Limewire versions prior to 4.8.0 suffer from various flaws including arbitrary file access and directory traversal attacks.
cf618d50152470e5049b2ba8b0695b380dadbe6e6d82fb18e342c764068a5cbfiDEFENSE Security Advisory 03.14.05 - A number of remotely exploitable input validation errors have been found to exist in MySQL MaxDB and SAP DB Web Agent products. The vulnerabilities specifically exist due to insufficient validation of user input data. Confirmed in MySQL MaxDB 7.5.00.
bb012a58556104491c7684151daf10e9ed06a657dbabacf52e44b7b4462e07d4LuxMan 0.41-19.1 local root exploit that makes use of a buffer overflow.
7b01e49311df22b1e782ddfdbb2ef21a26bd6b3b31f09ee7f544b869544f4e19LuxMan 0.41-19.1 is susceptible to local root compromise via a buffer overflow.
4ac2d3648cc96facc8f7e2051679d05fbc68b8bf148e46c72e5beaa33cdf2030Debian Security Advisory 693-1 - Kevin Finisterre discovered a buffer overflow in luxman, an SVGA based PacMan clone, that could lead to the execution of arbitrary commands as root.
cf883efba0f7ce5dd4d559289660cf7cfdbbe52103ead10496dc4b14c3b50095SUSE Security Announcement - The SUSE Security Team reviewed critical parts of the OpenSLP package, an open source implementation of the Service Location Protocol (SLP). SLP is used by Desktops to locate certain services such as printers and by servers to announce their services. During the audit, various buffer overflows and out of bounds memory access have been fixed which can be triggered by remote attackers by sending malformed SLP packets.
a946410e1d3014c46969700611e178a356dca9dae49b4377af3be0b68429768eDebian Security Advisory 662-2 - Andrew Archibald discovered that the last update to squirrelmail which was intended to fix several problems caused a regression which got exposed when the user hits a session timeout.
30570cad6d9a79ce284b36f9cf85e7b18ef089817e6634baac61546c0fb4cb6eWine versions 2005021 and below are susceptible to an insecure /tmp file creation flaw.
86742930b5f70ab2a1840474db279a3dfdac3bd9bc514d58f39b9d20445df058Ethereal 0.10.9 and below proof of concept remote root exploit that makes use of the CDMA2000 A11 protocol dissector stack overflow vulnerability.
1ceecb4270201dc750be03c55e86e81cd63d1db6a414c779fa45a09c5e791dd8Platinum FTP versions 1.0.18 and below remote denial of service exploit.
662527f8a0a1c0feddfba34eac142cc791713fc7163d5cbb2f16e79dfa3f12d3SilentDoor is a connectionless, PCAP-based backdoor for linux that uses packet sniffing to bypass netfilter. It sniffs for UDP packets on port 53, runs each packet against a decryption scheme, if the packet validates than it runs a command. Can be masked to look like any other process. Remote command utility included.
5665922f8fe8b1dcf7030bfcdecfbb8c13d27e49c02f353d0579071ed562011cDenial of service exploit for the Active Webcam webserver version 5.5.
43af06f6b9989857961ddbede2f22668b1db4d7847fed577caa4911531fb3b13PaBox version 2.0 is susceptible to cross site scripting attacks via a variable that gets user defined and later used in an IMG tag.
bb99e378a5bd7a4d9b7e12872dc2af16556ed81e670f86e6f4b5716d85941f76phpBB versions 2.0.12 and below have a flaw that allows for access to the admin control panel without authorization.
b8a59235613e9e76d6729f2ba7f08567a2ed061dc3fc891e1d0c03668520b2fdKYE: Tracking Bots. A whitepaper produced by the German Honeynet Project that looks at the individuals and organization that run botnets.
f118a200a641251f36a10be4332c0247a00981a9e41115b7deec042bb0badb38Winblox is a User-mode WINAPI-level and open-source tool for controlling the behavior of applications running on Windows workstations.
b850313d2dbfbb30337ae7d5d686ca25b1e9fd33f445771d7cf1c56d3e2e0793SimpGB from Boesch IT-Consulting is susceptible to a SQL injection attack.
6672398fc735ecec82ebea1c82d475162575c55186e262dba184eaabd0692406Sentinel License Manager version 7.2.0.2 exploit that makes use of stack overflow in the License service on UDP 5093.
a4cfd3100347273b6ad016300dc53e6a5746d8d8ed1b576320b69ea69a4c4f3dYaBB rc1 is susceptible to a cross site scripting flaw.
f933d516fdbbe1de8a2df8fba1ed5406fb6babe8894960bc9bd9e3bee0395763Phorum versions 5.0.14 and below are susceptible to multiple cross site scripting bugs.
27877b750246ca31ff8d8fb14fd92cf6f6b17f67dd2d3a26b69a7ccc5040b9cchotforum.nl is susceptible to a cross site scripting attack.
2442cd6926c9e545b352426135cbfac899b678fad112e3f07428cdacddeae470holaCMS version 1.4.9 is susceptible to a file inclusion vulnerability.
9fb8ad67a428efc80f61d1375b1b9a3a5058c9783a098af4c2070f1d1862b10eGentoo Linux Security Advisory GLSA 200503-17 - libexif contains a buffer overflow vulnerability in the EXIF tag validation code. When opening an image with a specially crafted EXIF tag, the lack of validation can cause applications linked to libexif to crash. Versions less than 0.5.12-r1 are affected.
691df561580146828ac178df14ef29fbc3fe6f08fcfc5e036bd29671e9b16a2bpaFileDB versions 3.1 and below are susceptible cross site scripting and SQL injection attacks.
9130b1811dc48ef25d6c8560d41c38e072c0e6bba4bafdf7f68cd85c9000ac5fSummercon XVII Annual Conference on Computer Security call for papers. Summercon will be June 3-5, 2005 in Austin, Texas.
30e0f12b90ac1f67e00fdfc532ecc32d9a239880a40e09777e97a6dd38e98801
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed