SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter. Date published : 2006-03-06 http://www.securityfocus.com/bid/16836 https://www.exploit-db.com/exploits/1526
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to...
RaidenHTTPD 1.1.47 allows remote attackers to obtain source code of script files, including PHP, via crafted requests involving (1) "." (dot), (2) space, and (3) "/" (slash) characters. Date published : 2006-03-06 http://www.securityfocus.com/bid/16934 http://secunia.com/secunia_research/2006-15/advisory/
OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client...
NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" (forward slash) after the file extension. Date published : 2006-03-06 http://www.securityfocus.com/bid/16895 http://www.securityfocus.com/archive/1/426461/100/0/threaded
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are...
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." Date published...
The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O). Date published : 2006-03-06 http://www.securityfocus.com/bid/16922...
Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. Date published : 2006-03-06 http://www.securityfocus.com/bid/16921 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.5
The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC...
Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a...
EMC Dantz Retrospect 7 backup client 7.0.107, and other versions before 7.0.109, and 6.5 before 6.5.138 allows remote attackers to cause a denial of service (client termination and loss of backup service) via a...
The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to...
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a...