Cisco Security Advisory - Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on MPLS disabled interfaces. A system that supports MPLS is vulnerable even if that system is not configured for MPLS. The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable.
061fe1bb12e105fc6cabaa2a77c951facb397ec8fea09a26cd84bc79c39b524bCisco Security Advisory - A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DoS) attack from a malformed BGP packet. Only devices with the command bgp log-neighbor-changes configured are vulnerable. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet.
741aa15010a7e4e4c143cde6e734365b823f18d3b50bedffcdf8423e5e202d9bCisco Security Advisory - Cisco Internetwork Operating System (IOS) Software is vulnerable to a Denial of Service (DoS) attack from crafted IPv6 packets when the device has been configured to process IPv6 traffic. This vulnerability requires multiple crafted packets to be sent to the device which may result in a reload upon successful exploitation.
447cb2275ca1195795455595b92bf5ffeda844d40af5c416f72e2b114042e948Secunia Security Advisory - A vulnerability has been reported in MoinMoin, which can be exploited by malicious people to bypass certain security restrictions.
8ea371b8728a7aafe7a1feb2e6d8f4daf69f468638f58ec38b7721fa12121126Two news flaws have been discovered in BIND. BIND 9.3.0 suffers from a denial of service flaw in its validator. BIND 8.4.4 and 8.4.5 suffer from a denial of service flaw due to an overrun exploitable in the q_usedns array which is used to track queries.
5926d2b1570d6b79c9dbf0eb3627bc595490c75b56c5ef11db4748fc5171fd12Debian Security Advisory 659-1 - Two problems have been discovered in the libpam-radius-auth package, the PAM RADIUS authentication module. The configuration file gets installed world-readable and the same flaw that exists in mod_auth_radius for Apache is inherent in libpam-radius-auth as well.
23970a322ee025947949b427b88cd9aa8a5be13adf076f41317674fcacab8334Berlios gpsd, a remake of pygps, suffers from a format string vulnerability that is remotely exploitable.
91f4951eb6348f3788887678a4451b9998f3f8c3cbacfcc1f0fda31e97293782Sun Security Advisory - A security vulnerability in the DHCP administration utilities dhcpconfig(1M), pntadm(1M), and dhcpmgr(1M) may allow an unprivileged local user the ability to execute arbitrary code with the privileges of root.
28d9fe4db2eec10195999416b29730e9a7757b54eb86793f5cefd1b241f69e4fDebian Security Advisory 658-1 - The Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.
33c649bdecf8390f19cc8ac37b7fe39371b11a83ce1bcdbec402e17800600144Secunia Security Advisory - A vulnerability has been reported in BRIBBLE, which can be exploited by malicious people to bypass certain security restrictions.
49eed3024e0d77fd91982e0b5803f06cbf50a7556e65b4c8a7455ba4ea6deafbDebian Security Advisory 657-1 - A heap overflow has been discovered in the DVD subpicture decoder of xine-lib. An attacker could cause arbitrary code to be executed on the victims host by supplying a malicious MPEG. By tricking users to view a malicious network stream, this is remotely exploitable.
498b369f0d2a898c3a04161eb4c4a99551dffdf5ad433f3d72826e8074c9aee1Debian Security Advisory 656-1 - The Debian Security Audit Team has discovered that the vdr daemon which is used for video disk recorders for DVB cards can overwrite arbitrary files.
12a94e185f0315de627dd903f9482a3c97a473fe34f836fa4025467494c764bcDebian Security Advisory 655-1 - zhcon accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files.
522851362d262be05d4670766589389ed2043f1bfa8c3e992e3f7b9a58503231Gentoo Linux Security Advisory GLSA 200501-31 - teTeX, pTeX and CSTeX make use of vulnerable Xpdf code which may allow the remote execution of arbitrary code. Furthermore, the xdvizilla script is vulnerable to temporary file handling issues.
ed0dba4c77a665b500b135c1364a2634203b2a6511a369e8f746a7ebccd40c7aApple QuickTime versions 6.5.2.10 and below suffer from a parsing error when attempting to view .qtif image files.
48ea82095007feda2f86f09f89aee84096b9f55c4146bd6b26bf75ad8f0e984eW32Dasm suffers from a classic buffer overflow vulnerability when analyzing files.
3f6a94664240e9d8bbf43651feb3e5c53fc4ae4770c8ea40c482cce15361e873Gentoo Linux Security Advisory GLSA 200501-35 - An overflow in the camel-lock-helper application can be exploited by an attacker to execute arbitrary code with elevated privileges.
3b68ef883df8baaaa42a0980b2702f7d70c0e2a3d3b5303c645dd93cae809857Multiple applications that suffer from the fd_set overflow vulnerability can be exploited remotely.
98b5664dadec4af4304274a5d8ca405f190f86ac380dc5aa853abbe0b1aeb28fiDEFENSE Security Advisory 01.24.05 - Exploitation of a buffer overflow vulnerability in DataRescue Inc.'s Interactive Disassembler Pro (IDA Pro) allows attackers to execute arbitrary code under the context of the logged on user.
55b803cfa439087d25f7b47235e3dc842c772a5b73bdfd06ab64bec6b861635eThe Spectrum Cash Receipting system suffers from a weak password protection vulnerability. All known versions are susceptible.
0a44374528890f045fe0d7c83d05b05dda03b7b5ec10f52e6f4d4c41c0cb3cdcSecunia Security Advisory - Three vulnerabilities have been reported in SquirrelMail, which can be exploited by malicious people to gain knowledge of sensitive information or conduct cross-site scripting attacks.
5e427517a8087ebfcd6d23dbc8b8109b24c6436924418adea0aa4503c95db387Secunia Security Advisory - A vulnerability has been reported in OpenH323 Gatekeeper, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
0e00df695a2ee82d279b56ac317f5e9954f40bd95af5c03b911d6af414531115Secunia Security Advisory - A vulnerability has been reported in Xerox WorkCentre Pro, which can be exploited by malicious users to gain knowledge of sensitive information.
96c3ddc90418aa194340dce6d44a650df57ab7b05842ebace5f946877323ef4aSecunia Security Advisory - Ryu Connor has reported a vulnerability in nProtect Gameguard, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
7682be8f2b90b5114329d536fdc8cfe4cf770e38f4f1a31f42253b59af5541c4Two small flaws in the Nokia 60 OS can be used in conjunction with each other to allow for auto execution of files.
1777d35680fcdd177f244d2e801306c5bd6cb4a8056c03ad276d5346b707ffab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed