Class-1 Forum version 0.24.4 SQL injection and remote code execution proof of concept exploit.
1e1b6724dd1ae5f0877e00e87ddddea43a95a600769c42ef299132cc154d9e7dPBLang 4.65 and below remote command execution exploit. Written in PHP.
8454eb7da5eabdb5e1a2b126b11c7a9fc3313458c065908e551beeccd8849a03Suresec Security Advisory - A lockfile handling error was found in kcheckpass which can, in certain configurations, be used to create world writable files. kdebase versions 3.2.0 through 3.4.2 are susceptible.
a3aa3af306ee8b641cb1cb6ed4cf51efb1c6a63968d144463c1c600707cd4c6eCisco Security Advisory: Cisco IOS Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack when processing the user authentication credentials from an Authentication Proxy Telnet/FTP session. To exploit this vulnerability an attacker must first complete a TCP connection to the IOS device running affected software and receive an auth-proxy authentication prompt.
27ca70e11f1940fd7e2f06bb8753f70d779e891c493b20994f639f5e159d5672Stylemotion WEB//NEWS 1.4 is susceptible to SQL injection attacks.
a2a31cfe486c2f1c523356101f7d415a3e6965271142ca4ebf5a6536ce1d5362It appears that the Road Runner ADSL modem allows for unauthenticated logins on TCP port 244 using telnet.
6d7a217cbc74f1ae1180075fa55ab4d11eb19cae14868f624448f6c09866843cMIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
8773b3bfd0e0592c3edf601f077d0a72337dfeff5b9834c1c5b5910404e01349Astalavista Security Newsletter - Issue 19 - Featured articles include - Security Researchers and you organizaton caught in between?, Today's security trends and practical tips for your security - Part 1 as well as an interview with Eric Goldman EricGoldman.org.
7baaf86e39b051c684c7bd5c5b763893728208d8a29792ced4bbcdc3636ab133Astalavista Security Newsletter - Issue 18 - Featured articles include - Insiders at the workplace - trends and practical risk mitigation approaches, Spam - proactive protection tips and an interview with John Young from Cryptome.org.
a9c9ed602957b03ba4ccec3c292527e8f1d159f0bdd65899bd245a4514f9aba8Astalavista Security Newsletter Issue 17 - Featured articles include - DNS Security and the introduction of DNSSEC Part 2 ; Mobile phones' bluetooth attacks and how to protect yourself, and an interview with Roman Polesek from Hakin9.org.
8cb77d5585dd6caa122b4b6b018dbf07579a6132b7a5b9ec91ddbecbf27d002fSQL injection exploit for MyBB PR2
931c70d34554bac034d6bb2bcc18badc49bc36b15eafa6fddb4d47848985b7ddDebian Security Advisory DSA 802-1 - Marcus Meissner discovered that the cvsbug program from CVS, which serves the popular Concurrent Versions System, uses temporary files in an insecure fashion.
328a0a542c4d6f60fa6dfff4289714ed0c29dede0a6e3bf5e49ff48eb8b2c483myBloggie versions 2.1.3-beta and prior suffer from SQL injections and privilege escalation vulnerabilities.
aa1eadc4ab379e63764c6aa310baf69a3cfd884faac949c60757e13bb56bb01eMandriva Linux Security Update Advisory - Ilja van Sprundel from suresec.org notified the KDE security team about a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. In order for an exploit to succeed, the directory /var/lock has to be writeable for a user that is allowed to invoke kcheckpass.
4777c752bcd6597f96c96b1cd0f65480dc336439c93211736685cf7dad59dd1dMandriva Linux Security Update Advisory - Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. This vulnerability was initially discovered by Javier Fern
a47c7b1147b1d3baf301144a1eadf49cf107afeef603b598d59f027c3dd9368aUbuntu Security Notice USN-177-1 - apache2, libapache-mod-ssl vulnerabilities - Apache did not honour the "SSLVerifyClient require" directive within a block if the surrounding block contained a directive "SSLVerifyClient optional". This allowed clients to bypass client certificate validation on servers with the above configuration. Also, Filip Sneppe discovered a Denial of Service vulnerability in the byte range filter handler. By requesting certain large byte ranges, a remote attacker could cause memory exhaustion in the server.
f63bd9e3e650b2f1d6cbf6e4bceff6b9f82ee6c95a22dc5b50cef9f0bab677b0Ubuntu Security Notice USN-176-1 - Ilja van Sprundel discovered a flaw in the lock file handling of kcheckpass. A local attacker could exploit this to execute arbitrary code with root privileges.
b419e916d6eaef50b8207c2fddbe8550191cd454338f309985dd513d0f2b8933Ubuntu Security Notice USN-160-2 - USN-160-1 fixed two vulnerabilities in the Apache 2 server. The old Apache 1 server was also vulnerable to one of the vulnerabilities (CVE-2005-2088). Please note that Apache 1 is not officially supported in Ubuntu (it is in the "universe" component of the archive).
4c77e34937b466d8814d9fdbcb4bfc9238594501b16e9bf4138b9bea0692a4a6FreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.
42359b765b65baccde1ce2c51098dbada23fc98d9631451d3ea628c76795611bGentoo Linux Security Advisory GLSA 200509-06 - Certain malformed requests result in a segmentation fault in the sslConnectTimeout function, handling of other certain requests trigger assertion failures. Versions less than 2.5.10-r2 are affected.
c7e4f4855820ab1cfe596106efc46a5123f47f0c293e1a7323d7d8c435021252Mandriva Linux Security Update Advisory - buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via a video file with an audio header containing a large value in a strf chunk.
7b3e6873b460f03c379d889d6f3bdfa59e23233031a499f5828119f39d23b366Mandriva Linux Security Update Advisory - A severe security issue has been discovered in Smb4K. By linking a simple text file FILE to /tmp/smb4k.tmp or /tmp/sudoers, an attacker could get access to the full contents of the /etc/super.tab or /etc/sudoers file, respectively, because Smb4K didn't check for the existance of these files before writing any contents. When using super, the attack also resulted in /etc/super.tab being a symlink to FILE. Affected are all versions of the 0.4, 0.5, and 0.6 series of Smb4K.
2e7d946d88525e9117a39502618c5c8066182d1bb26b4e22744dea059b24fb60Mandriva Linux Security Update Advisory - When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group.
d7150bc8beea7498450152bf9d24ad55ba00067fa4e0945ceb1f6bd303c308a2Secunia Security Advisory - Secunia Research has discovered a vulnerability in ALZip, which can be exploited by malicious people to compromise a vulnerable system.
6e797630c120124efce69efd09e54036c065745ba1e6c450d3d39fb8d0dec274Secunia Security Advisory - Nickolay has reported a vulnerability in Squid, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
dc908c1b10fce63172677213350dca97ad92141aad8e2d1b0a4945ff10d563a3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed