Sec-1 has identified an exploitable Buffer Overflow within Collaboration Data Objects (Cdosys.dll and Cdoex.dll). The vulnerability exists when event sinks are used within Microsoft Exchange 2000 or Microsoft Mail services to parse e-mail content. Several Content Security packages were identified to be vulnerable/exploitable.
26ed9986f1acd0482d2a4dccf8225ecf63c139f2483c559189427de3f59962e6Secunia Security Advisory - Secunia research has discovered a vulnerability in Novell NetMail, which can be exploited by malicious people to compromise a vulnerable system.
f8e1c8982ddd568bdaa04cbbaa188d76d77584766b5a3e63ef0f913a740f596eSecunia Security Advisory - Gary O'leary-Steele has reported a vulnerability in GFI MailSecurity, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerability system.
0c2b4d80787040a9db90caa6ccb0855579b34329590783f31fabd611f55d8e9dSecunia Security Advisory - Red Hat has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions.
11f969fd18f1c5567c1c008aff7b49a15926fed0cec1a01d5af55203f929cc2eSecunia Security Advisory - Red Hat has issued updates for util-linux and mount. These fix a security issue, which potentially can be exploited by malicious, local users to gain escalated privileges.
796abeb5c1160d0e80ce304a079761f63bf7ba0f65ec061b16fd511a3eae1715Secunia Security Advisory - Ubuntu has issued an update for sqwebmail. This fixes some vulnerabilities, which can be exploited by malicious people to conduct script insertion attacks.
20ec29921b017448e2747317efb12bd39c3c2f7a8bb169913161bfa635530a24Secunia Security Advisory - A vulnerability has been reported in WebGUI, which can be exploited by malicious people to compromise a vulnerable system.
90eb93af937a6880a6058e3ebc56857bcbb5577e7ce2c954f7d6674213619795Secunia Security Advisory - rjonesx has discovered a vulnerability in Xeobook, which can be exploited by malicious people to conduct script insertion attacks.
ed97ed152a1cc3bc4484c8f3e191f171d83549ed5a808ebb774e4d9f7e80f19aSecunia Security Advisory - Ubuntu has issued an update for koffice-libs/kword. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
80c2f04f2495e9a6e0cab35d78ee80002a6146695bf3e7f653387dece7298c32Secunia Security Advisory - rgod has discovered some vulnerabilities and a security issue in versatileBulletinBoard, which can be exploited by malicious people to disclose system information, and conduct cross-site scripting and SQL injection attacks.
c63d22952d4e4083794c0ff2e91df25c0882335d9071f5c5ae710b7e9df0e03fSecunia Security Advisory - trueend5 has discovered a vulnerability in ZeroBlog, which can be exploited by malicious people to conduct cross-site scripting attacks.
9f7bcf6bfa08f0d887a67e354e84582a269efb5f66ca517b52eded4e13079991Secunia Security Advisory - Mandriva has issued an update for squid. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
8f998196c604b7908598e2298999cce80114e6574978331bf39fb4e8a5fab1f9Secunia Security Advisory - Mandriva has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions.
28d222e05eed179cb10f86ff9f1b7e68e05741627fcb336b6aaeb5886abf59c5Secunia Security Advisory - Mandriva has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
ff846d8ee57f5df086eeda8e933a6b2ae95d7dd5794db39d5d3c9e14854fa943authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
04e48386360e57b79d2b505156aeb0ffde4c2dff3b0ec8ec374a1c797baa5c1carpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
a8a3511b4e96672440462995513f0b3217988917cd4e47999dc3c2b6ea24253aComputer Associates iGateway debug mode remote buffer overflow exploit.
eb2f060cb021814eceb8d676c581c3305e770af0f0a090582fa6e48d9e8636f1Remote phpBB 2.0.13 command execution exploit that makes use of admin_styles.php.
5d4140ceeaab7a8f504dc6a59c12242e4984f6aa36436892fa64cef8d7583eafIE Security - Past, Present and Future. Tony Chor outlines the threats to secure browsing, discuss Microsoft's response with Internet Explorer for Windows XP SP2, and details the implementation of safety features in the upcoming Internet Explorer 7.0, such as the Phishing Filter and Protected Mode (the feature formerly known as Low Rights IE).
5d6c688b8b387dfa57b467d005c434337fed685c161d1c618d8d6c06008a90c8Assessing Server Security - State of the Art. The talk takes into consideration the progress that has been made in web server security over the last few years, and the progress that has been made in attacking web servers over the same time. The paper visits the new vulnerabilities introduced by web applications and discuss the thinking applied to discover such vulnerabilities. It finally describes the state of the art of web server scanning technology.
100459d29fc8945bc761d6a2ccc7ce82103b8f31e835d98cf9a6ae54e18497c5Hacking Windows CE - This paper shows a buffer overflow exploitation example in Windows CE. It covers knowledge about the ARM architecture, memory management and the features of processes and threads of Windows CE. It also shows how to write a shellcode in Windows CE including knowledge about decoding shellcode of Windows CE.
0059aabe36954e204cefd4c2178f8ecdb73547bbf11e9a1e9d1a7ac84f2f8d78iDEFENSE Security Advisory 10.11.05-2 - Remote exploitation of a denial of service vulnerability within various versions of Microsoft Corp.'s Windows operating system allows attackers to cause the msdtc.exe process to crash. The vulnerability specifically exists because of a flaw in processing responses from foreign servers. iDEFENSE has confirmed the existence and exploitability of this vulnerability in Microsoft Windows 2000 SP4. All versions of Microsoft Windows with the vulnerable service running are suspected vulnerable.
a63cf4967cd5a40e9e24e06f576538ffe355dbf264513d5777e8fab6283093e8iDEFENSE Security Advisory 10.11.05-1 - Remote exploitation of a denial of service vulnerability within various versions of Microsoft Corp.'s Windows operating system allows attackers to flood systems with connection attempts from legitimate MSDTC servers. The vulnerability specifically exists because of the functionality in the TIP protocol that allows a remote IP address and port number to be specified for a connection. iDEFENSE has confirmed the existence and exploitability of this vulnerability in Microsoft Windows 2000 SP4. All versions of Microsoft Windows with the vulnerable service running are suspected vulnerable.
9bc8c739e48f0dd0498ba340fd864efa38fbdb082cc9bf7d5dc286e724398805ZeroBlog versions 1.2a and 1.1f are susceptible to cross site scripting attacks.
bea71f694efcc79089a11410c0f538c2188a915129447a7392dd2f94f253781aPhpShop is susceptible to SQL injection attacks. Details provided.
288a5ea99da83c0773c6144310da7061e893ff7feeed0f69d24e6195255b41af
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed