Sending crafted packets to a 2.6 series kernel with netfilter rules matching TCP options (using the --tcp-option match) may result in a Denial of Service.
28a31023e011acd43ed42575cb7c55864db29f0f4463ce4e22d18f0616b771b0
Lotus Domino versions 6.5.1 and newer allow for a crash of the complete server when a client attempts to open up large email messages.
c863f377714ee793987ca641e89b97e2a9c985276e7df71aad4774fe8082568b
HP advisory against running Netscape on HP-UX platform.
a72a850733bc195347ebf860a972d445623600a72e9289d3018140620f0dad84
Cisco Security Advisory: Cisco Collaboration Server (CCS) versions earlier than 5.0 ship with ServletExec versions that are vulnerable to attack where unauthorized users can upload any file and gain administrative privileges.
c27435809679f62f710dbc1cabebb748075a1a39b8ec098aa8b1b57ef052d7c0
There is a remotely exploitable bug in all Linux kernel 2.6 series due to using an incorrect variable type. The vulnerability is connected to the netfilter subsystem and may cause denial of service.
6f09bd6743231d03859c045e5fc8585f6cf520ffeea8f3dd74a58d2152406393
The Prestige 650HW-31 is susceptible to a denial of service attack when supplied with an overly long password string.
a171e099b3c6f9636623d0144066db02fed88a4589c5086b44b93f9c026c5baf
Gentoo Linux Security Advisory GLSA 200406-22 - Pavuk contains a bug potentially allowing an attacker to run arbitrary code.
ebb810e4bedd7600c3a44346577c4f3e6b4e24b4a167c1ba9af18ad914c39946
There exists multiple integer overflows in routines that handle copying in user supplied data for the Linux Sbus PROM driver. They allow for a local denial of service attack and possible code execution.
d82e6c596490895e4fdf7268fb5bd8cee56764769900a142ebd3a32e518925b8
A potential vulnerability has been identified in the HP-UX ARPA Transport which could be exploited by a local user to create a Denial of Service. Impacted versions: HP-UX B.11.00, B.11.04, B.11.11.
17f663c163cc0a1b3955e0baaedcee9ff9074517b9c67194e9c1726046d3f4cb
A potential vulnerability has been identified with HP-UX running ObAM 5.0 with the WebAdmin capability enabled. This vulnerability could be exploited remotely to allow unauthorized access. Impacted version: HP-UX B.11.11 running ObAM 5.0.
a5d595e7e8db5feb1e24a0320f356a22d80058000f4edf28636fd3d517698024
A vulnerability in JUNOS can be exploited by transmitting specially-crafted IPv6 packets.
12ff91720d4131c0c520633c03bd6f056ede06b3fb7f9246677476486695d7b3
A security issue has been discovered in BEA WebLogic, potentially allowing unauthorised users to access affected web applications. Due to improper filtering of data, an asterisk may be used in a spot to allow for a random user to get loaded into a role. The issue affects WebLogic Server and WebLogic Express version 8.1 and 7.0.
7dbb3e1ef8269fddff36b4231c3c003fb8a07bf8f1ece8e1cfcd8c3cb95191b5
There is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.
a8cc5f8ac30aaea07627d9adc2917e311c049a9732c8e5df1d08b9e3855672e0
Confixx Pro 2 and 3 are susceptible to an attack where files in /root can be accessed due to an error in the backup script.
e3a9ee63cd35f3378997d12f529189f75d0e6e0f0b1e74d1c4cc326272ac4347
Two authentication errors within a verify_x509cert() function allows for malicious people to bypass security restrictions. Affected products include: superfreeswan 1.x, openswan 1.x to 2.x, strongSwan below 2.1.3, and any version of FreeS/WAN 1.x or 2.x with the X.509 patch.
253023ac78a99200fa4a578eb2c552042b67862d2e97d6c8f5ec337c052c25e6
Secunia Security Advisory - Valerie Holfield has discovered a vulnerability in phpmyfamily, which can be exploited by malicious people to gain edit privileges. It is possible to be automatically logged in as user nobody when clicking to download a document and then leaving the page. This grants the person ability to add people, change information, upload and delete documents and images.
ef0bd9a2a68bcae1d6b1b92976dc9b320fce5d68f1024b28d5795349f5c19787
An off-by-one condition exists in the POP3 handler code present in popclient 3.0b6. By crafting a malicious email a remote attacker may cause a denial of service against users of this software.
37477ee91fb39858381402adf7f0db7f0667492f2d0b8d2109a09061ffc25866
A remote exploit has been discovered in the Apache 2.0.49 HTTP server which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached.
d52c9414d2197f648b3d31a6f01f66b36cd2811cf96502d02d2519eb5d7614b1
Original research data regarding ISC DHCPD 3.0.1 rc12 and rc13 denial of service attacks.
af7361e4caaf6e24854e73423f133ae3002cdac83b977215361840b8ae51b713
csFAQ is susceptible to a path disclosure vulnerability.
e82731bb7aafdfb21d28fa46bad6977a00deffb2a4e5fb1caabc0fdedba9efaa
PowerPortal version 1.x suffers from full path disclosure, cross site scripting, and arbitrary directory browsing flaws.
c2ead58aa5b18cef122380780b1677c7bfd50ea35b5f30c403f12cce123047e2
CuteNews version 1.3.1 is susceptible to a cross site scripting flaw.
7ed2bbb81e542045e1ee215883d3871bb25403d00ee7161199bfb071268e10bd
During the client-side Windows installation of Lotus Notes, a notes: URL handler is registered in the registry. An argument injection attack allows an intruder to pass command line arguments to notes.exe, which can lead to execution of arbitrary code.
7f1d5d7fa6e4854573d335dc29ba01617e06478c0fbeabab00dc2a8338959037
The Zone-H Security Team has discovered a SQL injection flaw in Infinity WEB that allows malicious attackers to bypass the authentication mechanism without having an account.
38f4ddea3d5eb05ff4217cd5f69e210542b334b36ba152257c34449d81ff759e
artmedic_links 5, the PHP script, is susceptible to a file and URL inclusion vulnerability.
fcb5bd9d71d92305c88ad7546002bb9461b97c61d6b4476192e7c92d834817af