2773 matches found
Gmail Checker Plus Chrome Extension Cross Site Scripting
Gmail Checker plus Chrome extension XSS extension: https://chrome.google.com/extensions/detail/mihcahmgecmbnbcchbopgniflfhgnkff advisore:http://lostmon.blogspot.com/2010/06/gmail-checker-plus-chrome-extension-xss.html Exploit available:yes So in this case "Google Mail Checker Plus" version 1.1.7...
Xerox Workcenter 4150 - Remote Buffer Overflow (PoC)
Xerox Workcenter 4150 - Remote Buffer Overflow PoC Application: Xerox Workcenter 4150 Remote Buffer Overflow Platforms: Xerox Workcenter 4150 Discover Date: 2009-12-21 Author: Francis Provencher Protek Research Lab's Blog: http://www.Protekresearchlab.com 1 Introduction 2 Report Timeline 3...
Solaris Update for rpc.nisd 140917-02
Check for the Version of rpc.nisd OpenVAS Vulnerability Test Solaris Update for rpc.nisd 140917-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Solaris Update for /usr/lib/dcs 111332-08
Check for the Version of /usr/lib/dcs OpenVAS Vulnerability Test Solaris Update for /usr/lib/dcs 111332-08 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Solaris Update for kcms_server and kcms_configure 111400-04
Check for the Version of kcmsserver and kcmsconfigure OpenVAS Vulnerability Test Solaris Update for kcmsserver and kcmsconfigure 111400-04 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Solaris Update for sshd 140119-06
Check for the Version of sshd OpenVAS Vulnerability Test Solaris Update for sshd 140119-06 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...
Fedora 10 : kvm-74-10.fc10 (2008-11727)
---------------------------------------------------------------------- ---------- ChangeLog : - Mon Dec 22 2008 Glauber Costa - 74-10 - Fixed CVE-2008-2382. - Thu Dec 4 2008 Glauber Costa - 74-9 - Fixed bug that corrupted gnome-panel 474703 - Tue Dec 2 2008 Glauber Costa - 74-8 - Properly set fla...
CentOS Update for xpdf CESA-2008:0240 centos4 x86_64
Check for the Version of xpdf OpenVAS Vulnerability Test CentOS Update for xpdf CESA-2008:0240 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for unzip CESA-2008:0196 centos3 i386
Check for the Version of unzip OpenVAS Vulnerability Test CentOS Update for unzip CESA-2008:0196 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
TLS certificates can be used to execute arbitrary code – Opera Security Advisories
TLS certificates can be used to execute arbitrary code – Opera Security Advisories OPCOM Team | February 13, 2009 Severity Highly Severe Problem Description When connecting to a TLS-protected website, Opera parses the X.509 certificate. If a site uses a specially crafted Subject Alternative Name ...
FreeBSD-SA-09:01.lukemftpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:01.lukemftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in lukemftpd8 Category: core Module: lukemftpd Announced: 2009-01-07...
kernel security and bug fix update
kernel-2.4.21-57.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - ora 5088963: io to nfs partition hangs - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli kernel-2.4.21-57.EL -...
CA DSM gui_cm_ctrls.ocx ActiveX控件远程代码执行漏洞
BUGTRAQ ID: 28809 CVECAN ID: CVE-2008-1786 CA桌面和服务器管理(DSM)产品中包含多种应用,分别用来执行软件分发、远程控制和资产管理任务。 DSM产品所提供的guicmctrls ActiveX控件没有充分的验证函数输入,如果用户受骗访问了恶意网页的话就可能导致拒绝服务或在WEB浏览器会话中执行任意代码。 Computer Associates guicmctrls.ocx 11.2.3.1896 Computer Associates guicmctrls.ocx 11.2.2000.4 Computer Associates...
Simple Machines Forum multiple sql injection flaws with exploit code.
SMF is a very hardened php application. If anyone wants an example of some interesting PHP security SMF is a good place to look. Even after being able to injection SQL I had to take another step and bypass some difficult filters found in the dbquery function. Ultimately i was able to do so. This...
ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability
ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-041.html July 24, 2007 -- CVE ID: CVE-2007-3026 -- Affected Vendor: Panda Software -- Affected Products: Panda AdminSecure 2006 -- TippingPointTM IPS Customer Protection:...
EEYE: Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability
Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability Release Date: July 5, 2007 Date Reported: Jan 19, 2007 Severity: High Remote Code Execution Vendor: Sun Microsystems Systems Affected: Java Runtime Environment 6 Update 1, and earlier Java Runtime Environment 5 Update 11, and earlier...
SOL3277 - mod_ssl and ssl_log vulnerability VU#303448
Information about this advisory is available at the following location: F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS version 4.5.11 and 4.6.2. For instructions about downloading software from F5, refer to SOL167: Downloading software from F5. A VU303448 patch has...
CentOS 3 / 4 : gnupg (CESA-2006:0754)
Updated GnuPG packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data and creating digital signatures. Tavis Ormandy discovered a stack overwrite flaw in t...
PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit
No description provided by source. ? / Neo Security Team - Exploit made by Paisterist on 2006-10-22 http://www.neosecurityteam.net / $host="localhost"; $path="/phpnuke/"; $prefix="nuke"; $port="80"; $fp = fsockopen$host, $port, $errno, $errstr, 30; $data="query=fooaa&eid=foo'//UNION SELECT pwd as...
ackerTodo42.txt
ackerTodo 4.2 SQL Injection vendor: http://ackertodo.sourceforge.net/site2/index.html File: gadget/login.php Exploiting this issue could allow an attacker to access sensible data. Vuln code: $userlogin = trim$REQUEST'uplogin'; $userpass = trim$REQUEST'uppass'; $numtasks = trim$REQUEST'upnumtasks'...