iDEFENSE Security Advisory 02.28.05 - Local exploitation of a privileged file descriptor leak in KPPP can allow attackers to hijack a system's domain name resolution function. The vulnerability specifically exists due to kppp's failure to properly close privileged file descriptors.
1e98ce8b6f3a457b18bb7affeffb9feeb347d0f671f15de5837566681204732diDEFENSE Security Advisory 02.28.05 - Remote exploitation of a design error in Mozilla 1.7.3 and Firefox 1.0 may allow an attacker to cause heap corruption, resulting in execution of arbitrary code.
5cbd9ac52cd21291b79bf7cd047e91d345c31eb9f4edcc93aff9be053d9c7ac5Secunia Security Advisory - A security issue has been reported in FreeNX, which can be exploited by malicious, local users to bypass certain security restrictions.
37e1ac9deed70b20e10015f518381ec11c9ec9590a036e8b2ef647dbc7731bfdSecunia Security Advisory - Adam Zabrocki has reported a vulnerability in WU-FTPD, which can be exploited by malicious users to cause a DoS (Denial of Service).
a00735d6fe1cc601a159d24a83abcc472ee3d74af790568f34dce435806a9f35Secunia Security Advisory - Randall Perry has reported a weakness in Gaim, which can be exploited by malicious people to cause a DoS (Denial of Service).
c9825e7f28eee24dac2ddf5bc103f2c5c24cfff27d0b8954871dd6099173cae6Secunia Security Advisory - Kevin Masterson has reported a vulnerability in the WebMod plugin for Half-Life Dedicated Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
62f3b3610e1fd5ac69237ba6d094f010356206a8ee1495277e23bdd9748baea5Secunia Security Advisory - A weakness has been reported in Gaim, which can be exploited by malicious people to cause a DoS (Denial of Service).
75b9932e5ae07e7a4071f09511825bb4c4e79a8ef388d87cb5499aea7b4fad2aphpBB version 2.0.12 is susceptible a full path disclosure flaw.
4cec51e22df5d35b92aa11d5337c12048ed95450acaa2abeb85efe9d401bed9bA minor security vulnerability exists in the way that Firefox handles cross-domain image dragging. Versions 1.0.0 and 1.0.1 are affected.
604755feb72dffe2d9395f16b529878dd681ec358f99151df391db07efaa368dSIA has discovered a buffer overflow in EXT.DLL, a module that handles HTTP requests in BadBlue versions below 2.6.
b5607998c3430b98c9a9226f12852961b96d8150541c9eb0ce960333b9bd954aGentoo Linux Security Advisory GLSA 200502-30 - cmd5checkpw contains a flaw allowing local users to access other users cmd5checkpw passwords. Versions 0.22-r1 and below are affected.
516825f6a1566f5096dd94f1bcf5b57777e7e0af2e87cfa9f1c4214133b2466biDEFENSE Security Advisory 02.25.05 - Remote exploitation of an input validation vulnerability in version 2.6.2 of WU-FPTD could allow for a denial of service of the system by resource exhaustion.
b773a75845596f1ab351ab1c13be23ca2743bbbe9b69eb4ece8d77d6739e7afbSecunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to overwrite or delete arbitrary files on a vulnerable system.
5497d544e2202cd6075a1a5f7ff931a55d1efe78f0c25f64514e070f4c0bd641Debian Security Advisory 690-1 - Bastian Blank found a vulnerability in bsmtpd, a batched SMTP mailer for sendmail and postfix. Unsanitized addresses can cause the execution of arbitrary commands during alleged mail delivery.
b0b1a17b1af7846374d350b779527284f2f36c713156f3fd3b1ab100b1f0ecf3By sending a file with parenthesis in it to another GAIM user, you can cause their client to crash and completely close GAIM down.
0b8a25fa28658e8a92e8acd0c39aa0846a6d979482aca7fdd97872679f2760e3Sun Security Advisory - A security vulnerability in the STSF Font Server Daemon (stfontserverd) may allow a local unprivileged user the ability to overwrite or remove any file on the system which could result in a Denial of Service (DoS).
2ee5885d2260af9302e5f2c7bb7dedfae64ea2e56c52ed7e0191861ab29d222dSecunia Security Advisory - Some vulnerabilities have been reported in PunBB, which potentially can be exploited by malicious users to disclose sensitive information, and by malicious people to bypass certain security restrictions and conduct SQL injection attacks.
55bdc2b21f283254eddc16f297a57fd9c343d0f2b840bcffb722121b79b9cedbSecunia Security Advisory - nst has reported a vulnerability in phpWebSite, which potentially can be exploited by malicious people to compromise a vulnerable system.
6d0a244cb9db7f79025aa7e4babcbdace5ad44693fa5bb880fded47728eb1fe7Soldier of Fortune II versions 1.03 and below suffer from a remote denial of service flaw.
a70857bf750f173d882ed32cf5cd2c25d4ae2cb525fce0943073ab2470597ba4HP Security Bulletin - A potential vulnerability has been identified with HP-UX running ftpd where the vulnerability could be exploited to allow a remote authorized user unauthorized access to files.
019efba716311fabbd9c25e564ad9f743b963cc88b64d530205e5b7f4ffcda36Google appears to be correlating searches on Google's site with Gmail accounts, potentially creating privacy concerns for Gmail users.
4aecf53c7deac8ce922ae2fb3f70cc37ba25f0787c4b5dac13f401164f288252The open source guestbook script from CoolServlets.com is susceptible to input validation and logic flaws.
2387b8d6ae974bbd8dd50740fa50a397babe8edbc825c771b0eb5c8cb5ac9d18Cisco Security Advisory - Devices running Cisco Application and Content Networking System (ACNS) software may be vulnerable to Denial of Service (DoS) attacks and may contain a default password for the administrative account. Devices running ACNS software may be vulnerable to the DoS attacks while configured as a transparent proxy server, forward proxy server, or reverse proxy server.
95495b1b85118a7709d8a7d3720457f69be1f512fea90a8ef51bc02408e111d8iDEFENSE Security Advisory 02.23.05 - Local exploitation of a race condition in the Kodak Color Management System's kcms_configure script packaged with Sun Microsystems Inc. Solaris operating system can allow for the corruption of arbitrary files on the system.
28c7540504e861f0ff576e371e97faadadab0eca28f83fcf288b9fdf9885595fSecunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious users to gain knowledge of potentially sensitive information.
d0c319a2e7ead1b6dc8a140b7d4af5490a000a3d28b82b92573a838c5cab8f23
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed