A buffer overflow vulnerability exists in the way a dynamic linking library (ssinc.dll)that is shipped with Microsoft IIS 4.0/5.0 handles the files it contains. Exploiting the vulnerability, local attackers could gain local system privileges.
80719fd500d2b9d91176bd0bb701df5bd2e4fa86a32fd7e6ccc2f7e5f15285f1iDEFENSE Security Advisory 05.30.03: Passing an overly long string to the apr_psprintf() APR library function that is used by the Apache HTTP Server could cause an application to reference memory that should have already been returned to the heap allocation pool.
8f14d25b16284066d16c7efda2e0561997eb563778e85bcaa8276dd562be3cf7The Goldmine mail agent can run arbitrary code via a malicious formed HTML e-mail. It does not even run the email in the 'security zone' as does Microsoft Outlook, but passes anything that looks like HTML to be executed unrestricted directly to the default Browser, which for many is usually Internet Explorer.
1b72a78af77f5a6ac40daf2d853841dc47e50923fa1bb291243b012faeec5599Amusing addition to the vulnerability found in the Axis Network Camera HTTP server. Apparently the de-facto e-mail address for SMTP alerts is set to mail@somewhere.com and if this feature is enabled without changing the destination address, somewhere.com gets some very amusing insight as to what is being watched. Original vulnerability information is posted here.
225016262e5a5cb529003c7be0a202c691267391dccb9c88e1e937a94f4e7f81S 2 1 S E C Advisory 017 - The Vignette Content Management and Application Portal software is vulnerable to a remote attacker accessing the SQL database without authentication by modifying a cookie. Affected versions: StoryServer 4 and 5 and Vignette V/5.
71e86e2b59d1310641859df7e5da7efd9c2cdd6dcc72e7971a5e708a03dbdc31S 2 1 S E C Advisory 016 - Vignette Content Management and Application Portal software has a vulnerability that allows a remote attacker to inject a server side include that could lead to remote command execution. Affected versions include, but are not limited to, StoryServer 4 and 5 and Vignette V/5 and V/6.
6e683b01ef73501f7cca1af2773c0055d0e02e01749b77df85c5932c64cee74aThe AnalogX Proxy server suffers from a buffer overflow when handed a URL that is greater than 340 bytes in size. A specially crafted URL allows for remote execution of arbitrary code.
00acd9a86b5f532bc3c62df4b34c0948e2eab07919c6eb2747879cb3facc445dMailmax Version 5 has a buffer overflow condition in its IMAP4 server that can cause the service to stop responding and allows a remote attacker to overwrite the exception handler on the stack. Doing this could allow arbitrary code execution as the SYSTEM user.
77a4c3f55a95ea74b2243674c8580202f49806febff62a751e26591ada15dac5Atstake Security Advisory A051203-1 - The Apple AirPort XORs a password with a fixed maximum of 32 bytes against a predefined key. If a password is set to one character, a simple sniff of the 32 byte block will reveal 31 bytes of the XOR key. The final byte can be obtained by XORing the obfuscated first byte against the first character of the plaintext password.
72c9a3c6b408f1e2bd344bc4e089fb5e6fd14d01b2497ba07065546cd0280432Secunia Research Advisory - Opera browser versions 7.10 and 7.03 suffer from denial of service and possible remote code execution vulnerabilities due to incorrect handling of long filename extensions.
6813e2fb04422a621b2923b0573f448627a664e0e64d5de3ab7ba2ce8d64ae00A buffer overflow exists in the ESMTP CMailServer 4.0.2002.11.24 SMTP Service, resulting in a denial of service attack. It is possible to overwrite the exception handler on the stack allowing a system compromise with code execution running as SYSTEM.
5b6c7e29cda4b4895c96fe3a992e7e4f08e616bb0355e42816d8f3195bf180b9Secure Network Operations, Inc. Advisory SRT2003-05-08-1137: A problem appears to be created by a series of strcat(), sprintf(), and strcpy() functions in ListProc <= 8.2.09 enabling an attacker to gain root privileges through a buffer overflow.
6f50fd0f97d230ad3274da01950442528af3f72db94c34f4def4b44e8d943785Windows Media Player versions 7 and 8 are vulnerable to a directory traversal attack when skin files are downloaded from Internet. The vulnerability allows malicious users to upload an arbitrary file to an arbitrary location when a victim user views a web page.
6830f8477260f63dd614d39ad9542f854621edd6549ee5f678a0dddd09b987a6NGSSoftware Insight Security Research Advisory #NISR07052003B - SLWebMail 3 is vulnerable to various buffer overflows in many of its ISAPI DLL applications including showlogin.dll, recman.dll, admin.dll, and globallogin.dll. It is also vulnerable to arbitrary file access via ShowGodLog.dll which does not even force authentication prior to use. Physical paths can also be determined by making invalid requests to certain DLLs.
54067ee210fce9b8f593df9b701aad1f9b7f8d14e93cc22925ce3b332df7bdb6NGSSoftware Insight Security Research Advisory #NISR07052003A - SLMail 5.1.0.4420 suffers from multiple remotely exploitable buffer overflows in its SMTP engine, poppasswd and pop3 server.
f1596ac171952997d68b570e48c7d33e603793b70bb773d5a05f225bd2eec995Cisco Security Advisory: Multiple vulnerabilities have been found in the Cisco VPN 3000 Concentrator series which includes models 3005, 3015, 3030, 3060, 3080 and the Cisco VPN 3002 Hardware Client. The enabling IPSec over TCP, malformed SSH initialization packet, and malformed ICMP traffic vulnerabilities are discussed.
af88958829ec7097e77e47c07920a93812b55c63f638f0ac556a6c8a32743dc5Core Security Technologies Advisory ID: CORE-2003-0303 - Six vulnerabilities have been found in the Mirabilis ICQ Pro 2003a client that are both locally and remotely exploitable. Use of these allow for remote code execution and a denial of service.
0991a1824e78e4c8354e6a13a23e4dcb0744e6f23f88a6827fb82c4a80bcd380youbin, the utility that acts as a network version of the utility biff, has insufficient bounds checking that allows arbitrary code execution.
246db609e0835a2434298e984b43373b3bfa91bc54ee98a12910070f03a1b529
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed