Corsaire Security Advisory - The PeopleSoft IScript interface accepts a number of arguments via HTTP POST/GET calls. Using a carefully constructed URL, Java code can be executed in a users context.
49c7d7dac2df8685c1ffa08b0ea2b20a702114b5f2b917806113e242380c3f43Corsaire Security Advisory - The PeopleSoft Gateway Administration utility has a servlet that discloses its full path to the configuration files on the server when improper values are passed to it.
08f4265e6b6df73f2a516dc2004f39b7a6a8b4a9721fbac7e78d54b11bea003aMicrosoft Security Bulletin MS03-051 - This bulletin addresses two new security vulnerabilities in Microsoft FrontPage Server Extensions, the most serious of which could enable an attacker to run arbitrary code on a user's system. The first vulnerability exists because of a buffer overrun in the remote debug functionality of FrontPage Server Extensions. The second vulnerability is a Denial of Service vulnerability that exists in the SmartHTML interpreter.
a64a5bca634bcd946c38df1abd14ced1ff623dc64459d7b7e57a6a36c3f219f5Microsoft Security Bulletin MS03-050 - A security vulnerability exists in Microsoft Excel that could allow malicious code execution. This vulnerability exists because of the method Excel uses to check the spreadsheet before reading the macro instructions. If successfully exploited, an attacker could craft a malicious file that could bypass the macro security model. Another security vulnerability exists in Microsoft Word that could allow malicious code execution. This vulnerability exists due to to the way Word checks the length of a data value (Macro names) embedded in a document. If a specially crafted document were to be opened it could overflow a data value in Word and allow arbitrary code to be executed.
2e65329c134cc1472436bf1dfa5a13a48429afbcc0aa286c1a69fd0eec83e2c5Microsoft Security Bulletin MS03-049 - A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service. If exploited, an attacker could gain System privileges on an affected system, or could cause the Workstation service to fail. An attacker could take any action on the system, including installing programs, viewing data, changing data, or deleting data, or creating new accounts with full privileges.
2ebf3e9a6635c0389c71cb5892f6c16f50e7ee7d9b2ac16950fd17ef4028aea8Microsoft Security Bulletin MS03-048 - A cumulative update patch has been released for Internet Explorer that includes the functionality of all the previously-released updates for Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates the following five newly-discovered vulnerabilities.
dfc29d27adae94c6b106aaaf9545a35d4b5a7adc9870d2ce88bb70b85d0bef8cNSFOCUS Security Advisory SA2003-07 - The HP-UX Software Distributor utilities are susceptible to a buffer overflow vulnerability when reading in the LANG variable since they do not perform any bounds checking on its size. Due to this, local attackers could gain root privileges.
fa7084e4341d66e2414719a1aa4874b255b2255729d312209d47cbdb4f8997bdNSFOCUS Security Advisory SA2003-08 - Do to a lack of input validation on the NLSPATH variable, libc on HP-UX is susceptible to a format string vulnerability that will allow a local attacker to gain root privileges.
7763824063b03d4c3ebd80f0f6e25b25ad766c35105b7d94923ec0e3e6a15b2bFortigate firewall pre 2.50 maintenance release 4 allows a remote attacker to inject hostile code into an administrative interface. This vulnerability, used in conjunction with the fact that the username and MD5 hash of the user's password are stored in a cookie, allows a remote attacker to trick an administrator into giving up their credentials.
10520ea52ac2e94c5e4b69055bcaa957dce33e5e0594b94759fc3b4eefda58aaSecure Network Operations Advisory SRT2003-11-11-1151 - Clam AntiVirus versions clamav-0.60 through clamav-0.60p are subject to format string attacks that allow a remote attacker to commit a denial of service and possibly perform remote command execution.
10ef4bf26c1ab47ad1a7b53bc21aae94a7fe570686b961eb6d52b4a3d73035faCERT Advisory CA-2003-28 - A specially crafted network message can trigger a buffer overflow in Microsoft's Workstation server. The vulnerability is caused by a flaw in the network management functions of the DCE/RPC service and a logging function implemented in Workstation Service (WKSSVC.DLL). Various RPC functions will permit the passing of long strings to the vsprintf() routine that is used to create log entries. The vsprintf() routine contains no bounds checking for parameters thus creating a buffer overflow situation.
979392a63ca9d86583ec3f6402dafeb1c0ea7237bc2af925d5f46a51e7c89a47TerminatorX v3.8.1 contains several local root vulnerabilities including stack overflows and format string bugs. Includes the vulnerable code and solutions.
6896039ce102a933e00fff841c4b978321a4a345c95c62d0bcf97ed8888e020fSecure Network Operations Advisory SRT2003-11-06-0710 - IBM DB2 UDB v7 through v8.1 contains multiple local security flaws including buffer overflows and format string bugs in db2start, db2stop, and db2govd. Fix available here.
024592d4a5147b75bed2225d6e629852eb1d72976b68b04a810ce561e313c67cNGSSoftware Insight Security Research Advisory #NISR05112003 - Multiple Oracle Application Server SQL injection vulnerabilities exist for all OS platforms with Oracle 9i Application Server Release 1 and 2 and RDBMS.
c14bf67a31522701aa71637b6fe672b5b213d2b13fe5d981c029e99e1d4ae4cfSecure Network Operations, Inc. Advisory SRT2003-11-02-0115 - The NIPRint LPD-LPR Print Server versions 4.10 and below on the Win32 platform are susceptible to a buffer overflow that can allow a remote user to gain SYSTEM privileges. http://www.secnetops.com.
fb70af3656c58520746abf065985b71d5adb36f13e3adc0125088d0ea0640f8cSecure Network Operations, Inc. Advisory SRT2003-11-02-0218 - The NIPrint LPD-LPR Print Server versions 4.10 and below on the Win32 platform are susceptible to a vulnerability that allows a local user to escalate to SYSTEM privileges. http://www.secnetops.com.
fc2a664387e4787a695b2af87bd843a7baf71489667b12addea670ac90cb1175OpenSSL Security Advisory 20031104 - A bug in OpenSSL 0.9.6 would cause certain ASN.1 sequences to trigger a large recursion. On platforms such as Windows this large recursion cannot be handled correctly and so the bug causes OpenSSL to crash. A remote attacker could exploit this flaw if they can send arbitrary ASN.1 sequences which would cause OpenSSL to crash. This could be performed for example by sending a client certificate to a SSL/TLS enabled server which is configured to accept them.
409756506e14f27eaed3fa2e17e064358dee057651432c52488fd3436c6babf8isakmpd, OpenBSD's IKE daemon, contains severe flaws in payload handling that allow for the unauthorized deletion of IKE and IPsec SAs. It allows this due to a lack of encryption being applied in Quick Mode and a lack of validation for the origin of delete message payloads, among other issues.
3988c2d5ef9fcbecf1cf09989991d959569afb820df8646367b19b0ca3c9b78eIA WebMail Server versions 3.1 and below from True North Software are vulnerable to a stack-based buffer overflow via its HTTP GET request header. This overflow can lead to a denial of service and remote code execution.
4ee7d2ce7cd21185e891a868872e9582aff0036983de46858eed8983a8b50341Bugzilla Security Advisory - Five security related bugs have been discovered in this web-based bug tracking system. Two relate to SQL injection attacks via privileged user accounts. A third allows ex-members of a deleted group to get inserted into a new group if it is created reusing the same name. Two other issues allow extraction of bug information for any known email address and for a user to obtain descriptions for a product they do not have access to.
39b258a4c1f61e7a04f61190675f88517211c8525b062d55c9f258be69b46223Ethereal Security Advisory Enpa-sa-00011 - The GTP, ISAKMP, MEGACO, and SOCKS protocol dissectors in Ethereal 0.9.15 contain remotely exploitable vulnerabilities.
d7bc0fcca6c99026c224ae9aaece5efe0f4949c630b3354a6113560049da4a5f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed