Hired Team: Trial versions 2.0/2.200 and below suffer from format string, malformed packet, and status/kick remote vulnerability flaws.
48d0de0d8b027316b2b64bb516c71819b83ddb7fbf4b158332b44601757163cfSecunia Security Advisory - benji lemien has reported two vulnerabilities in Aztek Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
2c94a8e0a416b43021010d5676ed7d0d5c0c48429bdf844cb73ae325802749d5Secunia Security Advisory - Digital-X has reported two vulnerabilities in Private Message System module for PunBB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
3a3920afb7b9e888dac9dc382ade8c9cbdfc15f96638b6a65a7e03a3c6e1f0a3Secunia Security Advisory - Frank Mileto has discovered a vulnerability in Spy Sweeper Enterprise, which can be exploited by malicious, local users to disclose sensitive information.
d4ec931c32eac56df2a1ec5fc9724dd68008d82a99ecc7e79baba9771efa06baSecunia Security Advisory - A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the handling of command line arguments.
59cbbcfa7e686fe8ef8eeed0c62e0acfde336cb713778930512d78d59c1d0234Samba versions 3 through 3.0.7 suffer from a buffer overflow inside the QFILEPATHINFO request handler. This vulnerability allows for remote code execution.
19cd039a672527a6b47d2c45a1745de3a774b639ca25e062a5e1932683d23767Army Men RTS version 1.0 is susceptible to a format string bug that results in a denial of service.
b0edb52988fc0c2d479204cb4e5f55a2738415330abf4e16111143b5dbafc2dbAlthough one of the features of Google Desktop Search is to archive web history in its index for future searching, unchecking the preference to archive Web History and saving the preference does not clear the web history from the index.
d6ac298483d170e897ea9fdc64c9e41824b213b20b76a5907a327dc8094dc5a7TheFaceBook is susceptible to multiple cross site scripting flaws.
e8602f6f087e56db508594ec635b29de6aac55141c8f005ff868b24087ef3a19PHPBB version 2.0.x - 2.0.10 is susceptible to a SQL injection attack.
4f053ca2bbaab78236728fbce72ffbc174d33b87706583f643af3eea32ae60cbRemote attackers are able to execute arbitrary commands in the context of the TWiki process for TWiki versions 20030201 and possibly in other versions as well. This flaw is due to a lack of proper sanitization of user input.
ac52112bc5ecb5d1c0b1b78be42869a3a5320137a2621f2fc66722fa6a94c04cSecure Network Messenger versions 1.4.2 and below suffer from a remote denial of service vulnerability.
b377941d0d36b5ed895485dbb5fd65db7ff06a1742ee0d1054119a629f139007The Alcatel/Thomson Speed Touch Pro ADSL modem suffers two security flaws allowing an insider to poison the intranet zone configured in the modem's embedded DNS server.
9bbdb6331e0c1c32a010de746600968e00b87e55d153201e72c3355b25408791Sudo version 1.6.8, patchlevel 2 is now available. It includes a fix for a security flaw in sudo's environment cleaning that could give a malicious user with sudo access to a bash script the ability to run arbitrary commands.
ae15d1dca83013b781fad2452080e5a499a8900efc4c6eaf12c3d0b18223c869Secunia Security Advisory - A vulnerability has been reported in UNARJ, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the handling of long filenames in archives. This can be exploited to cause a buffer overflow by tricking a user into opening a malicious archive with a specially crafted path.
1b24393f6cc4b6c4ca04e89be845c1da2f1efb313196b5f887f342b10cadbf96Technical Cyber Security Alert TA04-316A - There is a vulnerability in the way Cisco IOS processes DHCP packets. Exploitation of this vulnerability may lead to a denial of service. The processing of DHCP packets is enabled by default.
6d7e0df60be9abbc7bb549866d6dd8df85bbe76ad2cdc57356c933aab7f8eb8eGentoo Linux Security Advisory GLSA 200411-22 - Davfs2 and the lvmcreate_initrd script (included in the lvm-user package) are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running them.
2e4ad81859058f5f403a9fbc0e0f71e82875af13830ea244ece4a6e1088b855cGentoo Linux Security Advisory GLSA 200411-21 - An input validation flaw in Samba may allow a remote attacker to cause a Denial of Service by excessive consumption of CPU cycles.
aa86bb696a8a65c378c83c31a6f74c86cb050a8eb76172d735a65943c42081b1Additional information about recent discussion various entities have have with CyberGuard regarding their firewall.
19a8fdfc846e0b21cb2afdc9ab53f7ffe3fc6bccf1b0ccea948f74b104c2a750Cisco Security Advisory - Cisco Security Agent (CSA) provides threat protection for server and desktop computing systems, also known as endpoints. It identifies and prevents malicious behavior, thereby eliminating known and unknown security risks. A vulnerability exists in which a properly timed buffer overflow attack may evade the protections offered by CSA. The system under attack must contain an unpatched underlying vulnerability in system software that CSA is configured to protect. Another prerequisite for the attack is that a user must be interactively logged in during the attack.
0fc1660d805f9db93b2f86459e3c50bd8ddc7a115b82343390d08c79b10a1348ez-ipupdate is susceptible to a format string bug. It, at the very least, affect versions 3.0.11b8, 3.0.11b7, 3.0.11b6, 3.0.11b5 and 3.0.10. It does not affect 2.9.6.
c6b17bb453d52744e3c14270258284ead1e82fe3fff997919a781b5809c62d15Gentoo Linux Security Advisory GLSA 200411-19 - Pavuk contains multiple buffer overflows that can allow a remote attacker to run arbitrary code.
e7acf02ff8eb1af9a153c34492eccda803936a7a3d40d828a15ce24ecd5470a4Secunia Security Advisory - A vulnerability has been reported in MIMEsweeper for SMTP, which potentially can be exploited by malware to bypass the scanning functionality.
d60932cf5dc14f91a5a02f20b8b6b66c3a01d611a496ea82382dac1711383470Technical Cyber Security Alert TA04-315A - Microsoft Internet Explorer (IE) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. A buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of various elements, including FRAME, IFRAME, and EMBED. Because IE fails to properly check the size of the NAME and SRC attributes, a specially crafted HTML document can cause a buffer overflow in heap memory. Due to the dynamic nature of the heap, it is usually difficult for attackers to execute arbitrary code using this type of vulnerability.
dde5a26a7a4fb4dc3e79f0d5ca018fa7314b3d9e764f02c135b67d484a8eea60Secunia Security Advisory - Isno has reported a vulnerability in CCProxy, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of HTTP requests. This can be exploited to cause a buffer overflow by sending an overly long HTTP GET request. Successful exploitation may allow execution of arbitrary code. The vulnerability has been reported in version 6.0. Other versions may also be affected.
e1d743bac1a3fd1ee60d4d2392726e763433e4e7f3fbd44e532a0f825b31099b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed