LIMBO CMS versions 1.0.4.2 and below suffer from blind SQL injection, cross site scripting, local file inclusion, remote code execution, and other fun flaws. Exploit provided.
4d7f73b2b9ce04212d8673ee53a09e830c0b56830ddc389c64f6db002b24cbb4
iDEFENSE Security Advisory 12.14.05 - Remote exploitation of a denial of service vulnerability in Trend Micro Inc.'s ServerProtect EarthAgent daemon allow attackers to cause the target process to consume 100% of available CPU resources. The problem specifically exists within ServerProtect EarthAgent in the handling of maliciously crafted packets transmitted with the magic value \x21\x43\x65\x87 targeting TCP port 5005. A memory leak also occurs with each received exploit packet allowing an attacker to exhaust all available memory resources with repeated attack. iDefense has confirmed the existence of this vulnerability in Trend Micro ServerProtect for Windows Management Console 5.58 running with Trend Micro Control Manager 2.5/3.0 and Trend Micro Damage Cleanup Server 1.1. It is suspected that earlier versions and versions for other platforms are vulnerable as well.
9bfc7d11f02284f37766b9dc9b287113f0e17149f9dbd9f529e9d3d436cff490
iDEFENSE Security Advisory 12.14.05 - Remote exploitation of a heap overflow in Trend Micro Inc.'s ServerProtect Management Console allows remote attackers to execute arbitrary code with the privileges of the underlying web server. The problem specifically exists within the relay.dll ISAPI application upon processing of large POST requests with wrapped length values. iDefense has confirmed the existence of this vulnerability in Trend Micro ServerProtect for Windows Management Console 5.58 running with Trend Micro Control Manager 2.5/3.0 and Trend Micro Damage Cleanup Server 1.1. It is suspected that earlier versions and versions for other platforms are vulnerable as well.
0df4d6d0dffdc1cfc7d0952eba709daad134991e21afdae77b6d36b19010895a
iDEFENSE Security Advisory 12.14.05 - Remote exploitation of a heap overflow in Trend Micro Inc.'s ServerProtect Management Console allows remote attackers to execute arbitrary code with the privileges of the underlying web server. The problem specifically exists within the isaNVWRequest.dll ISAPI application upon processing of large POST requests with wrapped length values. iDefense has confirmed the existence of this vulnerability in Trend Micro ServerProtect for Windows Management Console 5.58 running with Trend Micro Control Manager 2.5/3.0 and Trend Micro Damage Cleanup Server 1.1. It is suspected that earlier versions and versions for other platforms are vulnerable as well.
2b7f7561dc295bc1cfe3e20219662ae750c9bb92cf1486276a5ed8b07010d923
iDEFENSE Security Advisory 12.14.05 - Remote exploitation of an input validation vulnerability in Trend Micro Inc.'s ServerProtect Management Console allows remote attackers to view the contents of arbitrary files on the underlying system. The problem specifically exists within the handling of the IMAGE parameter in the script rptserver.asp.
1b01155d4ea95e1c1d0ae336bc10735c394b99ac36b81cfe1486db6a0e63ae9b
iDEFENSE Security Advisory 12.14.05 - Local exploitation of an insecure permission vulnerability in multiple Trend Micro Inc. products allows attackers to escalate privileges or disable protection. The vulnerabilities specifically exist in the default Access Control List (ACL) settings that are applied during installation. When an administrator installs an affected Trend Micro product, the default ACL allows any user to modify the installed files. Due to the fact that some of the programs run as system services, a user could replace an installed Trend Micro product file with their own malicious code, and the code would be executed with system privileges. iDefense has confirmed the existence of this vulnerability in Trend Micro PC-Cillin Internet Security 2005 version 12.00 build 1244. It is suspected that previous versions are also vulnerable. It has been reported that InterScan VirusWall, InterScan eManager and Office Scan are also vulnerable.
90d5c18f790c3db8f59c97c8aa2fd77510a1660e46cdc941387c55ec47cd3e76
Gentoo Linux Security Advisory GLSA 200512-06 - iDEFENSE reported a possible overflow due to the lack of bounds checking in the dissect_ospf_v3_address_prefix() function, part of the OSPF protocol dissector. Versions less than 0.10.13-r2 are affected.
bdf1a35b27e80eb7840f35797133cb81563158c685223504485da7c07c8f8b52
IBM Websphere 6 sample scripts are susceptible to cross site scripting vulnerabilities. Details provided.
9e09a3297b7ac63c5723f042e60e68336089ae1baa79a68fb8a0de87ed180f05
Gentoo Linux Security Advisory GLSA 200512-05 - iDEFENSE reported that the AddressFromAtPtr function in the sendmail program fails to check bounds on arguments passed from other functions, and as a result an exploitable stack overflow condition occurs when specifying the -t command line option. Versions less than 1.22 are affected.
9ef88f8e3529e22b523d7ad7b4a80b577d4001132c7f26a692dfbaf90746585f
PHPNUKE versions 7.9 and below suffer from a cross site scripting filter bypass vulnerability. Details provided.
b822066411260c1bad7f9ab633bb20601f987a203ef129643115c960a7336b8c
Ubuntu Security Notice USN-230-1 - Simon Kilvington discovered a buffer overflow in the avcodec_default_get_buffer() function of the ffmpeg library. By tricking an user into opening a malicious movie which contains specially crafted PNG images, this could be exploited to execute arbitrary code with the user's privileges.
b80943c261371e1d737af6d134e09523ffd5802941ba4dc837e952cce27b7468
The Widcomm BTW suffers from a remote audio eavesdropping issue.
866ef0aaf005e2d1e28227c8b6a9b0360290e3611a675df0bb6706bd1d5e5344
The CSC has discovered an issue that could impact upon the availability and security of servers operating Business Objects WebIntelligence software. If a remote malicious attacker is able to access authentication mechanisms, they can lock out and effectively disable user accounts, including General Supervisor (admin) users leading to system unavailability.
b04f16318bc6045d878d2029c48aaa390cb9fd1f5c26e302bb222b453b0c09ad
Interesting write up that revisits the LanD attack where ICMP is spoofed to a host with the source IP being set the same as the destination IP. Various modem and router vendors appear affected.
dfd0bae10cbeed7e6ae5a22bb3e7ff1b1aeebf8064dfd7d6846ee4edad6906f5