Secunia Security Advisory - Gentoo has issued an update for nas. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).
b69839f12a87cdc45ee41017463446e20ac1a4cc16bb13fc53120104108a9610HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS).
0a3f64b0c024991f6dd8f18cdae4cc5d8f4180cfa3960b640b1112b72af63cb8Gentoo Linux Security Advisory GLSA 200704-20 - Luigi Auriemma has discovered multiple vulnerabilities in NAS, some of which include a buffer overflow in the function accept_att_local(), an integer overflow in the function ProcAuWriteElement(), and a null pointer error in the function ReadRequestFromClient(). Versions less than 1.8b are affected.
1b1fc75c1301e61b9e4c99459a4dc73a21d41a123e92c98f299fe1ba654484bcMandriva Linux Security Advisory - A stack-based buffer overflow in the ZZIPlib library could allow user-assisted remote attackers to cause an application crash (DoS) or execute arbitrary code via a long filename.
c6280ef2a4de4aa714c357c031c17e27a2db5f5e993af121d2654fea612d01cbMandriva Linux Security Advisory - Multiple buffer overflows were found in the FreeRADIUS package version 1.0.4 and prior that could allow a remote attacker to cause a crash via the rlm_sqlcounter module. As well, an SQL injection vulnerability was also found in the rlm_sqlcounter that could allow a remote attacker to execute arbitrary SQL commands via unknown attack vectors.
67d9567a9b98915bc435635edcb3e4970353328e0e0ee19b7f4341abec6c5202Gentoo Linux Security Advisory GLSA 200704-19 - Stefan Cornelius of Secunia Research discovered an insecure use of the eval() function in kmz_ImportWithMesh.py. Versions less than 2.43 are affected.
01c561e001cdfa5d4392f3a83044df3e53edcd7db96d9d8c331c25d62c07072bZoneAlarm's srescan.sys versions 5.0.155 and below suffer from a local privilege escalation vulnerability.
775c99470739d0eb1c3a8cd2b64abad45293f4d798c6987cc8f13256f43795e6Gentoo Linux Security Advisory GLSA 200704-18 - CJ Kucera has discovered that some Courier-IMAP scripts don't properly handle the XMAILDIR variable, allowing for shell command injection. Versions less than 4.0.6-r2 are affected.
fa84019855a7397b2431e99055c6145ba8d9de34b1baaf1eebcac81380e8108bGentoo Linux Security Advisory GLSA 200704-17 - The 3proxy development team reported a buffer overflow in the logurl() function when processing overly long requests. Versions less than 0.5.3h are affected.
2c6d042f3528205cda3e8b222a826c500151c9492d5de3f074bd1c0575d7b700Gentoo Linux Security Advisory GLSA 200704-16 - Jonathan So reported that the airodump-ng module does not correctly check the size of 802.11 authentication packets before copying them into a buffer. Versions less than 0.7-r2 are affected.
b7b2c525823a088adbdfa259f5bb2c9503054d11e9552ef2320c662198bc2f4dDebian Security Advisory 1279-1 - It was discovered that WebCalendar, a PHP-based calendar application, performs insufficient sanitizing in the exports handler, which allows injection of web script.
43b62b4c0462e8e27a3f7ea4d3ef33345bfe580ee6b79f2440ee99a38ce680acWS_FTP Home 2007 NetscapeFTPHandler is prone to a denial of service vulnerability. The vulnerability stems from a null pointer dereference.
95b396c81ec360054f76350a25531bd27bd0e9195a51da631ef4cb944ac685c5An integer overflow vulnerability exists in the RPC runtime library (libinfo) that handles AUTH_UNIX authentication. By sending maliciously-crafted requests to the any RPC service (portmap, mount, nfs, etc), a remote attacker can trigger the overflow which may lead to arbitrary code execution as the 'daemon' user. Mac OS X versions 10.3.9 and 10.4.9 are affected.
97e5e87dca373f256dac237d93184a10f3eab15b0ae01172cebbd02bfd5db45bSecunia Security Advisory - Dj7xpl has discovered a vulnerability in Maran PHP Forum, which can be exploited by malicious people to compromise a vulnerable system.
18d84fe586c3254d774cad222a1c1a4b19db87d03bdfe4b66ae0e6db4d5a0360Secunia Security Advisory - Mandriva has issued an update for krb5. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
0569836bbca85043bf9c3b66c6f81dddddc5658c2b0a73c9efa2dd92fcfb8c6cSecunia Security Advisory - Gentoo has acknowledged a vulnerability in courier-imap, which potentially can be exploited by malicious people to compromise a vulnerable system.
f45259c47d5367e0a620e37099d5aa378aabec20040d256f947b75d0e52dd596Secunia Security Advisory - A vulnerability has been discovered in WEBinsta FM Manager, which can be exploited by malicious people to compromise a vulnerable system or to disclose sensitive information.
a7b2e07757073159d340c7d0096fb73e4e98f310d9af46f4b8c13401fda73f8dSecunia Security Advisory - A vulnerability has been reported in 3proxy, which potentially can be exploited by malicious people to compromise a vulnerable system.
f03199cc3db5ae902c96d7115694a14e29b85d884a0c9f9fa4b3d4ac40b3cda9Secunia Security Advisory - Gentoo has issued an update for aircrack-ng. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
c1c283fcd07a8259c2603ad12fc608f57a8ada56c2282e13f1b5b3f4afa278d0Secunia Security Advisory - Marsu has discovered a vulnerability in XnView, which can be exploited by malicious people to compromise a user's system.
6e394f65bf273c0de387c42cf7bdab97b05df9de7870dede6ffb6975e9672f90Secunia Security Advisory - Debian has issued an update for webcalendar. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
85f661900da408437517569f55f7018743379caba2c92199a2a266dee49cf1e1Secunia Security Advisory - Marsu has discovered a vulnerability in PhotoFiltre Studio, which can be exploited by malicious people to compromise a user's system.
4dabed05ef92113ad3b787295859cdca6977039278317c694c2da9a58926d94bSecunia Security Advisory - Some vulnerabilities have been reported in ZomeAlarm products, which can be exploited by malicious, local users to gain escalated privileges.
f14b4fe7b83c41da402240ceb4827c6975ee0321867f6408afc9bd6622b767c2Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious people to cause a DoS (Denial of Service).
5b2826d34e476ea7eaf04ae352f745fc934f5346cc5f597659adfeb14253e9b1Secunia Security Advisory - Marsu has discovered a vulnerability in ACDSee products, which can be exploited by malicious people to compromise a user's system.
f9c9d7d4c7dbed1a7338916d8d60e5fe7ff3d216e8d654054f3552f4d301b72b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed