|
307991
|
- |
|
freeradius
|
freeradius
|
The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requ…
|
CWE-399
Resource Management Errors
|
CVE-2010-3697
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307992
|
- |
|
freeradius
|
freeradius
|
The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause …
|
CWE-399
Resource Management Errors
|
CVE-2010-3696
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307993
|
- |
|
apereo
|
phpcas
|
Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directo…
|
CWE-22
Path Traversal
|
CVE-2010-3692
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307994
|
- |
|
apereo
|
phpcas
|
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.
|
CWE-59
Link Following
|
CVE-2010-3691
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307995
|
- |
|
apereo
|
phpcas
|
Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3690
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307996
|
- |
|
alvaro_herrera
|
pl\/php
|
The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3781
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307997
|
- |
|
dovecot
|
dovecot
|
Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
|
NVD-CWE-Other
|
CVE-2010-3780
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307998
|
- |
|
dovecot
|
dovecot
|
Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass inten…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3779
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307999
|
- |
|
dovecot
|
dovecot
|
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3707
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308000
|
- |
|
dovecot
|
dovecot
|
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3706
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
