A stack-based buffer overflow vulnerability exists in the popular shar utility packaged in the GNU sharutils distribution, due to a lack of bounds checking when handling the -o command-line option. By default, this file is not setuid nor setgid, but if used in conjunction with other tools, it is possible that this can be manipulated for nefarious purposes.
b6dceda7216ae56f8997fa05d3bb0b438c5ce4c248e40197d99a60a8f531c1c6blaxxun3d Platform 7 is susceptible to a buffer overflow that allows for arbitrary code execution with SYSTEM level privileges.
b7a2530778d78625e62544550d13ed956a7c096171f22fca7e63522ee4c5716eFoundstone Labs Advisory - Citrix MetaFrame Password Manager 2.0 has a flaw where it will locally store credentials unencrypted if the agent is not pointed to a central credential store.
1c9632d94f5f40b0cc99ad07a73eaec4580053d25e6d9dafb7e2c377dbb5468bGentoo Linux Security Advisory GLSA 200404-01 - A flaw has been found in the temporary file handling algorithms for the sandboxing code used within Portage. Lockfiles created during normal Portage operation of portage could be manipulated by local users resulting in the truncation of hard linked files; causing a Denial of Service attack on the system.
827805dcda3188f92aa65e2f7210d6d2fa512f105b8baa91369883d9d206c28eHeimdal releases prior to 0.6.1 and 0.5.3 have a cross-realm vulnerability allowing someone with control over a realm to impersonate anyone in the cross-realm trust path.
259dec0f92b706cac74eb9b8dc8d72650d17e97cbf936f9e2367234a60d97a99The IGI 2: Covert Strike server is affected by a format string bug in the logging function of the RCON commands. Affected versions are 1.3 and below.
f0fdf110d4229c03eb1683c695c18a13b559b107219d10ecd8ef6f31ef2a357cIBM Director 3.1 Agent for Windows is vulnerable to a remote denial of service attack when being scanned.
11c8a7a8d97e1b7c71871fe52805b379be6151773027ff19753134ed8fd5d859Monit versions 4.2 and below have two basic authentication flaws that allow for a remote denial of service and a buffer overflow that can lead to arbitrary code execution. An off-by-one vulnerability also exists with POST requests.
810840b17572800a7f7b3a1a0f1869203058b4950c0967687cd2f0ee5da4baf4NGSSoftware Insight Security Research Advisory #NISR05042004B - To aid in the development of web applications that require database connectivity, certain test scripts are created and uploaded to a website when using Macromedia's Dreamweaver. These scripts help to test database connectivity. If left these scripts can allow an attacker to gain access to the backend database server, without the attacker having to supply a user ID and password. Systems affected are IIS/Dreamweaver MX and UltraDev 4.
5676bedc096db266dcec8d45b47caabbecb7b6fb751eaa892c1472bac4cc2b9aRemote exploitation of a buffer overflow in the win32_stat function of ActiveState's ActivePerl may allow arbitrary commands to be executed. No check is made on the length of the string before the copy is made allowing long strings to overwrite control information and execution of arbitrary code possible.
3adc232e9981b7e4b616c8280bed4f979ce9a51c0a72c7d2f4eff52bb06efd16NGSSoftware Insight Security Research Advisory #NISR05042004 - Due to a lack of boundary checking within the code responsible for loading Fasttracker 2 (.xm) mod media files by the Winamp media plug-in in_mod.dll, it is possible to make Winamp overwrite arbitrary heap memory and reliably cause an access violation within the ntdll.RtlAllocateHeap() function. When properly exploited this allows an attacker to write any value to a memory location of their choosing. In doing so, the attacker can gain control of Winamp's flow of execution to run arbitrary code. This code will run in the security context of the logged on user.
f19369974724e97b0e10b88bb80392f6506e21880ffcc74b92f2f54c0d616991Possible symlink attack in SuSe's Yast Online Update tool.
fa5ad54174d9f2e28e10a089d616b0f4ebc3a38a0f1b21434805e9abf2d6c5a7A symbolic link condition exists in all versions of texutil. An attacker can overwrite arbitrary files.
586cc0a27418caea44ad3c243bbf5295f48839a64e4f7c4106f429462e13e953Macromedia Security Bulletin MPSB04-05 - Dreamweaver's remote database connectivity for testing dynamic database-driven websites installs scripts that may reveal DSNs to outside attackers. A sophisticated attacker may also be able to use these scripts to send SQL commands to the server and gain control of the database server.
a1a3a733290761b3680894b8c533694858596e1dfe7ab9ad07ccbb6b427e4411SGI Security Advisory 20040401-01-P - It has been reported that there are several security issues affecting ftpd on IRIX. There is an ftpd DoS that is possible during PORT mode (SGI BUG 899364) not to mention that ftpd's ftp_syslog() doesn't work with anonymous FTP (SGI BUG 909172).
d0f63c5ef8fae4b78f5bbda3793a2c29d3e7603a5dde6ed7dde8af08e6c4ecf6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed