Page 2 of 26 results (0.020 seconds)

CVSS: 7.5EPSS: 1%CPEs: 52EXPL: 0

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. Una vulnerabilidad de cadena de formato en el módulo VFS afsacl.so en Samba versión 3.0.6 hasta 3.0.23d permite a los atacantes dependiendo del contexto ejecutar código arbitrario por medio de especificadores de cadena de formato en un nombre de archivo sobre un sistema de archivos AFS, que no se maneja apropiadamente durante la asignación ACL de Windows. • http://osvdb.org/33101 http://secunia.com/advisories/24021 http://secunia.com/advisories/24046 http://secunia.com/advisories/24060 http://secunia.com/advisories/24067 http://secunia.com/advisories/24101 http://secunia.com/advisories/24145 http://secunia.com/advisories/24151 http://securitytracker.com/id?1017588 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916 http://us1.samba.org/samba/security/CVE-2007-0454.html http://www. • CWE-134: Use of Externally-Controlled Format String •

CVSS: 5.0EPSS: 9%CPEs: 6EXPL: 1

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. • https://www.exploit-db.com/exploits/27993 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html http://secunia.com/advisories/20525 http://secunia.com/advisories/20591 http://secunia.com/advisories/20638 http://secunia.com/advisories/20791 http://secunia.com/advisories/21062 http://secunia.com/advisories/21135 http://secunia.com/advisories/21385 http://secunia.com/advisories/21701 http:&#x • CWE-476: NULL Pointer Dereference •

CVSS: 2.6EPSS: 0%CPEs: 3EXPL: 13

Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template_engine.php, and (e) delete_form.php; (2) scope parameter in (f) search.php; and (3) Container DN, (4) Machine Name, and (5) UID Number fields in (g) template_engine.php. • https://www.exploit-db.com/exploits/27718 https://www.exploit-db.com/exploits/27717 https://www.exploit-db.com/exploits/27719 https://www.exploit-db.com/exploits/27721 https://www.exploit-db.com/exploits/27722 http://pridels0.blogspot.com/2006/04/phpldapadmin-multiple-vuln.html http://secunia.com/advisories/19747 http://secunia.com/advisories/20124 http://www.debian.org/security/2006/dsa-1057 http://www.osvdb.org/24788 http://www.osvdb.org/24789 http://www&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 1.2EPSS: 0%CPEs: 25EXPL: 0

snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. • http://secunia.com/advisories/19318 http://www.debian.org/security/2006/dsa-1013 http://www.securityfocus.com/bid/17182 https://exchange.xforce.ibmcloud.com/vulnerabilities/25442 •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity. Vulnerabilidad no especificada en las funciones (1) apreq_parse_headers y (2) apreq_parse_urlencoded en Apache2::Request (Libapreq2) en versiones anteriores a 2.07 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de vectores de ataque desconocidos que resultan en complejidad computacional cuadrática. • http://secunia.com/advisories/18846 http://secunia.com/advisories/19139 http://secunia.com/advisories/19658 http://securityreason.com/securityalert/737 http://svn.apache.org/viewcvs.cgi/httpd/apreq/tags/v2_07/CHANGES?rev=376998&view=markup http://www.debian.org/security/2006/dsa-1000 http://www.gentoo.org/security/en/glsa/glsa-200604-08.xml http://www.securityfocus.com/bid/16710 http://www.vupen.com/english/advisories/2006/0645 https://exchange.xforce.ibmcloud.com/vulnera •