|
264411
|
- |
|
metasploit
|
metasploit_framework
|
The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replac…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1056
|
2011-06-20 13:00 |
2011-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264412
|
- |
|
wikkawiki
|
wikkawiki
|
The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to obtain the names, and possibly revision notes and dates, of private pages via RSS feeds.
|
CWE-200
Information Exposure
|
CVE-2007-2552
|
2011-06-16 13:00 |
2007-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264413
|
- |
|
amarok
|
amarok
|
The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain contexts, probably including construction of an unzip command line, which allows attackers to execute arbi…
|
CWE-20
Improper Input Validation
|
CVE-2006-6979
|
2011-06-16 13:00 |
2007-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264414
|
- |
|
mediawiki
|
mediawiki
|
includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypa…
|
CWE-287
Improper Authentication
|
CVE-2011-1766
|
2011-06-16 11:56 |
2011-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264415
|
- |
|
sybase
|
easerver
|
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.
|
CWE-22
Path Traversal
|
CVE-2011-2474
|
2011-06-14 13:00 |
2011-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264416
|
- |
|
sybase
|
onebridge_mobile_data_suite
|
Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote a…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2011-2475
|
2011-06-14 13:00 |
2011-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264417
|
- |
|
nlnetlabs
|
unbound
|
Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.
|
CWE-399
Resource Management Errors
|
CVE-2009-4008
|
2011-06-14 13:00 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264418
|
- |
|
ibm
|
websphere_application_server
|
The Servlet Engine and Web Container in IBM WebSphere Application Server (WAS) before 6.0.2.17, when ibm-web-ext.xmi sets fileServingEnabled to true and servlet caching is enabled, allows remote atta…
|
CWE-200
Information Exposure
|
CVE-2006-6637
|
2011-06-14 13:00 |
2006-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264419
|
- |
|
sun
|
sparc_enterprise_server
|
The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0171
|
2011-06-13 13:00 |
2009-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264420
|
- |
|
isc
|
dhcpd
|
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-ide…
|
CWE-399
Resource Management Errors
|
CVE-2006-3122
|
2011-06-13 13:00 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
