FreeBSD Security Advisory FreeBSD-SA-04:03.jail - A vulnerability has been found where jailed processes can attach to other jails. A programming error has been found in the jail_attach(2) system call which affects the way that system call verifies the privilege level of the calling process. Instead of failing immediately if the calling process was already jailed, the jail_attach(2) system call would fail only after changing the calling process's root directory.
639d6bd5793d142816eebc4131a6389ec9dc7aeb7fd4ad2a9e06d5e395084bfdPaper discussing how the the standard Apple Filing Protocol (AFP) does not use encryption to protect transfered data. Login credentials may be sent in cleartext or protected with one of several different hashed exchanges or Kerberos. There does not appear to have been any serious third-party security review of Apple's client or server implementations.
16feb9364a339129da505a3e12219691b666acf40377cf696c052a27ed62f5aaServ-U FTPD 3.x/4.x/5.x MDTM remote command buffer overflow exploit. Tested on Windows 2000 and XP.
3478cd244b21b32e8c447890c0eaf59dcf6629881d4d91708d1536ceff485b5cA cross site scripting vulnerability exists in Symantec Gateway Security's management service which could allow an attacker to hijack a management session to the device. Version affected is 2.0.
0278d24db7750640d5af1c572f205449812da58bb9e4dbf864ab8eedf4307fceiDEFENSE Security Advisory 02.27.04b: Exploitation of an access validation error within Microsoft Internet Explorer web browsers allows remote attackers to bypass the restrictions imposed on cross frame scripting.
9c0aa4ef8605876b7eafcec1291f95cf5dfb43515f7c89d5c5a880251710c55diDEFENSE Security Advisory 02.27.04a: Exploitation of a buffer overflow vulnerability within a parameter parsing routine of WinZip Computing Inc.'s WinZip Archive Utility for Windows allows remote attackers to execute arbitrary code. Versions below 9.0 affected.
53517af4c8cb6810ce93d885a7fbe09d4bed96da22e7c1e59bf7a257545b5c81ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
50fa57f374ffd7a9406734dc7e7d5d00813ae61122ca580dd8221720e77d2ce2RFC (Remote Filesystem Checker) is a set of scripts that aims to help system administrators run a filesystem checker (like tripwire, aide, etc.) from a master-node to several slave-nodes using ssh, scp, sudo, and few other common shell commands.
779fd968fceb4d5dce672f5ece9edaf012e2f56e405d73a48a07b0abbd59f8a0Calife versions 2.8.4c and 2.8.5 has a heap memory corruption vulnerability which can lead to local privilege escalation.
2e24a523d2205bb693235533ec49641a01370aee0464e41a45e1ee3d6769c6feeEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in both RealSecure and BlackICE. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. This attack will succeed with BlackICE using its most paranoid settings.
93cd5a0b4754b466a9453652642e3208192566bab669f59e2f78794309c03ac3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed