Microsoft has issued Service Pack 2 for ISA Server 2000. This includes patches for all previously reported vulnerabilities as well as older hot fixes, where some address potential security issues.
cde0a6316c61f476997a2b12d1eb5ba5efc7734e090b2a60a4e961c5b135579dA vulnerability has been discovered in ignitionServer versions 0.1.2 through 0.3.1, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to missing password verification when linking servers.
a2424139487a4dea84b44192623c5978ce663be7e2f00ee01d02e198048e68cfA vulnerability has been discovered in MoinMoin that can be exploited by malicious users to gain escalated privileges. The problem is that a user can gain the same privileges as an administrative group by creating a user with the same name. The vulnerability has been reported in versions 1.1, 1.2, and 1.2.1.
45a321ae4b91a6a821b0a72632c38aabc18c47b6a701c04a78584d8a3468d948VP-ASP Shopping Cart 5.x has a vulnerability which can potentially be exploited by malicious people to conduct cross-site scripting attacks.
39e70e14d5aaca15d049fefd2cf2605dd17105c01c09ccaa33fcafe0ff6552e5An integer handling error within the swapctl() system call of NetBSD 1.x can allow a local user the ability to cause a denial of service attack.
0b04f2d0bae3375ec84b5c4112c85c28ed5adf7a137c5cae027ebc0d6c7b7189A vulnerability in the Billion BIPAC-640 AE Broadband Firewall Gateway can be exploited by malicious people to bypass user authentication on the administrative web interface.
8f7a686d9df9d69ea856244b34bb4a7ae567e7e1692f015c199a0b92a90df698The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.
4fd4a3dc2ff2887823678f53b78e0b6b9f804c4881d7f2160ca9ed11a8f808d5Technical Cyber Security Alert TA04-163A - There is a cross-domain vulnerability in the way Microsoft Internet Explorer determines the security zone of a browser frame that is opened in one domain then redirected by a web server to a different domain.
e5fe41adfe15146f3fc5105718e0bfa3890d7a0fee8aa704345909e52c657e10NGSSoftware Insight Security Research Advisory #NISR11062004 - By crafting a malformed .RA, .RM, .RV or .RMJ file it possible to cause heap corruption that can lead to execution of arbitrary code. By forcing a browser or enticing a user to a website containing such a file, arbitrary attacker supplied code could be executed on the target machine. This code will run in the security context of the logged on user. Another attacker vector is via an e-mail attachment. NGSResearchers have created reliable exploits to take advantage of these issues. Versions affected are: RealOne Player (English), RealOne Player v2 (all languages), RealPlayer 10 (English, German and Japanese), RealPlayer 8 (all languages), RealPlayer Enterprise (all versions, standalone and as-configured by the RealPlayer Enterprise Manager).
9386d33a1646cab5f7eba3a0866f4a1fc55d21938426f75fe5d480922d5d3f5bWebmin version 1.140, a web-based system administration tool for Unix, has a vulnerability that allow users to gain read access to the configuration of a module without authentication.
832e4e216b40d2258786e8d36c494b2dff9a4983cb87e9a3c826f970fdbdcceaeEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in RealPlayer. The vulnerability allows a remote attacker to reliably overwrite heap memory with arbitrary data and execute arbitrary code in the context of the user who executed the player or application hosting the RealMedia plug-in. This specific flaw exists within the embd3260.dll file used by RealPlayer. By specially crafting a malformed movie file along with an HTML file, a direct heap overwrite is triggered, and reliable code execution is then possible. Systems Affected: RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8, RealPlayer Enterprise.
7947dd5f305ea9cdbbffb6a947c20d36de581d05306a574cdfa1fe8b8b697c67A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. Impacted versions: HP-UX B.11.00, B.11.11, B.11.22.
ab12a0e7ff3eb0a9bb5ed915071dfbd16a49a23454a83568e6ff1ae48eb57ce7A remotely exploitable format string vulnerability exists in smtp.proxy up to and including version 1.1.3. The bug is present and exploitable regardless of any compile time and runtime configuration options and can be exploited by sending a message with an embedded format string in either the client hostname or the message-id.
650e059f4660964948bab6dd542c9c7d67dea329505d29c355d351dea912ff5dA vulnerability has been discovered in Horde IMP, which can be exploited by malicious people to conduct script insertion attacks.
b1d1629dfac41480e467a2bb663539dec54c6c326e255476f523f6fac4713933A security issue has been discovered in jCIFS, which allows a malicious person to authenticate with an invalid username. The problem is that it is possible to authenticate with any username if the guest account is enabled on a CIFS server.
675fb88dd7cc8e44fbcc44ff7bf475680140d3ac8ec29f1e2297e835d7820b74iDEFENSE Security Advisory 06.08.04: A remote attacker can compromise a target system if Squid Proxy is configured to use the NTLM authentication helper. The attacker can send an overly long password to overflow the buffer and execute arbitrary code.
5eeaa170fb736208161866b9b915659dd2b08d182ea719bbcd682afa10efcdcbCisco CatOS is susceptible to a TCP-ACK Denial of Service (DoS) attack on the Telnet, HTTP and SSH service. If exploited, the vulnerability causes the Cisco CatOS running device to stop functioning and reload. Releases affected: 8.xGLX earlier than 8.3(2)GLX, 8.x earlier than 8.2(2), 7.x earlier than 7.6(6), 6.x earlier than 6.4(9). and 5.x earlier than 5.5(20).
15cda5b82d4ade1ac1a856cf5bd507f182724333ff561e6782f209b6365e3edcAspDotNetStorefront version 3.3 has a flaw that allows a remote attacker the ability to delete images off of a server due to a lack of input validation.
0244a82608fea01217f84f916119ab814c93d08eb9a2d684b836dac5023d41f5AspDotNetStorefront 3.3 is susceptible to cross site scripting attacks.
1eb56fae16eaac67ad293e449ed3a276d2fc44db852094fe8eb332bc05476974A team audit of the CVS codebase has revealed more security related problems. The vulnerabilities discovered include exploitable, potentially exploitable and simple crash bugs. Vulnerable versions are CVS feature releases up to 1.12.8 and stable release up to 1.11.16.
155d8c19e5073cd3b1c60af1ba16f4d76266640aeb9a5c4f91e717dbed6b651aTrend OfficeScan version 5.5 has a flaw that allows a malicious user to escalate a program's privileges to that of the virus scanner.
36121a2829a6a5c033114693249b37fcc5fbc956938dcdd00ac0cc73d1f9d913The Symantec Gateway Security 360R fails to prohibit non-VPNed wireless connections when the directive to enforce tunnels is set.
179a41248346521d57a670433db1db150c5b195e6cc51ed7be19c5c0cedcc1bdAspell is susceptible to a stack overflow when it makes use of a wordlist file that has an entry exceeding 256 bytes.
7b148643f8b27cc0b5251d418834bd40e6879c6455093a920ae35722acfa711dUnauthorized deletion of IPsec SAs is still possible using a delete payload piggybacked on an initiation of main mode with the latest version of isakmpd.
c5d443ed4065bde5c240457b08dcb81606ea790ee65250147c49eddf9744dc54Invision Power Board version 1.3.1 Final is susceptible to cross site scripting and SQL injection attacks.
e90c89df5d41852f1edbd13d3d36ccc97f9e5d568ba29464fa79b01c4effe12a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed