Secunia Security Advisory - A vulnerability has been discovered in Power Audio CD Burner, which can be exploited by malicious people to compromise a user's system.
afa86c5a3698f6acb5929edfa6b5833c8212cf1fbc249bc106f037d1d231f7cbGentoo Linux Security Advisory GLSA 200805-23 - Alin Rad Pop (Secunia Research) reported a vulnerability in Samba within the receive_smb_raw() function in the file lib/util_sock.c when parsing SMB packets, possibly leading to a heap-based buffer overflow via an overly large SMB packet. Versions less than 3.0.28a-r1 are affected.
3f9e9dd3adb60e4eb8140bd18d5033ea15f945efa690a4bd05de80413f537cf0Gentoo Linux Security Advisory GLSA 200805-22 - k'sOSe reported an integer overflow vulnerability in the sdpplin_parse() function in the file stream/realrtsp/sdpplin.c, which can be exploited to overwrite arbitrary memory regions via an overly large StreamCount SDP parameter. Versions less than 1.0_rc2_p26753 are affected.
7a6af3650e7b8a3de24803736de098f1dbea4fdc36917b47eeb035c4ee6e6e1aSecunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "receive_smb_raw()" function in lib/util_sock.c when parsing SMB packets. This can be exploited to cause a heap-based buffer overflow via an overly large SMB packet received in a client context. Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser. Samba versions 3.0.28a and 3.0.29 are affected.
ace1e3490d62e1305a8527f476f4dc946ef19f53a86ef8ec100f95d0c1a120a2Secunia Research has discovered two vulnerabilities in imlib2, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. imlib2 version 1.4.0 is affected.
492f91d706882a5fb47f967879cf1859be511b2b1b12b3b2a76195a3a3e14618Mandriva Linux Security Advisory - Although they forgot to put the problem description in this advisory, it appears that Mandriva has patched a code execution vulnerability in smbd from Samba.
21b686bd634e77933c5f1e0116a026535e27dd376f6a34224ced1eab451679ceMandriva Linux Security Advisory - Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default TLS server name extensions, a remote attacker could send a carefully crafted packet to a server application using OpenSSL and cause a crash. Testing using the Codenomicon TLS test suite discovered a flaw if the 'Server Key exchange message' is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If a client connects to a malicious server with particular cipher suites, the server could cause the client to crash.
f38d910dc5c5925111a882ed8ce3f03bfbf1fe2151199af18fec14ecacb6b3f0Secunia Security Advisory - Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system.
8e8b64309a9d6f7a50398b3f4d98a9a4c77ce4ca419880ebc00dddc0f6f3dd69Secunia Security Advisory - Gentoo has issued an update for roundup. This fixes some vulnerabilities and a security issue, where some have unknown impacts, while others can be exploited by malicious users to bypass certain security restrictions.
28802192ace65a4bf7ea88a90edf06f609b55d1aee2dacdbe8f893dc29829f3aSecunia Security Advisory - Some vulnerabilities have been reported in eMule X-Ray, which have unknown impacts.
1a3d6ece61c982cad962947b6cea35cf85414a4fc8835db0ced71cb7fad18cf3Secunia Security Advisory - gmda has discovered a vulnerability in AjaXplorer, which can be exploited by malicious people to conduct cross-site request forgery attacks.
a01f526e42b9d3a711c4a28970ca14eb5ed961509ab933e486f70c144ae6af36Secunia Security Advisory - Red Hat has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
8766d885c47c54736f1085b8d86c8eec0e89cc97191bc1b265817dfa9c24be4dSecunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
ebdbe06f96bfdff59d43ca8eb8c49d627aa15670c03a6377527cb7f87f635d6cSecunia Security Advisory - Two vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service).
db710b12abc3e2f52b5c6a030f9bae4f7e4ec7a9e37f8a850fff8b20e44422daSecunia Security Advisory - rPath has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious users to bypass certain security restrictions.
7e2da3bd0b860c686341b5d551e5ed1f941470c51842656923c4e7ed9b624895Secunia Security Advisory - Will Dormann has reported some vulnerabilities in NCTAudioEditor, which can be exploited by malicious people to compromise a user's system.
e3e142badb832abbd1ebb016088a98809da212dd0f012b2a23609dee7f8d3b70Secunia Security Advisory - Will Dormann has reported some vulnerabilities in NCTAudioStudio and NCTAudioEditor, which can be exploited by malicious people to compromise a user's system.
c28dcb9648c7f8b5938350f430951b4d27c54b5bd8875ea76c1e7ef6175dec3eHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running ftp. The vulnerability could be exploited remotely to create a Denial of Service (DoS). The Denial of Service (DoS) affects the ftp server application only.
616ca2c7be0f2605808e8c31ff8b936f5028ac51c040f280bc4c5f1226c62bc7Cisco Security Advisory - CiscoWorks Common Services contains a vulnerability that could allow a remote attacker to execute arbitrary code.
d72477b54c731199f5d8a816dd315f36ada6a253cc3a498551627cc5f13b0c59Secunia Research reported a vulnerability that allows for the execution of arbitrary code in smbd. This defect is is a result of an incorrect buffer size when parsing SMB replies in the routine receive_smb_raw(). Samba versions 3.0.0 through 3.0.29 are affected.
d7003f1c28c2ad87af590b45027e0424a9db86f02438797d09885e024d61f3e7Secunia Security Advisory - rPath has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
f8a95694fdfc2a8049c7457db7933d37c871157102966a37b6ed367681714d89Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of service), and by malicious people to potentially cause a DoS.
f30f647e31c8ce6c9c45f7d64d818a1140767b5cb999aff42ed20cee157fd7bbSecunia Security Advisory - Slackware has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
0edade49e4768129fa81918a8a72f2edb282891c07d61e5b6fc70c8f0495a431Secunia Security Advisory - Russ McRee has reported two vulnerabilities in DT Centrepiece, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
9204a9f8404c5080033afc5a23a09a2933ab01c8bf7f19f9322de3b5072ffde2Secunia Security Advisory - Cr@zy_King has discovered a vulnerability in CKGold, which can be exploited by malicious people to conduct SQL injection attacks.
47047a4d3ff9339ff8b2b41f07ae406aa551c55c337313a492a35e0d1f95e97e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed