Mandriva Linux Security Advisory MDKSA-2006-122 - Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function. One instance in gd_io_dp.c does not appear to be corrected in the embedded copy of GD used in php to build the php-gd package.
078baf545d95bd5abffd5b9c6906c264aca0a63991ad51e6969346224452d967Mandriva Linux Security Advisory MDKSA-2006-123: A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel
89ed95c42d6ae642417e9cd6182cc130f8da9b5ea0b294b082f495a8da22a124SCO Security Advisory SCOSA-2006.26 - The Mozilla 1.7.13 browser contains fixes for several security issues resolved by Mozilla.org developers since the release of Mozilla 1.7.12.
154f483444b29ecca0b3e4e03c1afe41f32d52edbfcf9a0a4f54f9d029a582f3ARES 2007, "The International Security and Dependability Conference", preliminary Call For Papers. This conference will be held from April 10th through April 13th, 2007.
08b0bf193a0ea8102a2d9beb609061efa46e900e62bebe75850352b26fa9cc91Mandriva Linux Security Advisory MDKSA-2006-121 - A stack-based buffer overflow in MiMMS version 0.0.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions. Xine-lib contains an embedded copy of the same vulnerable code.
9f9c573a81c25c21c520705fe4fc599258a50b42e895dac9bc9939ba9c80690eCisco Security Advisory - Cisco Intrusion Prevention System (IPS) software version 5.1 is vulnerable to a denial of service condition caused by a malformed packet, which may result in an IPS device becoming inaccessible remotely or via the console and fail to process packets. A power reset is required to recover the IPS device. There are no workarounds for this vulnerability. Cisco Intrusion Prevention System 42xx appliances running IPS software versions 5.1(1), 5.1(1a), 5.1(1b), 5.1(1c), 5.1(1d), 5.1(1e) or 5.1(p1) are affected.
3c5976e8db9ce8cd47a70bbe57acdbb26e5ca9c21be6751438fabe801c1edf63Cisco Security Advisory - Cisco Unified CallManager (CUCM) 5.0 has Command Line Interface (CLI) and Session Initiation Protocol (SIP) related vulnerabilities. There are potential privilege escalation vulnerabilities in the CLI which may allow an authenticated administrator to access the base operating system with root privileges. There is also a buffer overflow vulnerability in the processing of hostnames contained in a SIP request which may result in arbitrary code execution or cause a denial of service. These vulnerabilities only affect Cisco Unified CallManager 5.0.
c9ca72f847213f73f2836cf22c2f815dce306865288955c1bb935433be4ad695Cisco Security Advisory - The default Cisco IOS configuration shipped with the Cisco Router Web Setup (CRWS) application allows the execution of commands at privilege level 15 through the Cisco IOS HTTP (Hypertext Transfer Protocol) server web interface without requiring authentication credentials. Privilege level 15 is the highest privilege level on Cisco IOS devices. Cisco routers whose configurations have been based on the default IOS configuration shipped with any version of CRWS prior to version 3.3.0 build 31 may be affected by this vulnerability.
9a07f028492881d28669020d6890c223c4c05c09b6993cf5f1965939215ff6e0Ubuntu Security Notice 315-1 - Matthias Hopf discovered several buffer overflows in libmms. By tricking a user into opening a specially crafted remote multimedia stream with an application using libmms, a remote attacker could exploit this to execute arbitrary code with the user's privileges. The Xine library contains an embedded copy of libmms, and thus needs the same security update.
6162420557cecadf7290299153f34baad45b9173116f360cc1cc7f24f83df2ddUbuntu Security Notice 314-1 - The Samba security team reported a Denial of Service vulnerability in the handling of information about active connections. In certain circumstances an attacker could continually increase the memory usage of the smbd process by issuing a large number of share connection requests. By draining all available memory, this could be exploited to render the remote Samba server unusable.
d1e30d1c0b43b63e4af3cf4f746057aefcb66fdcd8faf4a7335083ff15175a28Ubuntu Security Notice 316-1 - Iwan Pieterse discovered that, if you select "Go Back" at the final message displayed by the alternate or server CD installer ("Installation complete") and then continue with the installation from the installer's main menu, the root password is left blank rather than locked. This was due to an error while clearing out the root password from the installer's memory to avoid possible information leaks.
5f0b6d7d32f5d1f5feea50038fefc5b5f7e9255c4fea46f49a431eb86f1b3e6fTOPo version 2.2.178 suffers from a password reset vulnerability.
a6d782a812547c9bdd7f1d27fbe48220aa185879120d355cdcef8d6f3d4fa2b0Ubuntu Security Notice 313-1 - Multiple vulnerabilities have surfaced in Open Office.
183cd37f23e6784429f845c08d6fbb813c48b81039ff86f887a33806e1a21660FLV Players 8 suffers from multiple input validation vulnerabilities including cross site scripting.
a6fdaf65060567d4518a739b2233d921b80a30038f1292a00d7695481dfd0eefLazarus Guestbook versions 1.6 and below suffer from cross site scripting flaws.
737cc64ab8a5884e74d15fce2f58e8d64b236689a7de31c82a0c91afa767d538S21Sec Advisory S21SEC-032-en - FatWire Content Server 5.5.0: It's possible to obtain administrative privileges in the portal without previous registration or validation.
76c7cce61580e57eba7469aad50f6b71aa38321ada12a5665dc3387f317cfd2dNSFOCUS Security Advisory (SA2006-05) Microsoft Excel SELECTION Record Memory Corruption Vulnerability
20fa71506e9a522ca77b91f7935e9f6ec81a7f164a36f14b2b8a997524831ec6NSFOCUS Security Advisory (SA2006-06) Microsoft Excel COLINFO Record Buffer Overflow Vulnerability
c22fd01b6c574e789afe39373dcac66cd697690b15ce3a7a1c12b75d1fe25e72NSFOCUS Security Advisory (SA2006-04): Microsoft Office GIF Filter Buffer Overflow Vulnerability
f6d7da3823e251f1cb9649c96619caa8d368965ad897a26f45e698b8ccea4bd3Secunia Security Advisory - Ubuntu has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
6b51ab23ed59818056f75a9ae93aac05c90aa69d73757d0d7692620ab9a5940aSecunia Security Advisory - A security issue has been reported in Ubuntu, which potentially can be exploited by malicious, local users to gain escalated privileges.
57a274fb9913d8bda4a5ad999d648047a2018b945837adfb2c822491b1a7ad5bSecunia Security Advisory - Ubuntu has issued an update for libmms and xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
2f540a147d1ee650f33f6c53c1022ce67c1edbeafab1296b940b14055829e36cSecunia Security Advisory - Ubuntu has issued an update for zope. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.
984cfb920a888c7601e39816f14495a938bff2c0dd8fc1be599ad76ee0511e11Secunia Security Advisory - Kevin Kofler has reported a vulnerability in libtunepimp, which potentially can be exploited by malicious people to compromise a user's system.
f7d2e2475323e100bbe2a9e8b5b912a6520a36ce127e05c3a66820397a291731Secunia Security Advisory - Ubuntu has issued an update for libtunepimp. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
504cc266b9d492d01c422463c0479f6229cb5c85e4f2de203cb1d45de0c54afa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed