iDEFENSE Security Advisory 02.17.04: Ipswitch IMail server has a remote buffer overflow vulnerability in its LDAP daemon.
3cae4adb7fac1829d2ebdcc934459c7a422d022d2b936559ef07eef31176444b
YaBB version 1, SP 1.3.1, leaks whether or not a username is valid when an invalid password is given.
0d70bafba0a639f6722836028ca2dd30287e6dee65c61d566fe251cf6a21f9ef
YaBB SE versions 1.54 and 1.55 are susceptible to a SQL injection vulnerability that allows a remote attacker to execute malicious SQL statements on the database remotely.
0cb034ef99caa617751564217c86b7aa293f12c1a2e323fbaed9a9eb14a1dc80
The Symantec AntiVirus Scan Engine for Linux has a possible race condition via a symlink attack in /tmp.
7603b97a86063ada3a6bbaacd9422e0f4212735f47d6515ab0e95f25df4ccb24
Purge versions 1.4.7 and below and Purge Jihad versions 2.0.1 and below have buffer overflows affecting the clients of this game.
15e5bb82dec8ce18853366f6292961f01558fc059766481005b37354d2bce4c1
Symantec FireWall/VPN Appliance model 200 displays its administrator password in clear text over a non-encrypted HTTP connection.
b60c9e590eaa9d4ec34b544ec3abe50cb8ee3a2396f0de5957d82e91035594c6
SignatureDB is vulnerable to a denial of service attack due to a buffer overflow in a sprintf statement.
63a06ca66a5273103422bc7ed4658d21d246ba1116ba9a6e1d2549646f4199ca
mnoGoSearch versions 3.2.13-15 are vulnerable to a buffer overflow attack when a large document is indexed.
b81572f8e5896c50b3258ba30d2a396e68c049ce518ef8b86832bea9d0ef61b5
Sami FTP server version 1.1.3 has multiple vulnerabilities that can lead to a denial of service.
8e85094ba9a6a67593d7a265f163919d0f7792d81fbde5e9bbd4b87c19634b52
A cross site scripting vulnerability exists in VBulletin.
63600b0f7b537ceec34e8b8deb78e268a56b5b031bfc20a99ff94bc21caef919
mailmgr version 1.2.3 is vulnerable to symlink attacks. If the utility is run as root, any file on the system can be overwritten.
93ee7bc51fe3ac504ce9e5a8fdfd64f5776ac41c90200f5e29296b8b1bab4e7e
A cross site scripting vulnerability exists in VBulletin.
fd66808e15a736a0b19ab79de528aa189d3c154e6d989518c950b793d4db25a6
aimSniff.pl 0.9b has a file deletion flaw. If the utility is run as root, a symlink attack can be used against a file in tmp to get root to remove any file on the system.
d35abb58d182e2ac03ec120bfbe800992445c733034160f3f66e0705ad173573
iDEFENSE Security Advisory 02.11.04: Exploitation of a buffer overflow in the XFree86 X Window System allows local attackers to gain root privileges. The vulnerability specifically exists in the use of the CopyISOLatin1Lowered() function with the 'font_name' buffer. While parsing a 'font.alias' file, the ReadFontAlias() function uses the length of the input string as the limit for the copy, instead of the size of the storage buffer. A malicious user may craft a malformed 'font.alias' file, causing a buffer overflow upon parsing and eventually leading to the execution of arbitrary code.
969dc5cfdd69d231c477b299e5f6ef17b853eac7ca564fd483dcefed01c82792
Various game engines and games developed by Ratbag is vulnerable to a denial of service attack. Full analysis given.
0b1089fe129f3c8ed14504b82bf9fa212d6479c35297ebd93aed59986e66802d
Monkey httpd versions 0.8.1 and below suffer from a denial of service vulnerability when subjected to specially crafted HTTP requests.
5c7729ef7ce7341a339b4a7ec35c0a80d1826a23abee971b151f18e4c15e4879
Red Hat Security Advisory - A bug was found in the index menu code in versions of mutt. A remote attacker could send a carefully crafted mail message that can cause mutt to segfault and possibly execute arbitrary code as the victim.
4dafc8aeb12c53d9369ce922c96b1b8f0d286ad1d1ff1657aac4664ebd37034b
PHP code injection vulnerabilities in ezContents versions 2.0.2 and prior allow for a remote attacker to access arbitrary files and execute commands on the server.
f852d6bdd374bb2095a159b9896252b872a652c440495812ac704a127c25800a
CERT Advisory TA04-041A - Multiple integer overflow vulnerabilities in the Microsoft Windows ASN.1 parser library could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges. Related eEye advisory here.
d15efbcc2142bc5ef34ae1dde8178035fc9aac8c3983d2d7ee7acf880431603c
Atstake Security Advisory A021004-1 - Both Connectix Virtual PC 6.0.x and Microsoft Virtual PC 6.1 on Mac OS X suffer from an insecure temporary file creation vulnerability.
957d7e39e1983bcf0c08476d79bf23df3df003fbce3396e952ea4e50e60e12a6
iDEFENSE Security Advisory 02.10.04: Exploitation of a buffer overflow in the XFree86 X Window System allows local attackers to gain root privileges. The problem specifically exists in the parsing of the font.alias file. The X server, which runs as root, fails to check the length of user provided input. A malicious user may craft a malformed font.alias file causing a buffer overflow upon parsing, eventually leading to the execution of arbitrary code.
d3db7fd0322ed5a49202a2729ebb1ac91eed13e5e70c0f5df79d02d83e05906b
The Microsoft Base Analyzer fails to properly report vulnerabilities on its systems when machines have been patched but not rebooted for the patches to take affect.
5d7ef01936df0292fd8830d6bc1fa9f605adfe64a768a6a871f90eefcd147494
eEye Security Advisory - eEye Digital Security has discovered a second critical vulnerability in Microsoft's ASN.1 library (MSASN1.DLL) that allows an attacker to overwrite heap memory with data he or she controls and cause the execution of arbitrary code. ASN.1 is an industry standard used in a variety of binary protocols, and as a result, this flaw in Microsoft's implementation can be reached through a number of Windows applications and services. Ironically, the security-related functionality in Windows is especially adept at rendering a machine vulnerable to this attack, including Kerberos (UDP/88) and NTLMv2 authentication (TCP/135, 139, 445).
8815b9231e3ce56295d951ce888973253d6699e1085fcffeabace7cd8f1ce3df
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Microsoft's ASN.1 library (MSASN1.DLL) that would allow an attacker to overwrite heap memory on a susceptible machine and cause the execution of arbitrary code. Because this library is widely used by Windows security subsystems, the vulnerability is exposed through an array of avenues, including Kerberos, NTLMv2 authentication, and applications that make use of certificates (SSL, digitally-signed e-mail, signed ActiveX controls, etc.).
1de333b1ddd32e19f140c70af8d8745df36130a84594833d58298734c09ce432
When adding a skin file to RealPlayer, if the filename contains a directory traversal, a remote attacker may get files deployed onto the machine anywhere in the system. According to RealNetworks the flaw affects RealOne Player, RealOne Player v2, RealOne Enterprise Desktop, RealPlayer Enterprise.
d25313a1a0f691a8c4a75087079a2a861c83f7292dfcc16b5045c7d5b0ef2c7a