Lucene search
K

85 matches found

0day.today
0day.today
added 2013/10/09 12:0 a.m.271 views

davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at...

7.2CVSS0.1AI score0.01168EPSS
Exploits2
OSV
OSV
added 2011/03/02 12:0 a.m.17 views

DSA-2177-1 pywebdav - SQL injection

Bulletin has no description...

7.5CVSS6.3AI score0.01796EPSS
Exploits0
OSV
OSV
added 2010/12/02 4:22 p.m.3 views

DEBIAN-CVE-2010-4367

awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a 1 WebDAV server or 2 NFS server...

7.5CVSS7.3AI score0.27673EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2010/12/02 4:0 p.m.38 views

CVE-2010-4367

awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located on a 1 WebDAV server or 2 NFS server...

7.5CVSS7.3AI score0.27673EPSS
Exploits1
Exploit DB
Exploit DB
added 2010/09/28 12:0 a.m.38 views

Microsoft Internet Explorer - 'Winhlp32.exe' MsgBox Code Execution (MS10-023) (Metasploit)

$Id: ms10022ievbscriptwinhlp32.rb 10504 2010-09-28 16:19:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.6CVSS7AI score0.86367EPSS
Exploits7
Prion
Prion
added 2010/03/03 7:30 p.m.23 views

Design/Logic Flaw

vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a 1 local pathname, 2 UNC share pathname, or 3 WebDAV server with a...

7.6CVSS7.8AI score0.86367EPSS
Exploits7References20Affected Software1
Packet Storm
Packet Storm
added 2010/03/03 12:0 a.m.26 views

IE Winhlp32.exe MsgBox F1

$Id: iewinhlp32.rb 8688 2010-03-02 12:23:17Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2009/04/29 3:0 p.m.23 views

CVE-2009-1431

XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10....

7.4AI score0.08036EPSS
Exploits5References9
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.35 views

Gentoo Security Advisory GLSA 200405-04 (openoffice)

The remote host is missing updates announced in advisory GLSA 200405-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5.1CVSS0.6AI score0.11056EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.30 views

Gentoo Security Advisory GLSA 200405-01 (neon)

The remote host is missing updates announced in advisory GLSA 200405-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5.1CVSS0.3AI score0.11056EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.24 views

Debian Security Advisory DSA 487-1 (neon)

The remote host is missing an update to neon announced via advisory DSA 487-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.11056EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2006/09/14 2:6 p.m.35 views

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The GnuTLS Library provides support for cryptographic algorithms and protocols such as TLS...

5CVSS6.4AI score0.02427EPSS
Exploits0References2
seebug.org
seebug.org
added 2006/06/01 12:0 a.m.23 views

Bytehoard 2.1 (server.php) Remote File Include Vulnerability

No description provided by source. Script: Bytehoard 2.1 Epsilon/Delta www.bytehoard.org Discovered: beford xbefordx gmail com File: ./bytehoard/includes/webdav/server.php Vuln: Remote File Include code requireonce $bhconfig'bhfilepath'."/includes/webdav/parsepropfind.php"; /code...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/02/10 9:43 p.m.31 views

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The GNU TLS Library provides support for cryptographic algorithms and protocols such as TLS. GN...

7.5CVSS5.9AI score0.03507EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.29 views

GLSA-200405-13 : neon heap-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200405-13 neon heap-based buffer overflow Stefan Esser discovered a vulnerability in the code of the neon library : if a malicious date string is passed to the nerfc1036parse function, it can trigger a string overflow into static...

7.5CVSS6.3AI score0.05015EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.31 views

GLSA-200405-15 : cadaver heap-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200405-15 cadaver heap-based buffer overflow Stefan Esser discovered a vulnerability in the code of the neon library see GLSA 200405-13. This library is also included in cadaver. Impact : When connected to a malicious WebDAV serve...

7.5CVSS6.2AI score0.05015EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.10 views

GLSA-200406-03 : sitecopy: Multiple vulnerabilities in included libneon

The remote host is affected by the vulnerability described in GLSA-200406-03 sitecopy: Multiple vulnerabilities in included libneon Multiple format string vulnerabilities and a heap overflow vulnerability were discovered in the code of the neon library GLSA 200405-01 and 200405-13. Current versio...

6.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.21 views

GLSA-200405-25 : tla: Multiple vulnerabilities in included libneon

The remote host is affected by the vulnerability described in GLSA-200405-25 tla: Multiple vulnerabilities in included libneon Multiple format string vulnerabilities and a heap overflow vulnerability were discovered in the code of the neon library GLSA 200405-01 and 200405-13. Current versions of...

6.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.25 views

Fedora Core 2 : neon-0.24.5-2.2 (2004-130)

Stefan Esser discovered a flaw in the neon library which allows a heap buffer overflow in a date parsing routine. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using a neon-based application which us...

7.5CVSS5.6AI score0.05015EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.40 views

RHEL 3 : openoffice.org (RHSA-2004:160)

Updated OpenOffice packages that fix a vulnerability in neon exploitable by a malicious DAV server are now available. OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. OpenOffice internally uses inbuilt code from neon, an HTTP and WebDAV client...

6.8CVSS5.9AI score0.11056EPSS
Exploits0References3
Rows per page
Query Builder