Secunia Security Advisory - A vulnerability has been reported in ignitionServer, which can be exploited by malicious people to cause a DoS (Denial of Service) on vulnerable systems. The vulnerability is caused due to insufficient restrictions on the SERVER command. The command is designed for server to server communication, but can be exploited by clients to introduce non-existing servers to the network. This can further be exploited to cause a DoS by introducing multiple servers, which can potentially flood the network. The vulnerability reportedly affect versions 0.1.2 through 0.3.1.
5152ff943389a15abfd3eaec1d413ffe8878ade13f23e88ee36889021e6c7d42Multiple filter bypass vulnerabilities have been discovered in rediffmail.com.
60835bc34e6715cb1ccaea02926f87509ad74ac27b49ff275d9a0384cbfbcad7E-mail recipients who are listed in the BCC box can be viewed by e-mail recipients who are listed in the To and CC boxes when you send a multi-part e-mail message by using Outlook Express 6.0
a3e2886d907651ad76611dcdbb2ab55198ef903ff5a237fd417cea52d0e01890Next Generation Advisory NGSEC-2004-7 - NtRegmon, the Registry monitoring utility for Windows, suffers from an unvalidated pointer referencing. While any privileged user is using NtRegmon, any local and unauthorized user can crash the system. Versions below 6.12 are susceptible.
25183dcc3f859b4639c3d21491f15da6b81da0e387b46e9c99dcf6f07cb351faThe Model 5400 Series Symantec Gateway Security 2.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.
deffa512afcdbd22f1b06b95302cfb62e4a31cd4a5998bed1edad3270d8d4f09Symantec Gateway Security 1.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.
a44b2ae4b9fc7e3ebb3e0ca8d8c5aea506b43f951e09cb26876406012635b62cSymantec VelociRaptor 1.5 has released hotfixes that address the denial of service attack reported against isakmpd.
7c12070c1f88045cc5dc5d0c7a4b1f44d0dfcfc6aa7c843223410dd5a8a8ad4cThe PHP Code Snippet Library suffers from multiple cross site scripting flaws.
a16e148c1a56fe523fc219611a5c7718feb71d496bde3a990090d68dd7e0c44cSecunia Security Advisory - The vendor has reported a vulnerability in PvPGN, potentially allowing malicious people to see sensitive information. An unspecified problem with statsreq may expose sensitive information. This has been fixed in version 1.6.4.
eb13bde7441f7919b0f7a01be5de38099cd8a59db84f8b2a42db26a9b75864d8Painkiller versions 1.3.1 and below have a memory corruption flaw with limited code execution possibilities.
9f3fbf17f9fbeaebbb20c73ce8470c4497975e358be471e51bb0a326a7eac154GulfTech Security Advisory - Multiple Liveworld products suffer from cross site scripting flaws.
ebc7c3c7aae2e82bed1c14b4ed71a11fb9c443b20dfa4e4c5326466ff63aae6esredird versions 2.2.1-1 and below suffer from a format string bug and a buffer overflow that may let remote users execute arbitrary code.
b1e0ac8fc476c2edf91a769ccfb968ff2145d0af5c80f3a90373bbf293b01c15Sun Security Advisory - A buffer overflow in the Sun Solaris CDE Mailer dtmail allows for arbitrary code execution with mail group privileges.
ca18021130a1e5ab89ea6203a8ebcbdbfa538c3854cd33b9f2f569a74b080e0dEpixtech Dynix Webpac suffers from SQL injection attacks that allow for login bypass, command execution, and more.
7842802db764f0b8ea08e0baaa91d45b1bd5d2155471489b26a70d4c7f3867d8Much like in the recent advisory about detection of directories in Opera, a similar method of detection has been discovered in Internet Explorer versions 6 and 5.
a94516d00047679677f625607045687b8c609c3ed6725c2e200f39e5a865492dDebian Security Advisory DSA 541-1 - In icecast-server, the UserAgent variable is not properly html_escaped allowing an an attacker the ability to cause the client to execute arbitrary Java script commands.
9daf4bbd5722447c08923b0aa6f406682997d55613d9eb4df95195f4068203c7Window Washer 5.5 fails to actually full wipe files as the product functionality claims. After deletion, files can still be recovered, and only their metadata is actually wiped.
89a7d8436364d56f477bfb3214d6f7e95b44c08435d95d303a6ca67f7911277bSecunia Security Advisory - A vulnerability has been reported in Davenport WebDAV-CIFS Gateway, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to insufficient validation of XML documents sent from clients. This can be exploited by using a specially crafted overly long XML document, which will require excessive resources on expansion. The vulnerability affects versions prior to 0.9.10.
e69794a5a1f7e7bd97b1bfc29879ad648aec0a8c01d3bbde37f944ab688eeb90Hitachi Security Advisory - The JP1/File Transmission Server/FTP is susceptible to a denial of service attack. It would be seriously impressive if their advisories could be more vague.
c4584dc5d034d76b53e99bf3511f5dd3c0d268faee1e697f1b6a7b9f1abdedc7Hastymail version 1.0.1 stable and below and 1.1 development and below suffer from a cross site scripting flaw.
709201c79d2b06cd0e09ff4c5a021b7bada568a87a090c48e68a4d882a3b9128MOD_SUPHP is an Apache module that allows php scripts to run as users rather than the www-data user. A condition exists that would allow an attacker to use this module to run arbitrary code.
2df871582e14a312ba3d2a736b2e170795092c7ed83f2ab6a61ffbb8d9d3729cSecunia Security Advisory - Dmitriy Baranov has reported a vulnerability in aGSM, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when receiving information from a game server. This can be exploited by a malicious server to cause a buffer overflow by returning a specially crafted, overly long Half-life server name (about 148 bytes). Successful exploitation may lead to execution of arbitrary code. The vulnerability has been reported in versions 2.35c and 2.51c. Other versions may also be affected.
ee5db3a2b52cbf78b74a4e4bb258b22506364ddbee3e62112ece9e4436efa926Bird Chat version 1.61 is susceptible to a denial of service attack.
3fd39ba61940268943a877e48620af76ea13d357c808d10f8725f4e5f0bf3a91An unspecified vulnerability with an unknown impact has been reported in Novell Web Manager on Novell NetWare 6.5.
622530c4e4842b852d35adf6494b6a01eb2c009199653f013e352bc3558626ceKDE Security Advisory - Konqueror suffers from a Cross-Domain Cookie Injection vulnerability.
b677033eae041feccfc0d629be666a7a4a676bbb34a2b617d81f358a7e7b56b9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed