Ubuntu Security Notice 418-1 - A flaw was discovered in Bind's DNSSEC validation code. Remote attackers could send a specially crafted DNS query which would cause the Bind server to crash, resulting in a denial of service. Only servers configured to use DNSSEC extensions were vulnerable.
4e27064239e27efad0867437ada801b295703285f25ca38ca440f58e4547cb08Mandriva Linux Security Advisory - A logic error in the deferred open code for smbd may allow an authenticated user to exhaust resources such as memory and CPU on the server by opening multiple CIFS sessions, each of which will normally spawn a new smbd process, and sending each connection into an infinite loop. The name of a file on the server's share is used as the format string when setting an NT security descriptor through the afsacl.so VFS plugin.
79f22ffaa9ce0e3537037b26164de8346063ae90e18bc9ca00754aa260337d75Oracle 9i/10g DBMS_EXPORT_EXTENSION SQL injection exploit.
5da3679527ba84f7b21f36ba7d9b950eca072f5b36d1fd021648d1a4da8fd4c0Geeklog version 2 suffers from a remote file inclusion vulnerability in BaseView.php.
020a17a5d039bcd5f6cb9badf8370da0737693fe9553451ebc835e5a1281336fSMA-DB versions 0.3.9 and below suffer from a remote file inclusion vulnerability.
51617bc83ceb460927bb96383e952935fb60cd6bc42a7284a233569c1544cdbeGGCMS versions 1.1.0 RC1 and below remote code execution exploit.
9c4a046334dab11a9dab1b9164db0c1f49ffc786f32fdb20bdfeb3e81412f917Microsoft Internet Explorer 6 mshtml.dll null pointer derefence exploit.
3d73f7db428d98af7dbd722e320dd226e577a86ac0031666cacc354105d2604aMina Ajans Script suffers from a remote file inclusion flaw.
8fa8941eb4ca19e4bde94c86e22ee7e00f59884c0e272f5aae02943dce8278b8Debian Security Advisory 1257-1 - Several remote vulnerabilities have been discovered in samba, a free implementation of the SMB/CIFS protocol, which may lead to the execution of arbitrary code or denial of service.
3b833c5f2326b67c9b1aac0c35214a834900e47eb5d521e30655f20b36fdc993Ubuntu Security Notice 417-1 - Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. An authenticated attacker could exploit this to crash the database server or read out arbitrary locations in the server's memory, which could allow retrieving database content the attacker should not be able to see. Jeff Trout reported that the query planner did not verify that a table was still compatible with a previously made query plan. By using ALTER COLUMN TYPE during query execution, an attacker could exploit this to read out arbitrary locations in the server's memory, which could allow retrieving database content the attacker should not be able to see.
276efa3f8ae6e6316c21d9bd4a5cc9aad843153f184120b3fde27f02a2123412iDefense Security Advisory - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to trigger a heap corruption vulnerability. The vulnerability can be triggered by sending an overly long HTTP CONNECT request to WinProxy's HTTP proxy service. iDefense has confirmed this vulnerability in WinProxy 6.1a and 6.0 r1c. All previous versions are suspected vulnerable.
d2044d04ae53aaf7545b251d93ad6569c3f042b4971c7610071ef2cf8d54ed23Versions of Jetty, the popular java web server, are vulnerable to a session id prediction attack. Jetty uses java.util.Random to generate session ids. The internal state of this generator can be easily discovered, leading to an attacker being able to hijack existing and future sessions. Jetty versions below 4.2.27, 5.1.12, 6.0.2 and 6.1.0pre3 are affected.
c1d988304d1385f3280f2844850635794020da733cf9d0150423c973335069fcThe name of a file on the server's share is used as the format string when setting an NT security descriptor through the afsacl.so VFS plugin. This affects Samba versions 3.0.6 through 3.0.23d. Patch included.
1b9a5933a61b5ba5816be5b3ed95fee8d77b027e7ccbbe015eab2b33ace3c7f3A logic error in the deferred open code can lead to an infinite loop in smbd. This affect Samba versions 3.0.6 through 3.0.23d. Patch included.
f7857b2a68d7a679f8925c8272b9cc6e79a032b0159f6cba512e0905b3125d31Samba versions 3.0.21 through 3.0.23d suffer from a potential overrun in the gethostbyname() and getipnodebyname() in the nss_winbind.so.1 library on Solaris that can potentially allow for code execution. Patch included.
25a9b7c50109733111e809ad13bdcb9a8fcd574b275715d781e59adc978d92cfFlashchat versions 4.7.8 and below suffer from a cross site scripting vulnerability.
af9d13bd1320de1c3f19c2229110eb574d95c749be57051c6365edc9eeee3c15The Cold Fusion web server suffers from a cross site scripting vulnerability.
c6134e49f82cb3a72792bf007c285e2438ecca4f849550526c75b89ecbf0f72eUphotogallery version 1.1 is susceptible to cross site scripting attacks.
59252f18f2ce50937d9715492ada82d603c7e61eefec55763422383eacaeefa6dvddb version 0.6 suffers from a remote file inclusion vulnerability.
88703db88496df688d24e0d1cacc0eb44effd92e50a589aa29f366cb36639206Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.
602cb39c8ea3a3fed659db86b8e125037d32883c0f0f836cb2930f82c109dd9aXoops version 2.0.16 core suffers from SQL injection vulnerabilities.
34878ea90a9132a807a8e2ad4c09ae99ef0a091018537753850d42a8c96cdbdbLetterman version 1.2.3 suffers from SQL injection vulnerabilities.
3420c0a7e898fac992969113dfb02a9dfcda84fd50178579165cb6c69c1da9b3Joomla! version 1.5.0 Beta suffers from SQL injection vulnerabilities.
b7622a565def445ec0da61a9e888f37a0de5e91edaa09b53cb64ab04c7303807There is an interesting vulnerability in the default behavior of Firefox builtin popup blocker. This vulnerability, coupled with an additional trick, allows the attacker to read arbitrary user-accessible files on the system, and thus steal some fairly sensitive information. This was tested on 1.5.0.9.
84992efa78bb3a3fb28262ec1636137a11f3ea4f0311648432ccd5daf13f4aa1Wap Portal Server version 1.x suffers from a remote file inclusion vulnerability.
918b8f998f6aadbdf4b3b953ea6945b76631821843a635718da845398c7436e7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed