|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 1062 CVE : CVE-2006-2881 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : admin majorsecurity de Published : 08.06.2006
Advisory Content : Please update my advisory. After posting up my advisory I have seen that 2 other php-files are also affected by this vulnerability. Input passed to the "da_path" parameter in "auth.cookie.inc.php", "auth.header.inc.php" and "auth.sessions.inc.php" is not properly verified, before it is used to include files. This can be exploited to execute arbitrary code by including files from external resources. You can see the updated advisory here: http://majorsecurity.de/advisory/major_rls8.txt Greetings, David Vieira-Kurz  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |