CERT Advisory CA-2003-22 - Microsoft Internet Explorer contains multiple vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. Versions affected are 5.01, 5.50, and 6.01.
d1c51f0ed560fc53ab28a84f686194993fb73c72aed18f2d752fd2c3faec416dFreeBSD Security Advisory FreeBSD-SA-03:11.sendmail - Some versions of sendmail (8.12.0 through 8.12.8) contain a programming error in the code that implements DNS maps. A malformed DNS reply packet may cause sendmail to crash its child process and may lead to further possible exploitation.
7f9899383fadb7f77206e97c56d7e465f51be51c5a9e5de02316b0f5c5ded77eSGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.
f599f483c03b2a7dbaa048e9abd60ad17327c2a14fc6add6523e23542a45abb1Helix Universal Server 9 and earlier versions (RealSystem Server 8, 7 and RealServer G2) are vulnerable to a root exploit when certain types of character strings appear in large numbers within URLs destined for the Server's protocol parsers.
2dbb8dceb018ef54a3e9f64fe191da489067b6b3aa66be81d8e731a9d1ec9d48Secure Network Operations, Inc. Advisory SRT2003-08-22-104 - widz, the 802.11 wireless IDS system version 1.5 and below, makes use of untrusted input with a system call. If this utility were to be used in a production environment with any non-root users on the system, they would be able to easily escalate their privileges to root.
0a5bd8db53063144a11c8d343d4ad593cd07df746dc5dac63023d1b8f5b20b2beEye Advisory - There is a flaw in Microsoft's primary contribution to HTML, the Object tag, which is used to embed almost all ActiveX into HTML pages. The parameter that specifies the remote location of data for objects is not checked to validate the nature of the file being loaded, and therefore trojan executables may be run from within a web page as silently and as easily as Internet Explorer parses image files or any other safe HTML content. Version affected: Microsoft Internet Explorer 5.01, 5.5, 6.0, and 6.0 for Windows Server 2003.
dd79f9814eb5b13d2de07d11deb7d6f23493a7bf6e0bf540ffc5293f0568e45cSecure Network Operations, Inc. Advisory SRT2003-08-11-072 - ViRobot 2.0, the Linux-based antivirus solution, has multitudes of suids that are vulnerable to abuse.
b0f7f0118ddf986cbff764a044a771d9d65a93d009a0b5c98382c9be43058a9bA cross site scripting vulnerability was found in the 1.3.x and below versions of the NewBB PHP forum.
00d96f7169f7641a97347e52b62e2660900b9502f3e7ee0e9f0830b0edd7b6c5Mapquest.com suffers from a cross site scripting vulnerability due to limited bounds checking.
ea94e58e0a0722208813acd950ff9cb083bb6fd92c16e590df7b75b0288efd5eCERT Advisory CA-2003-21 - The systems housing the primary FTP servers for the GNU software project were compromised. Valid hostnames for this machine were gnuftp.gnu.org, ftp.gnu.org, and alpha.gnu.org. The compromise took place in March of 2003 and it is possible that malicious code may have been injected into various software distributed from this server.
d7df7a407fea77a7763785762a75814d0d1ba7380567a8719be1d0cb89bb54f2SGI Security Advisory 20030801-01-P - It is possible to create a Denial of Service attack on the IRIX nfsd through the use of carefully crafted packets which cause XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit.
c8555a9a5b384e2c2b2c17225b0c097f292cea81bae358a367064a71388393f1FreeBSD Security Advisory FreeBSD-SA-03:09.signal - Systems with the device driver spigot added into the kernel configuration are susceptible to a denial of service attack due to improper validation of signal numbers.
c87f33e96c8be65778ca953502578c8425ff00101734e66ee8d4c460da100569The D-Link 704p router with firmware version 2.70 is susceptible to multiple denial of service attacks via excessively populated URLs.
259dfe21c118eba6461f050b76150dcde4b4c110bda548460ad171c05429eaeaCERT Advisory CA-2003-20 - CERT announces that the exploitation of the RPC/DCOM vulnerability on Windows has now taken the form of a worm known as the W32/Blaster worm. This worm retrieves a binary that is then used to launch further attacks and is poised to launch a denial of service against windowsupdate.com.
d0e25a4a85c54bd50ad5e142ccb2f76e9828730a435bc2804f3ba2ff79e33d2aVBulletin version 3.0 Beta 2 is susceptible to a cross site scripting vulnerability in its new member page (register.php).
82b507f123b10ff88ea31cb0f462ee386a7460f3528905be6623a60bcc1ae7b8Information regarding one variant of the Microsoft Windows DCOM worm that is circulating around the Internet.
59735ded0ae61947b297bce4cc8893aacbe08a99ba65ee013fdc60b7b6f1617cFreeBSD Security Advisory FreeBSD-SA-03:10.ibcs2 - The iBCS2 system call translator for statfs(2) erroneously used the user-supplied length parameter when copying a kernel data structure into userland. If the length parameter were larger than required, then instead of copying only the statfs-related data structure, additional kernel memory would also be made available to the user. If iBCS2 support were enabled, a malicious user could call the iBCS2 version of statfs(2) with an arbitrarily large length parameter, causing the kernel to return a large portion of kernel memory.
2c9b5bbe17a8ffdc72ab9be9c1de622434f5b2edb34fe8252dc32db8f6d8db6dAtstake Security Advisory A080703-2 - tcpflow, the network monitoring tool that records TCP sessions in an easy to use and view manner, contains a format string vulnerability that is typically unexploitable.
b4f0c4f5a717ad038f3eb39e9c687e11d5766b61d2e3b9b83c77992f43bb0bcfAtstake Security Advisory A080703-1 - Both IPNetSentryX and IPNetMonitorX come with three helper tools that each have security issues associated with them. The first two tools: RunTCPDump and RunTCPFlow allow arbitrary users to monitor the network without requiring any form of authentication or privilege. The third tool, tcpflow (executed by RunTCPFlow), contains a format string vulnerability, allowing arbitrary commands to be run as the user calling the program. Since RunTCPFlow is setuid root and will pass arguments to tcpflow, we can execute arbitrary commands as root.
e9e60f02bd40ae6f22a3de8966d31b5d80e4df271203a7ad9f1e8286a57adf29Normal Lotus SameTime login credential encryption with 1.5 and 3.0 Windows clients use RC2 to encrypt the password, and even sends the key along with the login packet allowing an attacker to decrypt the credentials and steal a user's IM identity.
ad64a9fe4bbbde50b0d5f0cba5697b9b0bcecf4a3a60751b3d67d01c9cd0fa10The Cisco CSS 11000 Series is vulnerable to a denial of service when there is a heavy storm of TCP SYN packets directed to the circuit address. It may also cause a high CPU load or sudden reboots.
f428cbfd82405bf502ceb2aa293ef7892c0d9d5b82c9b6b3f2bc160a5ec34590Response from Corey Bridges of ZoneAlarm in regards to the vulnerability originally discovered by Lord YuP in their device driver VSDATANT and the exploit that is circulating for it.
4512058aba60fcf0849c6965870ff987198adc999b4c1041329bc6c2fa605f69Meteor FTP server version 1.5 is vulnerable to a remote denial of service when large amounts of data are fed to the USER directive.
b4cfe181724c3b90ba0d60d8c3bf0e202529e26d7c55a47cade63e2e544e570cNovacoast Security Advisory - Novacoast has discovered that Novell GroupWise 6.5 Wireless Webaccess logs all usernames and passwords in clear text.
73f94dfc0e4284cc8cbaf2c9688ddbad14ddec6437238d61c2b58e0ae32235bdEF Commander versions 3.54 and below are vulnerable to various buffer overflows that can allow for remote arbitrary code execution.
4b6a103daedde0838356670bb130997652d09b35383a7ead54a7b31c2bb79a60
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed