Packet Storm new advisories for all of 2004.
a78833f12adaa17febcf862ccf36be61b496ba7243db1e22d6a85f2c0ec4091eJacks FormMail.php script can be manipulated into sending arbitrary files from the server. Version 5.0 is affected.
f0b8e6608716da6296ab9be0b7e223adf0c401e1180e46a5525bf1484d5f0f76A flaw exists in the high scores module of IbProArcade which allows for malicious SQL injection.
cb57b1789765acc2260049eac8f3fda899d21004e3880d382e1410c230cf0e82Versions prior to 1.4.2.1 of the ArGoSoft FTP server will disclose whether or not a supplied username is valid or not. A login name supplied with the USER command will not be accepted unless it is valid.
89ccfd2a196725b8e9084c125c42f0d20b43c9aa550dedd42679aa8a4121ac54Gentoo Linux Security Advisory GLSA 200412-27 - cYon discovered that the authform.inc.php script allows a remote user to define the global variable path_pre.
302e083956c4e9d535211a0e087ff8cf7771ae87b9c57c44fb4ba802744efdc3Gentoo Linux Security Advisory GLSA 200412-24 - New integer overflows were discovered in Xpdf, potentially resulting in the execution of arbitrary code. GPdf includes Xpdf code and therefore is vulnerable to the same issues.
99c92e9ed327bdf61cd14458d9ffcd70882b4eb6cd7ff444abbdff35a5d37d3e7a69ezine Advisories #17 - Internet Explorer version 6.0.3790.0 suffers from an FTP download path disclosure flaw.
f829843a3f2ac0a1644d494c0cb49e25bfb90a61e50ec58f66cc5fa74a8bc87aSecunia Security Advisory - The vendor has acknowledged a vulnerability in kio_ftp, which can be exploited by malicious people to conduct FTP command injection attacks.
02bbae4dec3af0b17cf926532f1af258386feb7c54e1e34527e6bab214605fabSecunia Security Advisory - sullo has reported multiple vulnerabilities in Eventum, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and potentially bypass certain security restrictions.
c61ffc1ad7861cd0cbd55a27081cb9061eaa04e134a4d6b0afb8b7adeda89fc7Secunia Security Advisory - Symantec has acknowledged three vulnerabilities in the Nexland Firewall Appliances, which can be exploited by malicious people to cause a DoS (Denial of Service), identify active services, and manipulate the firewall configuration.
4803087c1aa3833fb14343e12dda8b3921d0e4b3b4444fe122440c1e47937c9fSecunia Security Advisory - A vulnerability in aStats can be exploited by malicious, local users to perform certain actions on a vulnerable system to gain escalated privileges.
4a056c61472a25f3ace36cc3af8feebb7a5ec8667bcfebc83265477fa501d893QNX crttrap has a -c flag to specify where trap file will be written. Combined with the trap flag it is possible to read or write any file in the disk. QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 are all affected.
fb4f56b2ec2fdf473fcce500ead2b39f939a04c5e82ccc3ef3ae44701188dac7Secunia Security Advisory - cYon has reported a vulnerability in PHProjekt, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the path_pre parameter in authform.inc.php is not properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources.
3a4e8b42424d86f7dd2dee41e21bdc34aac2390ca46119e1916592e16c90faadSecunia Security Advisory - Some vulnerabilities have been reported in Atari800, which can be exploited by malicious, local users to gain escalated privileges. The vulnerabilities are caused due to unspecified boundary errors and can be exploited to cause buffer overflows. Successful exploitation may allow execution of arbitrary code with escalated privileges, if the SVGAlib version is used in a setuid binary.
f425061da3ff2f3a02803e874d7a858673a584d5495b3ccfc963a7f8f930dedfThere is a weird denial of service issue with Internet Explorer and Mozilla Firefox when they attempt to render html files with long titles.
467ede60a3da75e8f2ac6f25e17f8df7f77c680e4ec8c35364740aab6868374eSecunia Security Advisory - First Last has reported a weakness in CleanCache, which can be exploited by malicious people to disclose securely deleted data on a disk.
b99577a39fe927646b34fa6678ce0e1a18717ccf2172f1731ac28074be951e4dSecunia Security Advisory - Martin Schwidefsky has reported a vulnerability in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the SACF (Set Address Space Control Fast) control instruction being handled insecurely on the S/390 platform.
8b43d7433241fe27ceeaf1b3f2f7fe475019976deb36d7e4fbee958c0f04a910Secunia Security Advisory - A vulnerability has been reported in Crystal Enterprise, which can be exploited by malicious people to conduct cross-site scripting attacks.
55af96ffe7cf39ecfd7aa163ca43125ab6e890b94ac8f9599a6b12ab27822df0Santy.b phpBB worm that affects versions 2.0.10 and below and installs a bot. Uses AOL/Yahoo search.
25273610beb305e25f97564d200388d022753613cacaf2fd823a114c466cb115Secunia Security Advisory - snilabs has reported a security issue in PHP-Blogger, which can be exploited by malicious people to disclose sensitive information. The problem is that database files (.db) by default are stored inside the web root and are not correctly protected against being accessed directly on some server configurations. This can e.g. be exploited to disclose the admin password.
a2b423512bb9baaab9a5c77fda37cb63e046ecc304547b00c7276921758a0496Secunia Security Advisory - Nicolae Mihalache has reported a security issue in avelsieve, which potentially can be exploited by malicious users to cause a DoS (Denial of Service).
e6099b09429b5723bc67aa32914de8949b1f76b3cb0e3e7fdffaae0813df7fb8Internet Explorer will accept %0a and %0d in URLs. In FTP URLs, it will accept them in the username part of the URL. Due to the similarity between the FTP and SMTP protocols, this can be used to send mail.
e2e71c2a7f12cac58fb231beaf48bf5b486852f8767f80078d2102127d129720Plesk, a popular server administration tool used by many web hosting companies, is susceptible to cross site scripting flaws.
561ab831ef114785159c21d59981cca959a4a7af271cbe8bf055ab77f58d6fb2HP Security Bulletin - A potential security vulnerability has been identified with System Administration Manager (SAM) running on HP-UX that may allow local unauthorized privileges. Affected Versions: HP-UX B.11.00, B.11.11, B.11.22, and B.11.23.
319afe43d1b320a755cd24871491338f3e486749a9432161423cb91beaa6d5caSecunia Security Advisory - Two vulnerabilities have been reported in Rpm Finder, which can be exploited by malicious people to compromise a user's system and by malicious, local users to perform certain actions with escalated privileges.
235e6abaff83d84e633690fa2b9e2648da4e8b729ea43505e4774ecdebf54457
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed