Gentoo Linux Security Advisory GLSA 200510-08 - Ulf Harnhammar discovered a format string bug in the routines handling CDDB server response contents. Versions less than 1.1.0-r5 are affected.
ce94a8fc639d56ec96af2321cef16e9a8cb629d6d971413c73b76c58935f612cPHP Counter is susceptible to cross site scripting and SQL injection vulnerabilities. Exploitation details provided.
fe6f83fddf807501ff863ae0df830e71a2e3dffac6cbb41176b5e850d230df7eProof of concept exploit for the remote format string vulnerability discovered in the xine/gxine CD player. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0. Patch available here.
ae1c511af9c5fd4967684e6f3287c7f4fca6594afee4b7ff717ad17350d3071fPatch for the xine/gxine CD player that was found susceptible to a remote format string bug. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0.
6e77aa5381a31e060d00c8af9e23be5266d5a7c218794981c37b49ec78e5e54bThe xine/gxine CD player is susceptible to a remote format string bug. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0. Patch available here.
1aea14a58fd32bca633044be383cec8a50c14ce68e2981888d358c4b5a246842Debian Security Advisory DSA 849-1 - Supernaut noticed that shorewall, the Shoreline Firewall, could generate an iptables configuration which is significantly more permissive than the rule set given in the shorewall configuration, if MAC verification are used in a non-default manner.
bf2c2f0c78b7eb0bfed1de6754eba45504ef7b8ada97d9b04f53aba1cb0ec2e3Debian Security Advisory DSA 848-1 - Jens Steube discovered two vulnerabilities in masqmail, a mailer for hosts without permanent internet connection. When sending failed mail messages, the address is not sanitized, which allows a local attacker to execute arbitrary commands as the mail user. When opening the log file, masqmail does not relinquish privileges, which allows a local attacker to overwrite arbitrary files via a symlink attack.
f7f59ad84fbb01fe499aa54d77b5c6413626d30e33b3ee7d24987261d3132c5bDebian Security Advisory DSA 847-1 - Joxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code.
6c65844793ba31d943e00a8ab86d202a56b4e5e33bcd39c77358b0873169965eCyphor version 0.19 suffers from SQL injection and cross site scripting flaws. Full proof of concept exploit provided.
e2024c715e0493e8c0fc2ac8ef88c0b249a80be26526a4ab811731ab42839272Mandriva Linux Security Update Advisory - faxcron, recvstats, and xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. In addition, HylaFax has some provisional support for Unix domain sockets, which is disabled in the default compile configuration. It is suspected that a local user could create a fake /tmp/hyla.unix socket and intercept fax traffic via this socket. In testing for this vulnerability, with CONFIG_UNIXTRANSPORT disabled, it has been found that client programs correctly exit before sending any data.
62d8e72fae9a4a68d6e24a2850d05bb819ea9695193453de5c40931f5182a02eMandriva Linux Security Update Advisory - Miniserv.pl in Webmin 1.220, when full PAM conversations is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
a2567dded228c5c8e1ec16208f680d5d1cc3614ecdb6712bdc01b2a5284525a6An Anti-Virus bypass flaw has been discovered that slightly varies from CVE-2004-0932 and CVE-2004-0937. It makes use of a specially crafted archive. Full exploitation details provided. Appears to possibly affect all anti-virus products.
f92e703b893d5f4977d69da5d703d39b71d420ebaa92636377f76293e213638cWhitepaper as well as presentation slides entitled 'Anti-Virus in the Wild' that were presented at the Virus Bulletin 2005 conference in Dublin, Ireland.
edc0b15a49a168b1ba8e246aa35f5afb2f575f8a05bab99c33acb9a984c4d3b8This whitepaper discusses five creative methods used to overcome various stack protection patches. It focuses on the VA (Virtual Address) space randomization patch that has been integrated into the Linux 2.6 kernel. These methods are not limited to this patch, but rather provide a different approach to the buffer overflow exploiting scheme.
e9f9fca0cde5490a18a26b4d4fb35eaa3fbf6d5db5c35bb6958afad8ec2a7705Debian Security Advisory DSA 846-1 - Two vulnerabilities have been discovered in cpio, a program to manage archives of files.
c665205959ec8f3619720b2de74392a8140fdb744d012e6f45e8a52f82aa1760HP Security Bulletin - A potential security vulnerability has been identified with Apache running on HP-UX where the vulnerability could be exploited remotely to bypass client-based certificate authentication and gain unauthorized access to certain web pages.
236ac9f717d5af9a85f8bb1175d7955ec053fed46743ec7fd8f31ab7e23f6953The Oracle Forms servlet can be used to cause a denial of service against the TNS Listener.
72d657c9d34a08163e0ac91b91a9aecbea265ce6791086334997b32c828e111fThe web interface for iSQLPlus in Oracle Database 9.0.2.4 can be used to cause a denial of service against the TNS Listener.
ab783831ce9a6285a953756ea16236eef2b4d64b31bed4e8bbd16eb3b6fcc156The XMLDB in Oracle Database 9i Release 2 is susceptible to cross site scripting attacks.
f60d5590bc2279e0eb2f276fa15e511bb23e3ee2dfdb2f652d24eead062a25fdOracle Database 9.0.2.4 with iSQLPlus is susceptible to a cross site scripting flaw.
4e46dcca1545f3b988b96e9d9519b788e4170a780349fceb576370c8407df3beDuring the manual installation process of Oracle HTMLDB, the SYS password is logged in plaintext into the file install.lst.
8aade996b0fb6512d99be5ac7c4565565139723d4135a6aaeb91226a61a3af85The Oracle HTMLDB contains some cross site scripting vulnerabilities.
d2f371949cb27d269d5b9249b1197ca0e6160b0e34383d38e2056e71438de8dbAenovo is susceptible to multiple SQL injection and cross site scripting vulnerabilities. Details provided.
43a29a44230d7d18568c832c99fa41dce36ae895792641634b5197bb81828619Gentoo Linux Security Advisory GLSA 200510-07 - c0ntex reported that RealPlayer and Helix Player suffer from a heap overflow. Versions less than 10.0.6 are affected.
127d14301c6ba98adde54ef43406dd14da2c07c3ce731e1532bbed96614ae764MailEnable proof of concept exploit for the W3C logging vulnerability. The shellcode used actually renames the vulnerable binary to disable the system from being vulnerable.
c9cdae7c9b4feeea86406fb868c994266fb649ece1b3e7eccb2bbcc0360a1efa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed