A stack-based buffer overflow vulnerability exists in the popular shar utility packaged in the GNU sharutils distribution, due to a lack of bounds checking when handling the -o command-line option. By default, this file is not setuid nor setgid, but if used in conjunction with other tools, it is possible that this can be manipulated for nefarious purposes.
b6dceda7216ae56f8997fa05d3bb0b438c5ce4c248e40197d99a60a8f531c1c6
blaxxun3d Platform 7 is susceptible to a buffer overflow that allows for arbitrary code execution with SYSTEM level privileges.
b7a2530778d78625e62544550d13ed956a7c096171f22fca7e63522ee4c5716e
Foundstone Labs Advisory - Citrix MetaFrame Password Manager 2.0 has a flaw where it will locally store credentials unencrypted if the agent is not pointed to a central credential store.
1c9632d94f5f40b0cc99ad07a73eaec4580053d25e6d9dafb7e2c377dbb5468b
Gentoo Linux Security Advisory GLSA 200404-01 - A flaw has been found in the temporary file handling algorithms for the sandboxing code used within Portage. Lockfiles created during normal Portage operation of portage could be manipulated by local users resulting in the truncation of hard linked files; causing a Denial of Service attack on the system.
827805dcda3188f92aa65e2f7210d6d2fa512f105b8baa91369883d9d206c28e
Heimdal releases prior to 0.6.1 and 0.5.3 have a cross-realm vulnerability allowing someone with control over a realm to impersonate anyone in the cross-realm trust path.
259dec0f92b706cac74eb9b8dc8d72650d17e97cbf936f9e2367234a60d97a99
The IGI 2: Covert Strike server is affected by a format string bug in the logging function of the RCON commands. Affected versions are 1.3 and below.
f0fdf110d4229c03eb1683c695c18a13b559b107219d10ecd8ef6f31ef2a357c
IBM Director 3.1 Agent for Windows is vulnerable to a remote denial of service attack when being scanned.
11c8a7a8d97e1b7c71871fe52805b379be6151773027ff19753134ed8fd5d859
Monit versions 4.2 and below have two basic authentication flaws that allow for a remote denial of service and a buffer overflow that can lead to arbitrary code execution. An off-by-one vulnerability also exists with POST requests.
810840b17572800a7f7b3a1a0f1869203058b4950c0967687cd2f0ee5da4baf4
NGSSoftware Insight Security Research Advisory #NISR05042004B - To aid in the development of web applications that require database connectivity, certain test scripts are created and uploaded to a website when using Macromedia's Dreamweaver. These scripts help to test database connectivity. If left these scripts can allow an attacker to gain access to the backend database server, without the attacker having to supply a user ID and password. Systems affected are IIS/Dreamweaver MX and UltraDev 4.
5676bedc096db266dcec8d45b47caabbecb7b6fb751eaa892c1472bac4cc2b9a
Remote exploitation of a buffer overflow in the win32_stat function of ActiveState's ActivePerl may allow arbitrary commands to be executed. No check is made on the length of the string before the copy is made allowing long strings to overwrite control information and execution of arbitrary code possible.
3adc232e9981b7e4b616c8280bed4f979ce9a51c0a72c7d2f4eff52bb06efd16
NGSSoftware Insight Security Research Advisory #NISR05042004 - Due to a lack of boundary checking within the code responsible for loading Fasttracker 2 (.xm) mod media files by the Winamp media plug-in in_mod.dll, it is possible to make Winamp overwrite arbitrary heap memory and reliably cause an access violation within the ntdll.RtlAllocateHeap() function. When properly exploited this allows an attacker to write any value to a memory location of their choosing. In doing so, the attacker can gain control of Winamp's flow of execution to run arbitrary code. This code will run in the security context of the logged on user.
f19369974724e97b0e10b88bb80392f6506e21880ffcc74b92f2f54c0d616991
Possible symlink attack in SuSe's Yast Online Update tool.
fa5ad54174d9f2e28e10a089d616b0f4ebc3a38a0f1b21434805e9abf2d6c5a7
A symbolic link condition exists in all versions of texutil. An attacker can overwrite arbitrary files.
586cc0a27418caea44ad3c243bbf5295f48839a64e4f7c4106f429462e13e953
Macromedia Security Bulletin MPSB04-05 - Dreamweaver's remote database connectivity for testing dynamic database-driven websites installs scripts that may reveal DSNs to outside attackers. A sophisticated attacker may also be able to use these scripts to send SQL commands to the server and gain control of the database server.
a1a3a733290761b3680894b8c533694858596e1dfe7ab9ad07ccbb6b427e4411
SGI Security Advisory 20040401-01-P - It has been reported that there are several security issues affecting ftpd on IRIX. There is an ftpd DoS that is possible during PORT mode (SGI BUG 899364) not to mention that ftpd's ftp_syslog() doesn't work with anonymous FTP (SGI BUG 909172).
d0f63c5ef8fae4b78f5bbda3793a2c29d3e7603a5dde6ed7dde8af08e6c4ecf6