Secunia Security Advisory - A vulnerability has been reported in ignitionServer, which can be exploited by malicious people to cause a DoS (Denial of Service) on vulnerable systems. The vulnerability is caused due to insufficient restrictions on the SERVER command. The command is designed for server to server communication, but can be exploited by clients to introduce non-existing servers to the network. This can further be exploited to cause a DoS by introducing multiple servers, which can potentially flood the network. The vulnerability reportedly affect versions 0.1.2 through 0.3.1.
5152ff943389a15abfd3eaec1d413ffe8878ade13f23e88ee36889021e6c7d42
Multiple filter bypass vulnerabilities have been discovered in rediffmail.com.
60835bc34e6715cb1ccaea02926f87509ad74ac27b49ff275d9a0384cbfbcad7
E-mail recipients who are listed in the BCC box can be viewed by e-mail recipients who are listed in the To and CC boxes when you send a multi-part e-mail message by using Outlook Express 6.0
a3e2886d907651ad76611dcdbb2ab55198ef903ff5a237fd417cea52d0e01890
Next Generation Advisory NGSEC-2004-7 - NtRegmon, the Registry monitoring utility for Windows, suffers from an unvalidated pointer referencing. While any privileged user is using NtRegmon, any local and unauthorized user can crash the system. Versions below 6.12 are susceptible.
25183dcc3f859b4639c3d21491f15da6b81da0e387b46e9c99dcf6f07cb351fa
The Model 5400 Series Symantec Gateway Security 2.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.
deffa512afcdbd22f1b06b95302cfb62e4a31cd4a5998bed1edad3270d8d4f09
Symantec Gateway Security 1.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.
a44b2ae4b9fc7e3ebb3e0ca8d8c5aea506b43f951e09cb26876406012635b62c
Symantec VelociRaptor 1.5 has released hotfixes that address the denial of service attack reported against isakmpd.
7c12070c1f88045cc5dc5d0c7a4b1f44d0dfcfc6aa7c843223410dd5a8a8ad4c
The PHP Code Snippet Library suffers from multiple cross site scripting flaws.
a16e148c1a56fe523fc219611a5c7718feb71d496bde3a990090d68dd7e0c44c
Secunia Security Advisory - The vendor has reported a vulnerability in PvPGN, potentially allowing malicious people to see sensitive information. An unspecified problem with statsreq may expose sensitive information. This has been fixed in version 1.6.4.
eb13bde7441f7919b0f7a01be5de38099cd8a59db84f8b2a42db26a9b75864d8
Painkiller versions 1.3.1 and below have a memory corruption flaw with limited code execution possibilities.
9f3fbf17f9fbeaebbb20c73ce8470c4497975e358be471e51bb0a326a7eac154
GulfTech Security Advisory - Multiple Liveworld products suffer from cross site scripting flaws.
ebc7c3c7aae2e82bed1c14b4ed71a11fb9c443b20dfa4e4c5326466ff63aae6e
sredird versions 2.2.1-1 and below suffer from a format string bug and a buffer overflow that may let remote users execute arbitrary code.
b1e0ac8fc476c2edf91a769ccfb968ff2145d0af5c80f3a90373bbf293b01c15
Sun Security Advisory - A buffer overflow in the Sun Solaris CDE Mailer dtmail allows for arbitrary code execution with mail group privileges.
ca18021130a1e5ab89ea6203a8ebcbdbfa538c3854cd33b9f2f569a74b080e0d
Epixtech Dynix Webpac suffers from SQL injection attacks that allow for login bypass, command execution, and more.
7842802db764f0b8ea08e0baaa91d45b1bd5d2155471489b26a70d4c7f3867d8
Much like in the recent advisory about detection of directories in Opera, a similar method of detection has been discovered in Internet Explorer versions 6 and 5.
a94516d00047679677f625607045687b8c609c3ed6725c2e200f39e5a865492d
Debian Security Advisory DSA 541-1 - In icecast-server, the UserAgent variable is not properly html_escaped allowing an an attacker the ability to cause the client to execute arbitrary Java script commands.
9daf4bbd5722447c08923b0aa6f406682997d55613d9eb4df95195f4068203c7
Window Washer 5.5 fails to actually full wipe files as the product functionality claims. After deletion, files can still be recovered, and only their metadata is actually wiped.
89a7d8436364d56f477bfb3214d6f7e95b44c08435d95d303a6ca67f7911277b
Secunia Security Advisory - A vulnerability has been reported in Davenport WebDAV-CIFS Gateway, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to insufficient validation of XML documents sent from clients. This can be exploited by using a specially crafted overly long XML document, which will require excessive resources on expansion. The vulnerability affects versions prior to 0.9.10.
e69794a5a1f7e7bd97b1bfc29879ad648aec0a8c01d3bbde37f944ab688eeb90
Hitachi Security Advisory - The JP1/File Transmission Server/FTP is susceptible to a denial of service attack. It would be seriously impressive if their advisories could be more vague.
c4584dc5d034d76b53e99bf3511f5dd3c0d268faee1e697f1b6a7b9f1abdedc7
Hastymail version 1.0.1 stable and below and 1.1 development and below suffer from a cross site scripting flaw.
709201c79d2b06cd0e09ff4c5a021b7bada568a87a090c48e68a4d882a3b9128
MOD_SUPHP is an Apache module that allows php scripts to run as users rather than the www-data user. A condition exists that would allow an attacker to use this module to run arbitrary code.
2df871582e14a312ba3d2a736b2e170795092c7ed83f2ab6a61ffbb8d9d3729c
Secunia Security Advisory - Dmitriy Baranov has reported a vulnerability in aGSM, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when receiving information from a game server. This can be exploited by a malicious server to cause a buffer overflow by returning a specially crafted, overly long Half-life server name (about 148 bytes). Successful exploitation may lead to execution of arbitrary code. The vulnerability has been reported in versions 2.35c and 2.51c. Other versions may also be affected.
ee5db3a2b52cbf78b74a4e4bb258b22506364ddbee3e62112ece9e4436efa926
Bird Chat version 1.61 is susceptible to a denial of service attack.
3fd39ba61940268943a877e48620af76ea13d357c808d10f8725f4e5f0bf3a91
An unspecified vulnerability with an unknown impact has been reported in Novell Web Manager on Novell NetWare 6.5.
622530c4e4842b852d35adf6494b6a01eb2c009199653f013e352bc3558626ce
KDE Security Advisory - Konqueror suffers from a Cross-Domain Cookie Injection vulnerability.
b677033eae041feccfc0d629be666a7a4a676bbb34a2b617d81f358a7e7b56b9