding, but this o...
Vulnerability in Soft Lite ServerWorx
----- Begin Hush Signed Message from [email protected] ----- Vulnerability in Soft Lite ServerWorx Overview Soft Lite ServerWorx v3.00 is a web server available from http://www.zdnet.com and http://www.softlite.net. A vulnerability exists which allows a remote user to break out of the web roo...
Security Advisory: Subscribe Me Lite 1.0 - 2.0 Unix or 1.0 - 2.0 NT and below.
note : This is not apparent in the commercial versions, tested on three different versions the author was notified and appropriate changes have since been made. product page - http://www.cgiscriptcenter.com/subscribe/index2.html vendor notice - Security Advisory: Users of Subscribe Me Lite 1.0 -...
[SECURITY] [DSA-002-1] fsh symlink attack
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-002-1 [email protected] http://www.debian.org/security/ Wichert Akkerman November 30, 2000 -...