Class-1 Forum version 0.24.4 SQL injection and remote code execution proof of concept exploit.
f905604086859d4e72ea47fb9568dbaaPBLang 4.65 and below remote command execution exploit. Written in PHP.
71ccc7f98383698fd3bb92a718f29fceSuresec Security Advisory - A lockfile handling error was found in kcheckpass which can, in certain configurations, be used to create world writable files. kdebase versions 3.2.0 through 3.4.2 are susceptible.
7d74c170c8c2e344e46a1f82970e2ea3Cisco Security Advisory: Cisco IOS Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack when processing the user authentication credentials from an Authentication Proxy Telnet/FTP session. To exploit this vulnerability an attacker must first complete a TCP connection to the IOS device running affected software and receive an auth-proxy authentication prompt.
ac0529743730805e044120d007a62ab1Stylemotion WEB//NEWS 1.4 is susceptible to SQL injection attacks.
481c54926e3c6d506cd38053c7db8890It appears that the Road Runner ADSL modem allows for unauthenticated logins on TCP port 244 using telnet.
1cac87316feaceaa6caa2332925f34d8MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
19074962a8d624d83339ec43a45faa34Astalavista Security Newsletter - Issue 19 - Featured articles include - Security Researchers and you organizaton caught in between?, Today's security trends and practical tips for your security - Part 1 as well as an interview with Eric Goldman EricGoldman.org.
53b9cd4734e36d4a0329ba899631cb7fAstalavista Security Newsletter - Issue 18 - Featured articles include - Insiders at the workplace - trends and practical risk mitigation approaches, Spam - proactive protection tips and an interview with John Young from Cryptome.org.
c3e1c10506463ef52eab7ef6c678ccecAstalavista Security Newsletter Issue 17 - Featured articles include - DNS Security and the introduction of DNSSEC Part 2 ; Mobile phones' bluetooth attacks and how to protect yourself, and an interview with Roman Polesek from Hakin9.org.
cbacb9336235e3e01d8c40b80c0865acSQL injection exploit for MyBB PR2
cd9f735b64bb72ddccd074a3c0ff4aa2Debian Security Advisory DSA 802-1 - Marcus Meissner discovered that the cvsbug program from CVS, which serves the popular Concurrent Versions System, uses temporary files in an insecure fashion.
0ee0a688851c56c465f57fa479d96e26myBloggie versions 2.1.3-beta and prior suffer from SQL injections and privilege escalation vulnerabilities.
f879c4de1e07cafa7e27e71ee30edc05Mandriva Linux Security Update Advisory - Ilja van Sprundel from suresec.org notified the KDE security team about a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. In order for an exploit to succeed, the directory /var/lock has to be writeable for a user that is allowed to invoke kcheckpass.
12e8cbd9e133bc0dbc8499955e05f86cMandriva Linux Security Update Advisory - Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. This vulnerability was initially discovered by Javier Fern
08272e1693aa0fd6137acf26f5482857Ubuntu Security Notice USN-177-1 - apache2, libapache-mod-ssl vulnerabilities - Apache did not honour the "SSLVerifyClient require" directive within a block if the surrounding block contained a directive "SSLVerifyClient optional". This allowed clients to bypass client certificate validation on servers with the above configuration. Also, Filip Sneppe discovered a Denial of Service vulnerability in the byte range filter handler. By requesting certain large byte ranges, a remote attacker could cause memory exhaustion in the server.
cdae9ab2594c57b38216ec6933a2ac3cUbuntu Security Notice USN-176-1 - Ilja van Sprundel discovered a flaw in the lock file handling of kcheckpass. A local attacker could exploit this to execute arbitrary code with root privileges.
a8cfbdcd299f3cacffbfde1eb3710accUbuntu Security Notice USN-160-2 - USN-160-1 fixed two vulnerabilities in the Apache 2 server. The old Apache 1 server was also vulnerable to one of the vulnerabilities (CVE-2005-2088). Please note that Apache 1 is not officially supported in Ubuntu (it is in the "universe" component of the archive).
dfb5079ad569d744802d06bba6e27464FreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.
144795693624779ec7d30b825746ea02Gentoo Linux Security Advisory GLSA 200509-06 - Certain malformed requests result in a segmentation fault in the sslConnectTimeout function, handling of other certain requests trigger assertion failures. Versions less than 2.5.10-r2 are affected.
101a877261610956df19b3486f2bdc6dMandriva Linux Security Update Advisory - buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via a video file with an audio header containing a large value in a strf chunk.
78feb268478738b1afcde03ed2cafbf6Mandriva Linux Security Update Advisory - A severe security issue has been discovered in Smb4K. By linking a simple text file FILE to /tmp/smb4k.tmp or /tmp/sudoers, an attacker could get access to the full contents of the /etc/super.tab or /etc/sudoers file, respectively, because Smb4K didn't check for the existance of these files before writing any contents. When using super, the attack also resulted in /etc/super.tab being a symlink to FILE. Affected are all versions of the 0.4, 0.5, and 0.6 series of Smb4K.
b920c6779249671a2f1498a4833a170cMandriva Linux Security Update Advisory - When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group.
c8c39a23e9f9362eabf2de74c154daa7Secunia Security Advisory - Secunia Research has discovered a vulnerability in ALZip, which can be exploited by malicious people to compromise a vulnerable system.
37ac498b0ee387481aa1b8163de6137fSecunia Security Advisory - Nickolay has reported a vulnerability in Squid, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
7105a203b315676a38884023e0b941b0
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed