The CA eTrust Admin GINA component contains a privilege escalation vulnerability within the reset password interface. This vulnerability is exploitable only through physical interactive access or through Remote Desktop. Affected products include eTrust Admin 8.1 SP2 (8.1.2), eTrust Admin 8.1 SP1 (8.1.1), and eTrust Admin 8.1 (8.1.0).
3962113ae17c146b5640bd4ec12da7a3f96a4ed5be77c2f201e85de1071f6d9ePHP versions greater than or equal to 4.0.7 and less than or equal to 5.2.1 suffer from an arbitrary variable overwrite in import_request_variables().
5fa15988075ab903a6fb5db15ca53a4cf5cbc587310a227e5c83e5aa6494637bArticle discussing file management security issues in Microsoft Windows Vista/2003/XP/2000.
af2416acea7784325eb7b5e5fd487071fe970b7a59fd3bfa82407217ee7559d8Whitepaper discussing various port scanning techniques with explanations, diagrams, and examples using Nmap and Hping3. PDF version.
c0dd9c2daf75d423372e3098be822433dd1a7a63f0118e0a205fe59b2b971571Whitepaper discussing various port scanning techniques with explanations, diagrams, and examples using Nmap and Hping3. Text version.
d3019251c4f27b4d2fb8cce28300a408be8e83c9a19904cca9e409520ba51ed4Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in dmo/DMO_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
c5cdff64d715a5ff1636f58d8abe75e80d9cf94154c2f6c414ecfa5963b5f403Mandriva Linux Security Advisory - Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
6b5b611577e93ca97e04c8e9a9708f6ef4e8e175667239866876ec1cabe8ae60Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
98e19e2b7caff2cbb310887cdedbd0652b406d4d07adca198bf3b319303a428dMandriva Linux Security Advisory - ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
151bc594bf49a8d4c06b8d0066b3308be2e049c336aacb3b9f336c29486f9541Ubuntu Security Notice 432-1 - Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without --status-fd, there is no way to distinguish initial unsigned messages from a following signed message. An attacker could inject an unsigned message, which could fool the user into thinking the message was entirely signed by the original sender.
b20afc54d5ee0271c49512ca07738acf7c820aafc428e8929919d4c440074d7cUbuntu Security Notice 424-2 - USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem.
e310fb1be714d20b26c72bf2cab12289e3cc50abbc9dc4f113ed397d55290dbePHP version 4.4.6 crack_opendict() local buffer overflow exploit.
94c68df67e2e1df9884d7e59cdc21affda88015442b720d1db00be61a81e5c00Black Hat USA 2007 Call For Papers. Black Hat USA Briefings 2007 takes place at Caesars Palace Las Vegas, Nevada, July 28-August 2.
39881c79d18cff4a2243ee345d72c9e352f1ba186ebc8a37744b40431f26e9fbdynaliens versions 2.0 and 2.1 suffer from admin bypass and cross site scripting vulnerabilities.
7ba86a132b64ef2603f7d81fe45715ad0422256df5f5da3b27ad3b7c7e64ec30Asterisk crashes when handed an otherwise valid request message but with no URI and no SIP-version in the request-line of the message. Asterisk versions 1.2.15 and 1.4.0, along with prior versions, are affected.
4df0189ab0730598e7eef2261fe6960b91fbe72020bb219fd37a290679ce1e96Conquest versions 8.2a (svn 691) and below suffer from buffer overflow and memory corruption vulnerabilities.
858134cf9631a43c96c8ccdb82c9d9e1ae83103f68ee6d3468c7fa13d3ca8cd0Winamp versions 5.12 and below crafted .PLS file remote buffer overflow exploit. Written in Perl.
07d8b624ae8c747343fe22839b4742a9d2799a0d8bc965bb30020428d8281ddeWinZip versions 10.0.7245 and below FileView ActiveX buffer overflow exploit.
13135b625739a870d46e0156520936ebef5b93a66dc0bdbacf68dd04b7de0584mod_security versions 2.1.0 and below suffer from a POST rules bypass vulnerability.
b3244d2e4f4855891b5b0d5e7fdac24d64fef9bb75f24aacf1299123e1bdf3bbPHP versions 4.4.5 and below and 5.2.1 and below shmop SSL RSA private key disclosure exploit.
534c6aa03aa244af3fb2bbddad9f72491afa2df620545dc250817d60a24cf3ccSnort versions 2.6.1.1, 2.6.1.2, and 2.7.0 remote denial of service exploit.
64c07aec5e8b5052f034febd2b9696cf0e4590dcd7684d523ffe6b812079b68fDebian Security Advisory 1264-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.
8e3df8f485e671883be6bec88e44bb6c9e66f4edf58ff94affb4718bc6fd522cA vulnerability allows attackers to execute arbitrary code on Apple QuickTime Player version 7.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of forged size fields in user-defined data atoms (UDTA). By setting this field to an overly large value, an integer overflow occurs resulting in an exploitable heap overflow. Successful exploitation results in code execution under the context of the running user.
3c46b27729a5cc0f77a4436b174b66b57347bfc4d93cec3e17ad567beaa38d7dA vulnerability allows remote attackers to execute arbitrary code on Novell NetMail version 3.5.2. Authentication is not required to exploit this vulnerability. The specific flaw exists in the webadmin.exe process bound by default on TCP port 89. During HTTP Basic authentication, a long username of at least 213 bytes will trigger a stack based buffer overflow due to a vulnerable sprintf() call. Exploitation of this issue can result in arbitrary code execution.
ffb6df8237fe772875dbde8970d3255dc11ed6808126cdb08a3ecb0b4b34fa8bPhpMyAdmin versions 2.9.2 and below suffer from cross site scripting and cross site request forgery flaws.
c091998521db907f610d4211ad5dff7c231c9f9f496f1e6d1d635a31d5158d5b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed