Packet Storm new exploits for January, 2007.
95724f85c8e7c3ede5c7034235ed9230
MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
03c8cbdabc56a27193402f453ba7debb
Whitepaper entitled Exploiting JSON Framework - 7 Attack Shots.
052059e9ca2376b0b9d89c6a6d5f7d1d
Debian Security Advisory 1256-1 - It was discovered that the image loading code in the GTK+ graphical user interface library performs insufficient error handling when loading malformed images, which may lead to denial of service.
04b34324ef7c745c3c0a166ead134e25
Gentoo Linux Security Advisory GLSA 200701-27 - Teemu Salmela discovered an error in the validation code of smb:// URLs used by ELinks, the same issue as reported in GLSA 200612-16 concerning Links. Versions less than 0.11.2 are affected.
6186634a29b53c15df8a6d424df4cfb6
Gentoo Linux Security Advisory GLSA 200701-26 - KSirc fails to check the size of an incoming PRIVMSG string sent from an IRC server during the connection process. Versions less than 3.5.5-r1 are affected.
818a74e3c4f13a6ceddd9c8806082188
Gentoo Linux Security Advisory GLSA 200701-28 - thttpd is vulnerable to an underlying change made to the start-stop-daemon command in the current stable Gentoo baselayout package (version 1.12.6). In the new version, the start-stop-daemon command performs a chdir / command just before starting the thttpd process. In the Gentoo default configuration, this causes thttpd to start with the document root set to /, the system root directory. Versions less than 2.25b-r6 are affected.
e992fad7912ab6e6d3587fdf16cc2501
Debian Security Advisory 1255-1 - Liu Qishuai discovered that the GNOME gtop library performs insufficient sanitising when parsing the system's /proc table, which may lead to the execution of arbitrary code.
6b10603ecfdaa5f6ff1d5dedae59e8dd
Cadre suffers from a remote file inclusion flaw.
dbe6dbe67c3ec2682c8b3daa37c2d9f5
Cisco Security Advisory - Cisco devices running IOS which support voice and are not configured for Session Initiated Protocol (SIP) are vulnerable to a crash under yet to be determined conditions, but isolated to traffic destined to Port 5060. SIP is enabled by default on all Advanced images which support voice and do not contain the fix for CSCsb25337. There are no reports of this vulnerability on the devices which are properly configured for SIP processing. Workarounds exist to mitigate the effects of this problem. IOS releases that include voice support after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG and all of 12.4 are affected.
ef630cb93afce94787df82c139fd9b8b
Oracle 10g R2 Enterprise Manager suffers from a classic directory traversal flaw. Details provided.
0c5b1958a382b2b56a78fd3ccad8e0f0
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote resource exhaustion vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause LGSERVER.EXE to write very large files to the system disk. In addition, the LGSERVER.EXE process becomes unresponsive until the file has been written.
f96044c51bcb9897bf083cf6eebbb52b
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote denial of service vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause the process to terminate.
865b0f8edf04493798df6cd6397e3b54
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote c ode execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 1900, it is possible to cause a stack overflow that allows arbitrary code execution as Local System.
bb9d6d34d81c344270cf41343b5ab20a
BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote code execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to execute arbitrary code as SYSTEM on a Windows Platform.
b7f57a2008ba7f24d464595979b82415