Various init related script in SuSE 9.0 are susceptible to symlink attacks.
558fe9c77b84013499f18e08a176fcedcda8445c9e6304fead1629d649ed6cc9WebCam Live and Photohost are 2 shareware programs used to share webcam streams and photo albums through the web. WebCam Live versions 2.01 and below and Photohost versions 4.0 and below are all susceptible to a denial of service attack when the Content-Length parameter is set to a negative number during a transaction.
f1e754c06a56a62a8a54d2c97ef2aec69f3c5c8cb9126843431d8d1bf463efcaThe Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. The server has an internal problem where it will accept improper HTTP requests that allow a remote attacker to view source for CGI related files.
86b6965a79475e6b076b8955dfe03320b7908780179972962671b165a32736baThe Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. A flaw exists where an attacker can get the webserver to consume all of the server's resources by using the POST method with a specific number set for the Content-Length parameter.
750d26c05ba6a4c19bb67be0988c544aa47ff4b7bd00c46f35b28f0378c6877aYaBB SE versions 1.54 and 1.53 have the functions welcome and recentTopics which are vulnerable to SQL injection because the parameter ID_MEMBER is not checked against malicious input.
95e89384d3a5e60f55043d680923bf50f3a2d727d428ca8993e211fcbfc77dda
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed