LHA has some additional buffer overflows in the extract_one function.
5a53496931d36f0f0629ce52c2693ceccacf6032e71a671af6253290e91d1570
Directory traversal attacks on the Sun Solaris SMC Web Server under releases 8 and 9 allow a remote attacker to determine whether or not a file exists on the underlying filesystem due to differences in error messages.
afadcf605c1e2463d9dc1006e2bcbc5d78588c56164f93b99e0edf5afbb88bee
Ethereal Security Advisory Enpa-sa-00014 - It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file. Versions affected: 0.9.8 up to and including 0.10.3.
5bdf294b805f328fb3c4ea0444bf4b5ac67d19b595d748a2922380a8d2fd4d4f
A vulnerability exists in Icecast 2.x that can cause a denial of service condition.
99456ace2fa0f87f2f52c3e000095e321d0e4fa0dd63df8a4290735635761047
Outpost Pro Firewall has a flaw that allows malicious people to cause a Denial of Service. The issue has been reported in Agnitum Outpost Pro Firewall version 2.1. Prior versions may also be affected.
23a021e46fe713e14e1875d37a7ff9271b44c31c2d36e4da8d11ece37740c979
Sweex Wireless Broadband Routers have tftp enabled by default with no way to restrict the service, allowing malicious attackers to download configuration files.
f0daacd8c73180fc13cf5589648b63e687c10ac6e2670c069eb61c93a99364d2
A weakness in the way Microsoft IE fails to handle double backslashes in Showhelp() allows for yet another way to locally execute files.
e6025e6f855e3e86bba8dbca696e934acbd452d1a4f6b0fc2d7ce31157ceecb1
Mark Cox has reported a vulnerability in ZoneMinder, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of query strings. This can be exploited to cause a buffer overflow via a specially crafted query. Successful exploitation may potentially allow execution of arbitrary code. All versions prior to 1.19.2 are affected.
c4a8ca70883f255627f43b3626c433ab0d748ba3a73a4c727c5a773469af1621
iDEFENSE Security Advisory 05.12.04: Exploitation of an input validation vulnerability within Opera Software ASA.'s Opera Web Browser could allow remote attackers to create or truncate arbitrary files. The problem specifically exists within the telnet URI handler. Opera does not check for '-' at the beginning of hostname passed through the handler, which lets options pass to the telnet program, allowing file creation or overwriting.
88a3986f22d8cc48d56d3b3bad13399d7e191cf92cee76f2c337819dcbe15f61
Secunia Advisory SA11532 - Secunia has discovered a vulnerability in the Opera browser, which can be exploited by malicious people to fake (spoof) information displayed in the address bar. The vulnerability has been confirmed in version 7.23 for Windows and Linux. Prior versions may also be affected.
dc53e66630e90a2121277a9e645a4eb3320a8d21a55b9a23af104ae4d9089546
eEye Security Advisory - eEye Digital Security has discovered a critical remote vulnerability within the Symantec firewall product line. There is a remote heap corruption vulnerability in SYMDNS.SYS, a driver that validates NetBIOS Name Service responses, which can lead to execution of arbitrary code for various Symantec products. Successful exploitation of this flaw yields remote kernel access to the system. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
bfe54b66a1fa04ed44f2d88c757986016681f5a3533be9a4667bf86c61c22664
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in the Symantec firewall product line that would allow a remote, anonymous attacker to execute arbitrary code on a system running an affected version of the product. By sending a single specially-crafted NetBIOS Name Service (UDP port 137) packet to a vulnerable host, an attacker could cause an arbitrary memory location to be overwritten with data he or she controls, leading to the execution of attacker-supplied code with kernel privileges and the absolute compromise of the target. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
8b0422b0cf3e0350cabdd99e47019446ad294a418bd75076bbf3b6a8ddc52f6f
eEye Security Advisory - eEye Digital Security has discovered a second vulnerability in the Symantec firewall product line that can be remotely exploited to cause a severe denial-of-service condition on systems running a default installation of an affected version of the product. By sending a single malicious DNS (UDP port 53) response packet to a vulnerable host, an attacker can cause the Symantec DNS response validation code to enter an infinite loop within the kernel, amounting to a system freeze that requires the machine to be physically rebooted in order to restore operation. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
9586423e4a36c89f9ed7bf1939b4d9b4bc57ec4d8c57dca66ad3372b2230d08b
eEye Security Advisory - eEye Digital Security has discovered a critical remote vulnerability within the Symantec firewall product line. A buffer overflow exists within a core driver component that handles the processing of DNS (Domain Name Service) requests and responses. By sending a DNS Resource Record with an overly long canonical name, a traditional stack-based buffer overflow is triggered. Successful exploitation of this flaw yields remote KERNEL access to the system. With the ability to freely execute code at the Ring 0 privilege level, there are literally no boundaries for an attacker. It should also be noted, that due to a separate design flaw in the firewalls handling of incoming packets, this attack can be successfully performed with all ports filtered, and all intrusion rules set. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
e473df5134bac9a2cc199d33e7d6e380a34d5d87ed5086575e9a0e9f4c5e035f
Exploitlabs.com Advisory 27 - Microsoft Windows Help and Support Center has a vulnerability due to an unspecified input validation error. This can be exploited via the HCP protocol on Microsoft Windows XP and Microsoft Windows 2003 through Internet Explorer or Outlook and allows for arbitrary code execution.
d988b8210aca1e91cb4d3d9dd5b3f573ea60e02d6175fb32fad685eae2dc0074
Outlook 2003 has a flaw that will allow malicious spammers to verify whether or not a recipient has read an email.
11ecdcb13367d2e1ae1f3074de7d169c041339a8b606c74b1a864149a8cffaa3
Privilege escalation is possible for users with access to the systrace device on Net-BSD and Free-BSD.
5055b81404726430cf6bf4f0924753685d120e9b3cabd9c41fc131e5cd09cfb0
The msxml3.dll crashes when a page is refreshed that has an ampersand included inside of a link or value.
87782652da2a9d4d71ad20c25f67177ce0ebae7ed140f222f81055d63310722d
The usage of the SCTP implementation in all versions prior to 2.4.26 of the Linux kernel are susceptible to an integer overflow.
f066b2cbb6af3fe4fe3ad12ba310fa17c52d57e4b55c41f6d53c4a9f4d6b0539
phpShop versions 0.7.1 and below have a flaw where it is possible for an attacker to execute arbitrary code as the server.
5297fa06c696b0da0a705efbbb07c7f4ec23027ed95142a2d87e3e70f3d1a2e7
Hat-Squad Advisory - A remote heap overflow has been discovered in MailEnable Professional Edition versions 1.5 to 1.7. Sending an HTTP request with more than 4045 bytes to MEHTTPS service will cause a heap buffer overflow while logging is enabled. It is possible for a remote attacker to execute code as SYSTEM.
7fbcb105140f4b9e3648e2b0f3fc89ae526912d8e532e8cfa5260c3bf076c531
A potential local denial of service vulnerability has been discovered in the 2.6 Linux kernel.
9160d54bd32d01d0a574a5324c13002615defe8696ee7cb665c59ccf6a92be60
SmOk3 has reported a vulnerability in e107 version 0.x, which can be exploited to conduct script insertion attacks.
ffc203776b348b7e241395594527efc8355618e7f5691876c2abbb91ebefa4c2
A vulnerability in the Java Runtime Environment may allow a remote unprivileged user to cause the Java Virtual Machine to become unresponsive resulting in a Denial of Service (DoS) condition for the runtime environment and servers that run on the runtime environment. Affected versions are Sun Java JRE 1.4.x and Sun Java SDK 1.4.x. Unaffected versions are 1.4.2_04 or later.
634bafb123157c728d0624e898b9c78737d1db3146091555c65b88327a961f3d
A buffer overflow has been identified in efFingerD version 0.2.12.
579a8af004a7d1139f1522767ad1220c8da86ccabd89512f32c4c6110bf8937e