FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec - IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator.
9d75e7d220ed1f61f09ae93e44a8e0ba4c60a6a4d11ff8f03cc972a6df79b6eaFreeBSD Security Advisory FreeBSD-SA-05:18.zlib - A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.
b2d40ae5f59903bd6c1b0e96942c8b40d5b7c0070b211d4957535d4b74ee339cGentoo Linux Security Advisory GLSA 200507-26 - GNU Gadu, CenterICQ, Kadu, EKG and libgadu are vulnerable to an integer overflow. Versions less than 2.2.6-r1 are affected.
8c3aaaaccf0fac192625a06806e0153319ef322a65cd4a6f3a2eae163005d614Debian Security Advisory DSA 766-1 - A vulnerability has been discovered in webcalendar, a PHP based multi-user calendar, that can lead to the disclosure of sensitive information to unauthorised parties.
a27b79d26374c35fbcc5b2e450f99e4b707fffe22b122a16083190fc49a2eef2Debian Security Advisory DSA 765-1 - A buffer overflow was discovered in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server.
b7baf9fd1de6d686f58aaba35950d80f6e018eae34e768acc7cda018e5fabe46The Novell GroupWise 6.5.3 client suffers from a remote buffer overflow vulnerability.
416b19430a2eb949354f800a7e077717fb0241942ea239754df3b2782f4eea1eWhen the UnixWare 7.x version of the RPC portmapper (rpcbind) receives an invalid portmap request, it falls into a denial of service state and cannot respond.
8807b2907f72caa93595e16a3af544c8a1a1d674b4ca5df6487e048bed5f118bGentoo Linux Security Advisory GLSA 200507-25 - Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats. Versions less than 0.86.2 are affected.
b3a7fcc88493feb480f9f4e78586c1d835b6e405e85b522567433aff52bda8b7Gentoo Linux Security Advisory GLSA 200507-24 - Several vulnerabilities in the Mozilla Suite allow attacks ranging from the execution of javascript code with elevated privileges to information leakage. Versions less than 1.7.10 are affected.
e3bb5316095871b4e09851a2d7a878477943503d8b8037205c99f6a2bbc07840Lotus Domino R5 WebMail versions R5, R6, and possibly R4 are susceptible to a default configuration information disclosure vulnerability.
34234d1ec904e4f9c078ad43fec5b2b46d2b151e92f5f498cdf8453683179a04Fetchmail version 1.02 suffers from a remote code injection vulnerability.
fc3f1ce80d30fc5169baa1476c5710f9cd636aec98c35ccdc729e1c419f34d2cThe QCWLICON.exe and QCTRAY.exe binaries in IBM Access software allow anyone read access to the configuration of all connections.
ca1f1e403e44c575ce47a2a8135a8da6e1b491a26a2754749af7ace99003c1adSPIDynamics WebInspect is susceptible to cross-application scripting attacks.
1015978531e7b0bc37dd7eef03b9bb70913a12479637df33e68b9197fcf36a51Remote exploitation of a buffer overflow vulnerability in Ares FileShare 1.1 could allow execution of arbitrary code.
69900714ad4b60f7881d9946c2804a1e724d0a2b64a5262a37935655d22d926dGentoo Linux Security Advisory GLSA 200507-23 - Kopete contains an internal copy of libgadu and is therefore subject to several input validation vulnerabilities in libgadu. Versions less than 3.4.1-r1 are affected.
8495487de7b3b61aac52bcedb9567407792fc59429d76c1586ee27556500b41cGentoo Linux Security Advisory GLSA 200507-22 - The Gentoo Linux Security Audit Team discovered that the sandbox utility was vulnerable to multiple TOCTOU (Time of Check, Time of Use) file creation race conditions. Versions less than 1.2.11 are affected.
8a44b3fd3621a574a9efbe950cc71ea1299e0cb5ab061553b8fa3a8862eb6987Gentoo Linux Security Advisory GLSA 200507-21 - fetchmail does not properly validate UIDs coming from a POP3 mail server. The UID is placed in a fixed length buffer on the stack, which can be overflown. Versions less than 6.2.5.2 are affected.
e183ba8135f58ed6750b8c55799fddc77fe41b5730a1d87bec474be7a913c8cfClam AntiVirus (ClamAV) versions 0.86.1 and below suffer from remote heap overflows.
d1fb6fbca8fea0d2ff3d187e619c601048b6ef729562695ccc5fe2f00936a6d1Realchat version 3.5.1b fails to properly authenticate any logins allowing for user impersonation.
61fe60cdea857d958be0ff0375028d63a0b13ea646380983320846d57c92049bGoodTech versions 5.15 and below (and 5.16 evaluation) suffer from stack overflow vulnerabilities in the handling of the RCPT TO input.
d99bea5bc3c5546872d764d9ede2617885299aec72497604fa2a2e029d3f283aSecunia Security Advisory - Secunia Research has discovered a vulnerability in MDaemon, which can be exploited by malicious people to compromise a vulnerable system.
efa3bbc85512e00d502b5676f79aaac1f19b4c2ff8ebc08d3483eed049d98f17Secunia Security Advisory - newbug has reported a vulnerability in FtpLocate, which can be exploited by malicious people to compromise a vulnerable system.
7d7be3b6bd5ab87d3a8eebec3b485b88d441ab84927ad34049ec64487fbbf4a3Secunia Security Advisory - Neo and Park Gyu Tae have reported a vulnerability in LiveCall, which potentially can be exploited by malicious people to compromise a vulnerable system.
b2d0b26ca6374e69840d8ba15aa4e22004e75e7b612756bb304f19c6aae85f86Secunia Security Advisory - Sylvain Roger has reported a weakness in IBM Access Connections, which can be exploited by malicious, local users to gain knowledge of certain information or manipulate it.
14b3d3d76507ae3c06a0fe743ee7fc4305f1a421659a65d489f39d05531f0503Secunia Security Advisory - Lostmon has reported some vulnerabilities in BMForum Plus!, which can be exploited by malicious people to conduct cross-site scripting attacks.
460b26848ef5a8d94a098279d339cfea8a4abf4adcbe427ff992dcf00b0c3373
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed