Gentoo Linux Security Advisory GLSA 200704-01 - The Madynes research team at INRIA has discovered that Asterisk contains a null pointer dereferencing error in the SIP channel when handling INVITE messages. Furthermore qwerty1979 discovered that Asterisk 1.2.x fails to properly handle SIP responses with return code 0. Versions less than 1.2.14-r2 are affected.
f6851d712de98a5997c4418c720eefbba3b67611e354d32c7bc3d2ee7633b100The Call for Papers for VNSECON Security Conference 2007 is now open. VNSECON 2007 is a security conference taking place downtown in Ho Chi Minh City (aka Saigon), Vietnam from the 3rd to 4th of August 2007.
f1609ba6a8dc7fd81443295492c1ae512d80fead1ba8e724912f8df8256f9eeciDefense Security Advisory 03.31.07 - Remote exploitation of a multiple vulnerabilities within IBM Corp.'s Tivoli Provisioning Manager for OS Deployment allows attackers to crash the service or potentially execute arbitrary code with SYSTEM privileges. These vulnerabilities specifically exist in the handling of multi part/form-data HTTP POST requests. Malformed requests can cause invalid memory accesses leading to denial of service, or in some cases heap corruption. iDefense has confirmed the existence of these vulnerabilities within version 5.1.0.116 of Tivoli Provisioning Manager for OS Deployment. Older versions are suspected to be vulnerable as well.
6a128b2035e9eb4954ecc96a5b62d28b8965123f1331049790650678b5e38b88iDefense Security Advisory 04.02.07 - Remote exploitation of a buffer overflow vulnerability in an ActiveX control installed by Hewlett-Packard Mercury Quality Center could allow for the execution of arbitrary code. iDefense has confirmed this vulnerability in the control that is installed with the 9.0 version of Hewlett-Packard Mercury Quality Center. The vulnerable ActiveX control is version 9.1.0.4353.
5b7a58a511de0448a1f3aa7cfacb09134ed75ed21003432e47ea7cef077143a6iDefense Security Advisory 03.31.07 - Remote exploitation of several buffer overflow vulnerabilities in ImageMagick, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the credentials used for image processing. An integer overflow exists ImageMagick's handling of DCM (Digital Imaging and Communications in Medicine) format files which allows an attacker to cause a heap-based buffer overflow. This vulnerability specifically exists in the ReadDCMImage() function. Two integer overflows exists ImageMagick's handling of XWD (X Windows Dump) format files that allows an attacker to cause a heap-based buffer overflow. The vulnerabilities specifically exist in the ReadXWDImage() function. An integer overflow could occur when calculating the amount of memory to allocate for the 'colors' or 'comment' field. iDefense has confirmed the existence of these vulnerabilities in ImageMagick version 6.3.x. Additionally, the source code for versions 6.3.1, 6.3.2, 6.3.3-3 and 6.2.9 contain the affected code. It is suspected that earlier versions of ImageMagick are also vulnerable.
56c8a5a660452e4edd55f8cf111ae151e2bbb5158e4cacb4bafc0360b92bed25A security vulnerability has been discovered in the APOP protocol that is related to the recent collision attacks by Wang and al. against MD5. Using the man in the middle setting, one can recover the first characters of the password with a few hundred authentications from the client.
1fccafc2839ce661bb7e5f89bcf320907774aa2b78dffb56ed7fbb10b9eeb375HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely to gain unauthorized access to certain facilities of the NNM server.
2aeb6d5b358e88617a159942d83632417260ecad448880f0d9e00ce2f623556dDebian Security Advisory 1274-1 - An integer underflow bug has been found in the file_printf function in file, a tool to determine file types based analysis of file content. The bug could allow an attacker to execute arbitrary code by inducing a local user to examine a specially crafted file that triggers a buffer overflow.
391c88e04422b21a20d2d064764b5af7e5efa1e26a113210c50cb29d42a83596This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
157b4e60ef0c519b39cdcd14ed1785bcf8179f18b70a23331ef92a5645137481This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Internet Explorer (6 and 7) by using the CURSOR style sheet directive to load a malicious .ANI file. Internet Explorer will catch any exceptions that occur while the invalid cursor is loaded, causing the exploit to silently fail when the wrong target has been chosen.
6b5f6b6710a71a3732c8bd3e9bdaa13eef0f941340da69f23d19c64b17e8f8bdReally Simple PHP and Ajax, or RSPA, is susceptible to a remote file inclusion vulnerability. Version RSPA-2007-03-23 is susceptible.
4ca08ebadbed9149443b4f1921f77f9fb3ed0057795a03b0dad4f02d9087b531DirectAdmin versions below 1.29.3 are susceptible to a persistent cross site scripting attack.
aecddc4ae8ca386f2b4c093ee49c6aed712e0a3f864740dc9a0f671d5638a37cThe Toronto security conference SecTor official call for papers has been announced. SecTor will be held from November 20-21, 2007.
507b8c89bd0ad762eccfa07e0dff38b13baa522e638b24524fbb40af93354a51Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
6bd6a9dada95cabce9c3a4423a630072d45dcc85500ad0ce648adbd2be385fccSnortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
a0ef108a14602c8cf8fd55027d103fde1ba00c3893eb279fd65da7e83c9dddd3NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
6ebc4484e1f550824e45f39c5ce1ecc0546aeb2c706460311b7374eb8d33dde52BGal version 3.1.1 suffers from a remote file inclusion vulnerability.
4fc4f22a82230081310b7df20ef2e59e381445e20cfd8329c23904ef5b3d2fa7Xoops module Zmagazine version 1.0 remote SQL injection exploit that makes use of print.php.
6f87f6d966fc61ae6653eb5fb3ee2568ba922b066aa8821b621a6a15565bfa6aXoops module XFsection versions 1.07 and below blind SQL injection exploit.
e240f4747083cb79053ff292be4b719bf997ac1b286933a149f6001cc03b3044Xoops module WF-Section versions 1.01 and below remote blind SQL injection exploit.
e5abcd80f85f9bcb6cf0dfc009e37afcf8a727a9a85345d777a8808e1c383826Xoops module Virii Info versions 1.10 and below remote file inclusion exploit that makes use of index.php.
a33a94bfcb3eb2b45ad24026925e0773d7350cbc6c403515dc874c1fc971af1c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed