Samba 3.0.x is susceptible to multiple denial of services bugs that can remotely crash the daemons nmbd and smbd.
f4537d8e10bef6278b460a495b011aa96a2114153cc957d69798d3055570f110
Secunia Security Advisory - Secunia has discovered a vulnerability in OpenOffice and StarOffice, which can be exploited by malicious, local users to gain knowledge of sensitive information.
3b42a4de1894fb36879f486d5528b9ab61b6508f9397b5b03fc8fee129db81b1
A directory traversal vulnerability exists in several FTP commands of TwinFTP that may be exploited by a malicious user to access files outside the FTP directory. The problem lies with the incorrect filtering of directory name supplied to CWD, STOR and RETR commands. Versions tested: TwinFTP Server Standard 1.0.3 R2 (Win32) on English WinXP SP1, TwinFTP Server Enterprise 1.0.3 R2 (Win32) on English Win2K SP2.
d6f72bc7fab9132f3f56758b94be272eefba30b76a4c1dabb51e82a11d482c15
Sec-Labs Advisory - Gadu-Gadu is susceptible to a heap overflow that allows for arbitrary code execution. Tested against version 6.0 build 149.
c439851c4bd7fe8790976ac8da0cb2ed86c17f1eda67ae166eb128b68e66b817
Multiple methods exist that allow for a crash of the Serv-U FTP server versions 4.x through 5.x.
d941fdd90d43d505caf64fd5ccd29666e277692cc3b92dcb7f904ebe311179ac
mod_ssl segmentation faults in the char_buffer_read function when reverse proxying SSL originating from an IIS server. Verified in build 2.0.50.
d910ca66c0aedc6006ed88626bf0d22fd6876bafac2e861f30b44b53a18befce
Halo: Combat Evolved versions 1.4 and below suffer from an off-by-one vulnerability that can result in a denial of service.
ab368723fc5910a5e72174769904c58f6bf0ed7dfd96ac0223fcb7fbb731516f
Gentoo Linux Security Advisory GLSA 200409-14 - Samba is vulnerable to a remote denial of service attack due to out of sequence print change notification requests. Versions below 3.0.6 are affected.
734c55be7f74b7105607ffc3f19c3b92fdd780cbdd9dac1ec2254fe1039e224d
Secunia Security Advisory - A vulnerability has been reported in F-Secure Internet Gatekeeper 6.x and F-Secure Anti-Virus for Microsoft Exchange 6.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the exception handling in the F-Secure Content Scanner Server component. This can be exploited to crash a process in the component via specially crafted packets.
b3ca10c3e6df929147caeb5c692f7f7718af84037ebe064bdbe7ca9960545ca7
Secunia Security Advisory - A vulnerability has been reported in MailEnable Professional and Standard 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing DNS responses. This can be exploited to crash the SMTP service by returning a DNS response containing over 100 MX records.
f5b8aa714888662a42f8bbfaaa1434adcc6dda119cf4c088df06fc3f53402ddc
Gentoo Linux Security Advisory GLSA 200409-13 - Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code. Versions 114i-r3 and below are affected.
3f6655c18e8e9c6b298a4899b7be30784a18b4b8ae9377ad8e50072ac22cd18e
Secunia Security Advisory - A vulnerability has been reported in Emdros, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak in the CFeatureDeclaration::TypeTypeCompatibility() function. This can be exploited to consume available system resources by issuing a large amount of malformed CREATE OBJECT TYPE or UPDATE OBJECT TYPE statements. Versions below 1.1.20 are affected.
90af5467e7cf6e5b9248568c49e8662738511456e0f7b51b556f0b12a910b107
Mandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.
6f38c8ce8d76f1228e8d3ca2e1b81434d0f2613330175e2b3a098eeec3ceb160
Gentoo Linux Security Advisory GLSA 200409-11 - star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker. Versions below star-1.5_alpha46 are affected.
0a764fb0ae2a0a1b04bf81b961a04d56e2ddd3be02fad962dccb42f9025e8af6
Gentoo Linux Security Advisory GLSA 200409-12 - ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.
376ef73790324660fa24345695c0cd32047f99fa788ed69b7787d37def69f456
Secunia Security Advisory - A vulnerability in net-acct can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The write_list() and dump_curr_list() functions create temporary files insecurely. This can be exploited via symlink attacks to overwrite or create arbitrary files with the privileges of a user executing net-acct. The vulnerability affects version 0.71 and prior.
b396350780b8c1b8f374c9455b36472cd9ed1ffcecc1ac74c6273db16b32ce54
Secunia Security Advisory - A vulnerability has been reported in Cosminexus Portal Framework, which potentially can be exploited by malicious users to gain knowledge of sensitive information.
76d20ab5ed868195dc4f3fcd01d059b6fe29b6c0206fb862ffe8e4137d7d377e
SNS Advisory 77 - A vulnerability in Usermin's Web mail function could result in arbitrary command execution upon viewing a specially crafted HTML mail. Affected Versions: Usermin 1.070, 1.080.
e89bdbe5b952119110222b898006b2ef7e8f0aafe483e152787abb724d0ec24b
A malicious formatted mp3/2 causes mpg123 to fail header checks, this may allow arbitrary code to be executed with the privilege of the user trying to play the mp3. Versions affected: mpg123-0.59r and maybe mpg123-0.59s.
a2d0241fdb4fded60501294730f548ebfdea1f165c0724f731adb0b409c87f9f
Gentoo Linux Security Advisory GLSA 200409-10 - Active keystroke logging in multi-gnome-terminal has been discovered in potentially world-readable files. This could allow any authorized user on the system to read sensitive data, including passwords.
bae035ce2f875684c40b221ef41ac6b897cf0d7d45ede3f7c50754799d36dfa8
Sun Security Advisory - A remote privileged user may be able to create a denial of the Domain Name System (DNS) service by killing the in.named(1M) daemon. As a result, applications, systems and devices relying on DNS may fail.
0826ed069fd2e0722808b547d408da35d4a2bdbefa22ea0710794abc6cfef2fa
The Serverview server management product is susceptible to multiple denial of service and data corruption attacks due to insecure file permissions.
108fcccc833eb5fcd6c72e00dec99910326570a898687b5d0d5fcb0084408a96
Secunia Security Advisory - Various unspecified vulnerabilities with an unknown impact have been reported in Tutti Nova. Successful exploitation reportedly requires that register_globals is enabled.
c4ed94876ef597e19cadbbd68b362e03571529326f3383140c317e885c4dd4e5
Secunia Security Advisory - An unspecified vulnerability has been reported in phpGroupWare, which can be exploited by malicious people to conduct cross-site scripting attacks.
98742018ad84bf0b519f0a2cd8da05425b11f00020770e078acbeb61e2dedbbe
Secunia Security Advisory - Two vulnerabilities have been reported in gnubiff 1.x, which potentially can be exploited to cause a DoS (Denial of Service) or compromise a vulnerable system.
01155a63fa5731110f17ff26e9106cc83a30d52992c534494f795e288c5f8507