Many XML/RPC servers based on Python / Ruby seem to be vulnerable to a simple Denial of Service where transmitting a large amount of data (circa 4 MB) results in them utilizing 100% of the CPU and apparently never recovering.
01fddb7df596dbb647f71a14bc8ddf89eda494b127062d87e148e1adfd6216baAppleWebKit XMLHttpRequest arbitrary file disclosure - Apple Safari 1.2+, Apple RSS 2.0 pre-release, OmniGroup OmniWeb 5.1+, as well as other software based on a common engine, are vulnerable to malicious webservers attacking them and retrieving information (arbitrary files on disk).
0ea575297839fdac0e3654c2488db5abe193e71540f91deb28ffc4cd0bd4c886Gentoo Linux Security Advisory GLSA 200504-14 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discovered a Denial of Service vulnerability, a syntax error caused monkeyd to zero out unallocated memory should a zero byte file be requested. Versions less than 0.9.1 are affected.
7f4936472c31f89580293bf38a7962c48bf48a076c611dbcb39c244449785e17Musicmatch installs an ActiveX control which can then be called by other sites (totally unrelated to musicmatch). The ActiveX control allows for arbitrary files on the user's disk to be overwritten.
11fd920c5376d04b6b942e8d782b5ab5c9062b6024be9018a38a7f67cccad923Ophcrack version 2.0. Ophcrack is a cracker aimed at NT-style (LANMAN) password-hashes. It uses a large precomputed hash database to crack the majority of all passwords within a matter of seconds, rather than hours or days as would be the case if you search the entire likely keyspace each time you are looking for a specific password. This type of cracking is based on a technique referred to as "rainbow tables".
c04353d4e957dedbbe3f6682b4898c728601bba5dae0264812a71b51b2ca0824System's protected with libsafe my not be fully protected when multithreaded applications are running on them: a brief attack window may exist where an attack can execute malicious code without libsafe being called to verify things as safe.
36be85c239bf7eb36e43805fdd22ff28338c953972e31ec9cf067a21f1e92011GOCR (Gnu Optical Character Recognition) contains a heap overflow.
afb2abf973047003b3fcb5711eb81087f9f2a9e0c844a1fa64a790403e982cd1Debian Security Advisory DSA 709-1 - libexif remote buffer overflow. Sylvain Defresne discovered a buffer overflow in libexif, a library that parses EXIF files (such as JPEG files with extra tags).
c2a7812fbb6ff327e408302fc15ef6561ebdad0ebf7c737530c364cb58f717a9Dameware stores the username / password of the currently connected user in cleartext somewhere on its heap. (Note: a great number of other remote-access products probably do this as well).
2ba2eb9f10af09f46038b23b0d6cb684ed80a7a6a73113df3a867e99be5817fdThe log function in Perl's Net::Server module (used by postgrey, among other tools) is vulnerable to format string attacks. However, it is not clear what the exact impact of this is in a Perl environment.
778555738d428bd2a4087fa2b5c8d98b4df893c1bcdcc2f5c4e68e53bd7634faThe SIOCGIFCONF ioctl, used to request the kernel to produce a list of interfaces, can be exploited to reveal 12 bytes of memory. It is not at all guaranteed that this memory will contain anything interesting.
046e16080325dae021493dffedc9e3fe620cdd65df9f6250a4fd4ff3ce4aaef7Yager, an online air-combat simulation game, is vulnerable to several overflows as well as several Denial of Service attacks. This advisory details issues in versions up to 5.24.
3e9e1377c6d538e2c6ab12326ddfb1a9889cb7aee4dbb8d4f3c1fecd7afb77aa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed