Gentoo Linux Security Advisory GLSA 200502-16 - ht://Dig is vulnerable to cross-site scripting attacks. Versions below 3.1.6-r7 are affected.
3c6d93a6140648cf6ccdd7a1cedbb457820579a89d2047fc0827652e708fe7d1Gentoo Linux Security Advisory GLSA 200502-15 - A vulnerability in PowerDNS could lead to a temporary Denial of Service. Versions below 2.9.17 are affected.
e82d44c88c0925e55ad3442e07752baf9cbbd257368c592e0107545404ba4077The Quake 3 engine has problems handling big queries allowing an attacker to shutdown any game server based on this engine.
78b11d8586e5b06edba83d347f651192620eb4e4a532b70eb0b25ab3b3b0947dSymantec Security Advisory - Symantec resolved a potential remote access compromise vulnerability reported by ISS X-Force. The vulnerability was identified in an early version of a Symantec antivirus scanning module responsible for parsing UPX compressed files that is still in limited use in some Symantec security products.
3833aac8ee1f22f7c49c3b4f6c1c82755c821d5be3f9738d371296768d7ffeceGentoo Linux Security Advisory GLSA 200502-12 - Portage-built Webmin binary packages accidentally include a file containing the local encrypted root password. Versions below 1.170-r3 are affected.
085ac67e1cb18a58fc89e2940e8266a6aaca83d1be98543487ee3bf605e8bb78iDEFENSE Security Advisory 02.11.05 - Local exploitation of an invalid pointer dereference vulnerability in Zone Labs LLC's ZoneAlarm personal firewall allows attackers to trigger a denial of service (DoS) condition.
529c1dcacaddb24e327f75a6c7918427310bd07f7cb38f7f278fa90668c9d636Zone Labs Security Alert ZL05-01 - The ZoneAlarm family of products and Check Point Integrity have been updated to address a low risk vulnerability in their Inter-Process Communication (IPC) functions.
66783f094bef1dcfcaa3545dc3f316f3facd7a5e52b779c9ccf1d02de1452e1bSecunia Security Advisory - ISS X-Force has reported a vulnerability in multiple F-Secure products, which can be exploited by malicious people to compromise a vulnerable system.
c998a7c4a17bc58f10b50ec881b336478d04242bdcdef11f78f0eba5810c9147Secunia Research Advisory - Secunia Research has discovered multiple vulnerabilities in Microsoft Internet Explorer, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions and compromise a user's system. The vulnerability is caused due to insufficient validation of drag and drop events from the Internet zone to local resources for valid images containing script code.
2eee21ac49aa560258b69dd6762e4286626ce13abb43d92f80b9357c13e36ac2Secunia Research Advisory - Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error in the javascript function createControlRange(). This can be exploited by e.g. a malicious website to cause a heap memory corruption situation where the program flow is redirected to the heap. Successful exploitation allows execution of arbitrary code.
e83fb11602b47295a7788c8bcfa19e0e7589f43c11094461b867690119fb22f7Debian Security Advisory 678-1 - Vlad902 discovered a vulnerability in the rwhod program that can be used to crash the listening process. The broadcasting one is unaffected.
81e30a00dc9bd324b0192847f27f268248bd79666d0e4d09870bc34bc1e416c2Debian Security Advisory 677-1 - A support script of sympa, a mailing list manager, is running setuid sympa and vulnerable to a buffer overflow. This could potentially lead to the execution of arbitrary code under the sympa user id.
4f8d34d1df50686349e3d7c88b89a2d93d8ecb015b43e5b7ec552db78eb69f5cDebian Security Advisory 676-1 - A buffer overflow has been discovered in pcdsvgaview, an SVGA PhotoCD viewer.
8f74f491f5c6ff2601b66b268d7183b86208428795692fd5c6a6e1fc41262ae7Ubuntu Security Notice USN-80-1 - Graham Dumpleton discovered an information disclosure in the publisher handle of mod_python. By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible.
229a5362077842de53a3ba40753641fb1b1ccf128f8871c0a02bf783a3ed03eeArmagetron versions 0.2.6.0 and below and Armagetron Advanced versions 0.2.7.0 and below suffer from various denial of service flaws.
9eef4ea8c6936a63f08053ed3ce18e3847e0aae724ad0521a9d48efb53c4bfe8iDEFENSE Security Advisory 02.10.05 - Remote exploitation of a design flaw in Computer Associates International Inc's BrightStor ARCserve Backup UniversalAgent for UNIX may allow execution of arbitrary code.
a1e174f60b81e08427c901e557b7f89d5edffc8ef12ff41989f20a57a125ca9eDebian Security Advisory 675-1 - hztty, a converter for GB, Big5 and zW/HZ Chinese encodings in a tty session, can be triggered to execute arbitrary commands with group utmp privileges.
7e798d48cae1ca2f68ca72c4c56599f326fa9cb7be0d1f019198dbe8dbe4ebc3The Barracuda Spam Firewall versions 3.1.10 and below act as open relay for whitelisted senders.
cf42bc7d87a550c9c438e020da00db81db4472a15eecd4aea3d33d06bef75c51iDEFENSE Security Advisory 02.10.05 - Local exploitation of a buffer overflow vulnerability in the netpmon command included by default in multiple versions of IBM Corp.'s AIX Operating System could allow for arbitrary code execution as the root user.
a257d51918902510f8f919b7fc011424e4cbc62dd33bd5d800cdba9b8d0f584ciDEFENSE Security Advisory 02.10.05 - Local exploitation of a buffer overflow vulnerability in the ipl_varyon command included by default in multiple versions of IBM Corp.'s AIX Operating System could allow for arbitrary code execution as the root user.
8dc75c71fb5f3a52a5ab99e341a45e72c775b817c4ed187bb964dfd1cbef0a87iDEFENSE Security Advisory 02.10.05 - Local exploitation of a file access vulnerability in the lspath command included by default in multiple versions of IBM Corp.'s AIX operating system could allow for the reading of one line of any file on the system, regardless of permissions.
e205efcc3066b22974ef63ab79c374cc861bd5ccbc8cbc42f1f574c26b188456Debian Security Advisory 673-1 - Max Vozeler discovered an integer overflow in a helper application inside of Evolution, a free grouware suite. A local attacker could cause the setuid root helper to execute arbitrary code with elevated privileges.
3f7e7687c7275c70b9621f63bd8ef0bc2df0b8f5293c9dc113b34d30a8255578iDEFENSE Security Advisory 02.09.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc's BrightStor ARCserve Backup v11 Discovery Service may allow execution of arbitrary code.
c9d3bd240ce6a790879c72e1b7b1aee63cad1664e0d2fd51b9b1a601bd0ccafeAll Full-Disclosure subscriber accounts were compromised using a previously unpublished flaw in Mailman 2.1.5 on January 2nd, 2005.
1371e58c1a308d16f412036e25cbf4ae34c4b163b4e6554ca896c2c8f4ec7a5cDebian Security Advisory 672-1 - It was discovered that programs linked against xview are vulnerable to a number of buffer overflows in the XView library. When the overflow is triggered in a program which is installed setuid root a malicious user could perhaps execute arbitrary code as privileged user.
23fa8e65cac87fce460d8afae4b2bf4c2ace7863510f0893158f13ea3b8699f4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed