Hired Team: Trial versions 2.0/2.200 and below suffer from format string, malformed packet, and status/kick remote vulnerability flaws.
48d0de0d8b027316b2b64bb516c71819b83ddb7fbf4b158332b44601757163cf
Secunia Security Advisory - benji lemien has reported two vulnerabilities in Aztek Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
2c94a8e0a416b43021010d5676ed7d0d5c0c48429bdf844cb73ae325802749d5
Secunia Security Advisory - Digital-X has reported two vulnerabilities in Private Message System module for PunBB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
3a3920afb7b9e888dac9dc382ade8c9cbdfc15f96638b6a65a7e03a3c6e1f0a3
Secunia Security Advisory - Frank Mileto has discovered a vulnerability in Spy Sweeper Enterprise, which can be exploited by malicious, local users to disclose sensitive information.
d4ec931c32eac56df2a1ec5fc9724dd68008d82a99ecc7e79baba9771efa06ba
Secunia Security Advisory - A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the handling of command line arguments.
59cbbcfa7e686fe8ef8eeed0c62e0acfde336cb713778930512d78d59c1d0234
Samba versions 3 through 3.0.7 suffer from a buffer overflow inside the QFILEPATHINFO request handler. This vulnerability allows for remote code execution.
19cd039a672527a6b47d2c45a1745de3a774b639ca25e062a5e1932683d23767
Army Men RTS version 1.0 is susceptible to a format string bug that results in a denial of service.
b0edb52988fc0c2d479204cb4e5f55a2738415330abf4e16111143b5dbafc2db
Although one of the features of Google Desktop Search is to archive web history in its index for future searching, unchecking the preference to archive Web History and saving the preference does not clear the web history from the index.
d6ac298483d170e897ea9fdc64c9e41824b213b20b76a5907a327dc8094dc5a7
TheFaceBook is susceptible to multiple cross site scripting flaws.
e8602f6f087e56db508594ec635b29de6aac55141c8f005ff868b24087ef3a19
PHPBB version 2.0.x - 2.0.10 is susceptible to a SQL injection attack.
4f053ca2bbaab78236728fbce72ffbc174d33b87706583f643af3eea32ae60cb
Remote attackers are able to execute arbitrary commands in the context of the TWiki process for TWiki versions 20030201 and possibly in other versions as well. This flaw is due to a lack of proper sanitization of user input.
ac52112bc5ecb5d1c0b1b78be42869a3a5320137a2621f2fc66722fa6a94c04c
Secure Network Messenger versions 1.4.2 and below suffer from a remote denial of service vulnerability.
b377941d0d36b5ed895485dbb5fd65db7ff06a1742ee0d1054119a629f139007
The Alcatel/Thomson Speed Touch Pro ADSL modem suffers two security flaws allowing an insider to poison the intranet zone configured in the modem's embedded DNS server.
9bbdb6331e0c1c32a010de746600968e00b87e55d153201e72c3355b25408791
Sudo version 1.6.8, patchlevel 2 is now available. It includes a fix for a security flaw in sudo's environment cleaning that could give a malicious user with sudo access to a bash script the ability to run arbitrary commands.
ae15d1dca83013b781fad2452080e5a499a8900efc4c6eaf12c3d0b18223c869
Secunia Security Advisory - A vulnerability has been reported in UNARJ, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the handling of long filenames in archives. This can be exploited to cause a buffer overflow by tricking a user into opening a malicious archive with a specially crafted path.
1b24393f6cc4b6c4ca04e89be845c1da2f1efb313196b5f887f342b10cadbf96
Technical Cyber Security Alert TA04-316A - There is a vulnerability in the way Cisco IOS processes DHCP packets. Exploitation of this vulnerability may lead to a denial of service. The processing of DHCP packets is enabled by default.
6d7e0df60be9abbc7bb549866d6dd8df85bbe76ad2cdc57356c933aab7f8eb8e
Gentoo Linux Security Advisory GLSA 200411-22 - Davfs2 and the lvmcreate_initrd script (included in the lvm-user package) are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running them.
2e4ad81859058f5f403a9fbc0e0f71e82875af13830ea244ece4a6e1088b855c
Gentoo Linux Security Advisory GLSA 200411-21 - An input validation flaw in Samba may allow a remote attacker to cause a Denial of Service by excessive consumption of CPU cycles.
aa86bb696a8a65c378c83c31a6f74c86cb050a8eb76172d735a65943c42081b1
Additional information about recent discussion various entities have have with CyberGuard regarding their firewall.
19a8fdfc846e0b21cb2afdc9ab53f7ffe3fc6bccf1b0ccea948f74b104c2a750
Cisco Security Advisory - Cisco Security Agent (CSA) provides threat protection for server and desktop computing systems, also known as endpoints. It identifies and prevents malicious behavior, thereby eliminating known and unknown security risks. A vulnerability exists in which a properly timed buffer overflow attack may evade the protections offered by CSA. The system under attack must contain an unpatched underlying vulnerability in system software that CSA is configured to protect. Another prerequisite for the attack is that a user must be interactively logged in during the attack.
0fc1660d805f9db93b2f86459e3c50bd8ddc7a115b82343390d08c79b10a1348
ez-ipupdate is susceptible to a format string bug. It, at the very least, affect versions 3.0.11b8, 3.0.11b7, 3.0.11b6, 3.0.11b5 and 3.0.10. It does not affect 2.9.6.
c6b17bb453d52744e3c14270258284ead1e82fe3fff997919a781b5809c62d15
Gentoo Linux Security Advisory GLSA 200411-19 - Pavuk contains multiple buffer overflows that can allow a remote attacker to run arbitrary code.
e7acf02ff8eb1af9a153c34492eccda803936a7a3d40d828a15ce24ecd5470a4
Secunia Security Advisory - A vulnerability has been reported in MIMEsweeper for SMTP, which potentially can be exploited by malware to bypass the scanning functionality.
d60932cf5dc14f91a5a02f20b8b6b66c3a01d611a496ea82382dac1711383470
Technical Cyber Security Alert TA04-315A - Microsoft Internet Explorer (IE) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. A buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of various elements, including FRAME, IFRAME, and EMBED. Because IE fails to properly check the size of the NAME and SRC attributes, a specially crafted HTML document can cause a buffer overflow in heap memory. Due to the dynamic nature of the heap, it is usually difficult for attackers to execute arbitrary code using this type of vulnerability.
dde5a26a7a4fb4dc3e79f0d5ca018fa7314b3d9e764f02c135b67d484a8eea60
Secunia Security Advisory - Isno has reported a vulnerability in CCProxy, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of HTTP requests. This can be exploited to cause a buffer overflow by sending an overly long HTTP GET request. Successful exploitation may allow execution of arbitrary code. The vulnerability has been reported in version 6.0. Other versions may also be affected.
e1d743bac1a3fd1ee60d4d2392726e763433e4e7f3fbd44e532a0f825b31099b