F-Secure Security Bulletin FSC-2004-1 - Certain malformed LHA archives cause a buffer overflow when scanning them for viruses. The error typically causes a restart of one of the modules in the product. This leads to performance degradation and makes denial of service attacks possible. Product lines affected: F-Secure Internet Security 2004, F-Secure Anti-Virus 2004, Solutions based on F-Secure Personal Express 4.6x and 4.7x.
8f08c9186c7fae40800fd260c2cd4a2448c15fac280f4b24f294d90a8c5af12fSmall whitepaper on nop usage and a random nop generation utility is included.
3406580aa94c1fef3dd119dcc1ae93a8d14aebba8e84a5657d72cce1e07e5292Metamail remote exploit that makes use of a buffer overflow and upon successful exploitation, binds a listening socket to UDP/13330 awaiting shellcode. Affected versions: 2.2 through 2.7.
4b90ebafdf1d434a218d36dfbf9b51ff8ab8e7a904b5b69a39f31b140b267ee8Floppyfw is a router and firewall on one floppy disk. It uses Linux basic firewall capabilities, and has a simple packaging system. It is ideal for masquerading and securing networks on ADSL and cable lines, using static IP, DHCP, and PPPoE. Installation involves editing of only one file on the floppy.
64ab13ca6a70d8797f7fb10b9f74a2015c5fcaf57784bb5d60adf728df8763a6SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected.
7d950166788412a4f59d5667daca8545e4ae1aefd11cc0225a8adfe941090883iDEFENSE Security Advisory 05.26.04: Remote exploitation of a buffer overflow in firmware release 1.1.9.4 of 3Com's OfficeConnect Remote 812 ADSL Router could allow a denial of service. By sending a specially formed long string to the telnet port of a vulnerable device containing Telnet escape sequences, it is possible to get it to either reboot or stop handling packets. If the device does not reboot spontaneously, it will require a manual reboot before continuing normal operation.
02eabd38499d8724a5f09a1c30c54ba23979a167fff06c240818836ce07ce693FreeBSD Security Advisory FreeBSD-SA-04:11.msync - Programming errors in the implementation of the msync(2) system call involving the MS_INVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents. In some situations, a user with read access to a file may be able to prevent changes to that file from being committed to disk.
9b6d668eb3cd0d98e3221d430ab661e7250fbb287c53beec7fe79cda74993a1fA potential vulnerability has been identified with HP OpenView Select Access which could be exploited to allow a remote user unauthorized access. Versions affected: HP OpenView Select Access 5.0 Patch 4, 5.1 Patch 1, 5.2, and 6.0.
44fbd83f2d2bc48cdc0c9d5aa8124076fc2d4fb7caa1b872fab93589c56816f0Orenosv HTTP/FTP server version orenosv059f is susceptible to a remote denial of service attack when supplied with an overly long GET request.
c43988c4383fe43ee1e20d45a9115e083e4a20aa16aeb0bc45277520a4eae545An unspecified vulnerability in Mailman versions 2.1.4 and below allow for malicious attackers to retrieve members' passwords.
d93d0fd773be8e5e62c7acbccec1ae4f85da4d7dd8ac94bd2a34545fc912a747
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed