The following two security vulnerability issues have been identified in the CA Message Queuing (CAM / CAFT) software: CAM is vulnerable to a Denial of Service (DoS) attack when a specially crafted message is received on TCP port 4105. CAM is vulnerable to a Denial of Service (DoS) through the spoofing of CAM control messages.
fa9bcf5733c36e27029a5ff78f5ff979acef14def6f47abd1743b7b6362823ebTrend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.
9c664395dce29c6ee10c00fb5bdb2295836c82ce9b9da4b3f0df46c4ae996247Mandriva Linux Security Advisory - Multiple response splitting vulnerabilities in PHP allow remote attackers to inject arbitrary HTTP headers via unknown attack vectors, possibly involving a crafted Set-Cookie header, related to the session extension (aka ext/session) and the header function. Multiple cross-site scripting (XSS) vulnerabilities in PHP allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in certain error conditions.
c98385883dccd198b6d3864905ce4577e8f33952b37da51c5c40bcbe9a83eb70Technical Cyber Security Alert TA06-032A - America Online has released Winamp 5.13 to correct a buffer overflow vulnerability. By convincing a user to open a specially crafted playlist file, a remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the user. Winamp may open a playlist file without any user interaction as the result of viewing a web page or other HTML document.
1e0277b3054f29f9a489f8d9b090518ad23def64220f8bd3b659b9f34d101653FreeBSD Security Advisory FreeBSD-SA-06:08.sack - SACK (Selective Acknowledgment) is an extension to the TCP/IP protocol that allows hosts to acknowledge the receipt of some, but not all, of the packets sent, thereby reducing the cost of retransmissions. When insufficient memory is available to handle an incoming selective acknowledgment, the TCP/IP stack may enter an infinite loop.
8d3f7d980f0020012c292d7bd87a577e7beeedfba74ebfdf5862b03683811826AshWebStudio in Ashnews version 0.83 is susceptible to cross site scripting attacks and remote file inclusion flaws.
bf428ab66387cf06fcad67bfd98f8b7acb42600c71eb16c9353a18196875d622iDefense Security Advisory 02.01.06 - It has been found that a specially crafted m3u or pls file can overwrite a stack based buffer allowing for remote code execution. This vulnerability is specific to the 5.11 version of Winamp and does not affect previous versions.
55cfc9433a739a9d58acb02156040187fb0c6d1dfe185aad02576b64a0fdf607Secunia Security Advisory - Two vulnerabilities have been reported in various products within the CA Message Queuing (CAM / CAFT) software, which can be exploited by malicious people to cause a DoS (Denial of Service).
76a70c9a69364eeb1058891dee5f7a0847e9f7647d218785525ffe593f216a8cSecunia Security Advisory - A vulnerability has been reported in various Autodesk products, which potentially can be exploited by malicious people to compromise a vulnerable system.
85d1346ee9f0603748478fa6d05ec63ee39398022430026c802c112c9458a170Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
9696a08976ca3a466716a475e0f003479856b8ab1e5dc5ae83b02309e23f5fbfSecunia Security Advisory - Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system.
3b39cda16049485fa09a5918a6593b0c68455d2ddebcf9b372813d8fe45bf723Secunia Security Advisory - Two vulnerabilities have been reported in Mozilla Suite, which can be exploited by malicious people to conduct cross-site scripting attacks and potentially compromise a user's system.
8a8eb7e1611c0f75722afa967791f59eee55e99606cfbb63aea0c5378701d583Secunia Security Advisory - Some vulnerabilities have been reported in Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system.
912e9feefaee000bf1bdc0b63ab12af5e3d446a64d38997e6c45b0bc39080a72iDefense Security Advisory 02.01.06 - It has been found that a specially crafted m3u or pls file with a target filename having the .wma extension can crash Winamp giving the attacker control over the EAX register. The vulnerability appears to have been silently fixed in Winamp 5.11.
935858ee6267b84482e4ba827fc47d34de15cccf4e69c52c2ddd81431f77417eFcron (convert-fcrontab) allow users to corruption on heap section.
307ba9a0f7b0232313ae1444b91ef1bddb17413092dccb371e43e011fc3bd6c5Secunia Security Advisory - Preben Nylokken has reported a vulnerability in Daffodil CRM, which can be exploited by malicious people to conduct SQL injection attacks.
cf4a1ef1c8f2be2f3cf4113ae3cca1e9b6710e36c1a83d194414a117e1790536Secunia Security Advisory - A vulnerability has been reported in HP Tru64 UNIX, which can be exploited by malicious people to compromise a vulnerable system.
c228d0cec05c0605d9bc3381f1d3a051ee491485e1fdd6ccda818000fff090c5Debian Security Advisory DSA 962-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdftohtml, a utility that translates PDF documents into HTML format, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
6fa70a3b6a6f9fb83291fc505e7022559c6acf11137079cda7a3ba7a7d9cb364SZUserMgmt version 1.4 suffers from an authentication bypass flaw.
721ae1201bd201dfc48c599f7217f308e0b8aec4be4d2c5758e6fa4c040c9973Calendarix version 0.6.20050830 is susceptible to SQL injection and authorization bypass vulnerabilities.
817429587caf24f8a9bb9b4f73e608f6ac9d5bae42eaa210ec865730b7b9eea5Debian Security Advisory DSA 961-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdfkit.framework, the GNUstep framework for rendering PDF content, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
5043533427927678e995928343a8d90491370c45eda0582ade3e70b36444ccb4Various SQL injection and cross site scripting vulnerabilities have been discovered in SPIP versions 1.8.2-e and below and 1.9 Alpha 2 and below.
3a991cfafd0531bb09745a3b2519ff7ebf3adbae428a01373efe28240b13fb9cPound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
14207c62f7cb0efc5975769a4c7f0edc8bae662e98feb52887e10ce4955a5a5aiptables is the packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3cscponly is an alternative shell for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution privileges. Functionally, it is a wrapper around the ssh suite of applications.
dfa5a334d66150289a391aea4dc00d1b039c644fd1c628bdeddaa7b0710e01a7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed