iDEFENSE Security Advisory 06.21.04: Remote exploitation of a denial of service condition within GNU Radius allows attackers to crash the service. The problem specifically exists in the code for handling SNMP messages. By supplying a malformed packet containing an invalid OID, such as -1, it is possible to cause the server to shutdown, preventing further requests from being handled. The Radius server must have been compiled with the '-enable-snmp' option in order to be vulnerable.
2e0e226c0c89a68cd1ee9d3f9d66b5e5d49fdec1ef03e7ec5cfa887e5d82e200Debian Security Advisory DSA 522-1 - A format string vulnerability in super has been discovered that allows specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
78c7e1bf65152d505c10fbb236ca5fba4a3cc83b2737cffa0bc5add027d86b91A vulnerability has been found in the Mobile Code filter in ZoneAlarm Pro where SSL content is not filtered. Tested against Windows XP Pro running ZoneAlarm Pro 5.0.590.015 and Internet Explorer version 6, with all patches.
9f550907ba57239e2e48c56db138dbfa750a3cb38f6d2cdd756fae1d650f0bbaA user can deny access to the web-based administration by establishing 30 connections to the web-based administration port (80) on the Microsoft MN-500 Wireless Router. Until the connections are closed, the router administrator cannot access the web-based administration.
9eb7fa9b0faacd20f011010c664c60362d59d51325c8fb8bda4a97e82a6c3447A user can deny access to the web-based administration by establishing 1 connection to the web-based administration port (80) on a Linksys BEFSR41 Cable/DSL Router. Until the connection is closed, the router administrator cannot access the web-based administration. Note that the router automatically closes the TCP connection after about ten seconds of inactivity.
cc4d06d74473ac6a04901d1309b131325e16dbe2a571ed5f24f1a9fce4b531f9A user can deny access to the web-based administration by establishing 7 connections to the web-based administration port (80) in the Netgear FVS318 VPN Router. Until the 7 connections are closed, the router administrator cannot access the web-based administration.
77be9a97404a9717378c0f2ab65614511596841eee00cf9f40135e461979c75cUsers of Internet Scanner 7 from ISS can bypass license restrictions due to a key bypass flaw.
bb3871b4ccbc9d65dd1ff8985c5fc1269a333b4183fe4611dc028efc5f5a0b58It has been reported that a vulnerability exists in DNS One, potentially allowing malicious people to conduct script insertion attacks. The problem is that input supplied to the HOSTNAME and CLIENTID parameters in a valid DHCP request are logged unfiltered, allowing arbitrary HTML and script code to be embedded. Successful exploitation allows code execution in an administrative user's browser in context of the affected site when the report / log is viewed. Reportedly, firmware version 2.4.0-8 and 2.4.0-8A and prior are affected.
834a3a0d683b2f180754f7d96f8cbc06c96db82fa7ecf2da5fe00ff2985869abeEye Security Advisory - eEye Digital Security has discovered a security vulnerability in IBM's signed eGatherer activex. Because this application is signed, it might be presented to users on the web for execution in the name of IBM. If users trust IBM, they will run this, and their systems will be compromised. This activex was designed by IBM to be used for an automated support solution for their PC's. This is installed by default on many popular IBM PC models.
6599862e14320181a6e068e3cea972c1e37c7c9c9660660f00865030c0c1566aDebian Security Advisory DSA 521-1 - A format string vulnerability has been discovered in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the supfilesrv process.
c97c96287dc17e80c241ce806844485d5301d9292c2078a15e158a669306eb14A vulnerability exists in various versions of Weblogic Server and Weblogic Express when a client logs in multiple times as different users using RMI (Remote Method Invocation) over IIOP (Internet Inter-ORB Protocol). This may reportedly result in an RMI method being executed under the wrong identity. Affected versions: WebLogic Server and WebLogic Express 8.1, on all platforms, WebLogic Server and WebLogic Express 7.0, on all platforms, and WebLogic Server and WebLogic Express 6.1, on all platforms.
7c596d91f9fead17e5b14f54e34f7f6c2e74de76810cffc996835d9e9049a456Sygate Personal Firewall Pro version 5.x is susceptible to a denial of service attack by being crashed via unprivileged applications sending specially crafted messages to the ListView control in the GUI.
c4b523beea4596ecf960bcae931886280975333d872f47098e91d7d4f0b32445The Linux 2.4.x kernel series comes with an i2c driver that has an integer overflow vulnerability during the allocation of memory.
6b9ab2a22bb370c236040f89eaeb9f52f07672f8bd3c635617f0c7a744113500Sec-Tec Advisory - A cross site scripting vulnerability has been discovered in Snitz Forums 2000. Version 3.4.04 is affected.
31132f81367c14099db702f0cb6004506d7d9ff136c06cfee09ba284f6f9350ceEye Security Advisory - eEye Digital Security has discovered a security vulnerability in IBM's signed acpRunner activex. Because this application is signed, it might be presented to users on the web for execution in the name of IBM. If users trust IBM, they will run this, and their systems will be compromised. This activex was designed by IBM to be used for an automated support solution for their PC's. An unknown number of systems already have this activex on their systems. Version affected is 1.2.5.0.
2b6bac2ea94d90530ba2aaba9296ae3ea83b7a8958d58406bb05f94b3b8ed1b6Bit of information regarding the first cellular phone virus called Cabir being discovered.
f499582f9768509624e7e2807446cc2f20c715e4838acbdfd4a9543d0af0e053Cisco Security Advisory: A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet.
8ad9d928a214abb79d3802e20c67945f0a379565202873d2901d5d5b4e715e0cCheckpoint Firewall-1 version 4.1 and later with IPsec VPN enabled will return an IKE Vendor ID payload when it receives an IKE packet with a specific Vendor ID payload. The Vendor ID payload that is returned identifies the system as Checkpoint Firewall-1 and also determines the Firewall-1 version and service-pack or feature-pack revision number. This is an information leakage issue which can be used to fingerprint the Firewall-1 system.
440208d725a4ec5c0d16e26260994618621b0231f531a80db7b7c381d24b4f4fWeb Wiz Forums version 7.8 is susceptible to a cross site scripting attack.
fb95299c719e87d28e1135b8c3aef3ab5dcb36a4e9f359d4685af5c1f35642cdA vulnerability has been discovered in Microsoft Internet Explorer that allows for attackers to bypass security zones and conduct phishing attacks.
7cc58b71bd55da16b1839c6169f86a2111c4f4cf84b990d63e22fcc73532f941SGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible.
c311575509d77e140256db203b3431dabc5c01cfb4dd8d1e624c66a52ee8d789It seems that some Antivirus scanners are subject to a denial of service attack when attempting do a manual scan of compressed files. Some versions affected are: Norton Antivirus 2002, Norton Antivirus 2003, Mcafee VirusScan 6, Network Associates (McAfee) VirusScan Enterprise 7.1, Windows Xp default ZIP manager.
a90bb7f3417157fb4fb000c829c5adf3731995143dd6ab1b3ab4682d4aaa3950VICE Security Advisory VSA-2004-1 - VICE versions 1.6 through 1.14 on all platforms are vulnerable to a format string vulnerability in the handling of the monitor memory dump command.
51874a9d9c5210599a173e589857775ad51874245713cf5292ebac779544b9a7Linksys Web Camera version 2.10 is vulnerable to a cross-site scripting vulnerability.
c27793f628af5044cf44444ff2b34cec8904f329d169f5ab86c847bc7edef77eA vulnerability within Chora version 1.2.1 and below allows remote shell command injection.
a41aa4d39af2f221d39ccc9dc16ac042c25b39642f4b0f038fe3a4a1f40a2cfd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed