[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108530

 
 

909

 
 

85343

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 85329 Download | Alert*

Alin Rad Pop discovered that Samba contained a buffer overflow condition when processing certain responses received while acting as a client, leading to arbitrary code execution (CVE-2008-1105).

Michael Krieger and Sam Trenholme discovered a programming error in MaraDNS, a simple security-aware Domain Name Service server, which might lead to denial of service through malformed DNS packets. For the old stable distribution (sarge), this problem has been fixed in version 1.0.27-2. For the stable distribution (etch), this problem has been fixed in version 1.2.12.04-1etch2. For the unstable di ...

Two SQL injection vulnerabilities have been found in courier-authlib, the courier authentification library. The MySQL database interface used insufficient escaping mechanisms when constructing SQL statements, leading to SQL injection vulnerabilities if certain charsets are used (CVE-2008-2380). A similar issue affects the PostgreSQL database interface (CVE-2008-2667).

It was discovered that the Host Manager web application performed insufficient input sanitising, which could lead to cross-site scripting.

Several remote vulnerabilities have been discovered in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following problems: Cross site scripting was possible through a number of pages which allowed an attacker to steal sensitive session data. Code injection was possible when SquirrelMail was configured to use the map_yp_alias function to authenti ...

Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3237 It has been discovered that horde3 is prone to cross-site scripting attacks via crafted number preferences or inline MIME text parts when using text/plain as MIME type. For lenny this issue was already fixed, but a ...

Multiple vulnerabilities have been discovered in lintian, a Debian package checker. The following Common Vulnerabilities and Exposures project ids have been assigned to identify them: CVE-2009-4013: missing control files sanitation Control field names and values were not sanitised before using them in certain operations that could lead to directory traversals. Patch systems" control files were not ...

It was discovered that ajaxterm, a web-based terminal, generates weak and predictable session IDs, which might be used to hijack a session or cause a denial of service attack on a system that uses ajaxterm. For the oldstable distribution , the problem has been fixed in version 0.9-2+etch1. For the stable distribution , the problem has been fixed in version 0.10-2+lenny1. For the unstable distribut ...

A vulnerability has been found in Apache mod_fcgid. The Common Vulnerabilities and Exposures project identifies the following problem: CVE-2010-3872 A stack overflow could allow an untrusted FCGI application to cause a server crash or possibly to execute arbitrary code as the user running the web server.

Several vulnerabilities have been discovered in mimetex, a lightweight alternative to MathML. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1382 Chris Evans and Damien Miller, discovered multiple stack-based buffer overflow. An attacker could execute arbitrary code via a TeX file with long picture, circle, input tags. CVE-2009-2459 Chris Evans discove ...


Pages:      Start    7846    7847    7848    7849    7850    7851    7852    7853    7854    7855    7856    7857    7858    7859    ..   8532

© SecPod Technologies