Ubuntu Security Notice 451-1 - The kernel key management code did not correctly handle key reuse. A local attacker could create many key requests, leading to a denial of service. The kernel NFS code did not correctly validate NFSACL2 ACCESS requests. If a system was serving NFS mounts, a remote attacker could send a specially crafted packet, leading to a denial of service. When dumping core, the kernel did not correctly handle PT_INTERP processes. A local attacker could create situations where they could read the contents of otherwise unreadable executable programs.
ff3824ab5fb0d91b93cf9fd86ef36b10445d9258052d8e2ae3f5c67eb9e29834Mandriva Linux Security Advisory - Local exploitation of a memory corruption vulnerability in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. iDefense reported two integer overflows in the way X.org handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code with the privileges of the X.org server.
3b1c1631f20743de09f36c1b9347ec5d750ad65a0831fd14b5f97665d3ee9d84Mandriva Linux Security Advisory - iDefense integer overflows in the way freetype handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code.
bc6cbfe05e8ed044092c8a0a2255e89e4673cf27af3a68a15c9ae33150f3e5daTechnical Cyber Security Alert TA07-100A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Microsoft Content Management Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
74f6e787e66d07b6ade59058fb26ddbbc68deca40a3bd9da5411e25573279530Mandriva Linux Security Advisory - A vulnerability was found in the username handling of the MIT krb5 telnet daemon. A remote attacker that could access the telnet port of a target machine could login as root without requiring a password. Buffer overflows in the kadmin server daemon were discovered that could be exploited by a remote attacker able to access the KDC. Successful exploitation could allow for the execution of arbitrary code with the privileges of the KDC or kadmin server processes. Finally, a double-free flaw was discovered in the GSSAPI library used by the kadmin server daemon, which could lead to a denial of service condition or the execution of arbitrary code with the privileges of the KDC or kadmin server processes.
6a6d99a418acc8305f4de65a97346cfbfc444a7240458f96d1bbc4da290014aeiDefense Security Advisory 04.10.07 - Remote exploitation of a buffer overflow vulnerability in the Universal Plug-and-Play (UPnP) component of Microsoft Windows could allow an attacker to execute code in the context of the vulnerable service. The vulnerability specifically exists in the handling of HTTP headers sent to the UPnP control point as part of a request or notification. Because it processes certain fields without checking if there is enough storage space, a malicious request may cause a stack-based buffer overflow, potentially resulting in code execution.
ab4897dd132f3ada926ed5cc95e25ce1257277131f313e19bec3542fc3a1c865Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in Microsoft Agent (agentsvr.exe) when processing specially crafted URLs passed as arguments to certain methods. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website with Internet Explorer.
bdde87351842554b64a7f572e06a8bf191f711e8287cec7413c92c3510614663PhpOpenChat versions 3.0.1 and below suffer from multiple remote file inclusion vulnerabilities in poc.php.
a2073ab4ed90293a48b1907c942e35622b9490073ac86eadc7034651da231515eEye Digital Security has discovered a local privilege escalation vulnerability in Windows Vista that allows a program executing without privileges to fully compromise an affected system. A malicious user or malware program could exploit this vulnerability to execute arbitrary code with SYSTEM privileges within the CSRSS process, permitting the bypass of Vista's vaunted user privilege limitations and administrator approval mode. By establishing and closing multiple connections to CSRSS's "ApiPort", an application may cause a private data structure within CSRSS that describes its process to be used after it has been freed, creating an exploitable "dangling pointer" condition. This vulnerability is entirely separate from the CSRSS NtRaiseHardError message box flaw publicly disclosed in December 2006, although both affect code within the CSRSS process. It is interesting to note that this vulnerability only affects Windows Vista, due to new, flawed code added to CSRSRV.DLL in support of functionality introduced in Vista.
9e3f9423f653ac1b326017f5be448337555ba6f9473c7cb24c27270a9d983e2deEye Digital Security has discovered a local privilege escalation vulnerability in the Windows kernel that allows an unprivileged user with the ability to execute a program to fully compromise an affected system. All x86 versions of Windows up to and including Windows Server 2003 SP2 are vulnerable. The Windows kernel's Virtual DOS Machine (VDM) implementation features a race condition through which a malicious program can modify the first 4KB page of physical memory (also known as the "zero page"). The data in this region of memory is trusted and may be subsequently used by other Virtual DOS Machines, including a VDM instantiated by the Windows kernel as part of hibernating or effecting a blue-screen crash. Exploitation of this vulnerability therefore allows arbitrary code to run within other users' VDM processes, and even within the kernel if hibernation or a blue-screen can be provoked by any available means.
caf6c1119af3dab28ff1f2c0a10db34ba618823144b84c2fc3c5d0c70a778133DropAFew versions 0.2 and below suffer from SQL injection vulnerabilities.
d70a0ebccd74c188c38dd1d78303d396a7e2aa349786b47a134cca14004840c7Papers and presentations are now being accepted for DEFCON 15, the conference your mother and ISC(2) warned you about. DEFCON will take place at the Riviera in Las Vegas, NV, USA, August 3-5, 2007.
f0d57c5c8b36f9fa407ce4965d1aa7b8ee4250dac44e402c6474213d37f7e67cKerberos version 1.5.1 kadmind remote root buffer overflow exploit.
e8db9a1943cc4ec249fdac17fbfedb8363cfeb66696583954fa18de60266c597pL-PHP beta version 0.9 suffers from SQL injection, administrative bypass, and local file inclusion vulnerabilities.
55781adadecc25967793eb70dfce2465b352aec8c5eb04c30ed289f92567a30eThe Joomla/Mambo component Taskhopper version 1.1 suffer from a remote file inclusion vulnerability.
82123d7e8605ff2f6576a1286d87930aac9f0074087fd3cb9f388c556666edfaInoutMailingListManager versions 3.1 and below remote command execution exploit.
2e67e5d4cfd708352305417789b2ff5bd75ad09dd076ff3d57e9ce2ff734d828Crea-Book versions 1.0 and below suffer from administrative bypass, database disclosure, and code execution flaws.
4e96baf238f03a998aec9797a04a922034e438cc3596c49b73a64a66e1c89c6fWeatimages versions 1.7.1 and below suffer from a remote file inclusion vulnerability.
c486e7252cd5fdc10d235f3ebbebde7f3bc64284068131abf74da34512754a7fphpGalleryScript version 1.0 suffers from a remote file inclusion vulnerability.
ba863c12f0e2db29b6f7e1869fb4a42f53cb839420d5e8edd85fb0f3a4152fa7HIOX Guest Book (HGB) version 4.0 suffers from a remote code execution vulnerability.
d39ba099a2a60f418aa63783b6c5533200394c780cdf16f9f80e8ff1bca2eef8Secunia Security Advisory - Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
c72fe4566bf9790025f1281c245b916418dff7c447485de4ac3eefa640e5924aSecunia Security Advisory - A vulnerability has been reported in AOL Instant Messenger (AIM), which potentially can be exploited by malicious users to compromise another user's system.
c082be7fc379098667a39542620969a6e777a748578a0c9fc15ce2f38c30e7f5Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
0f739da6969f0e2b28aa0a1e2aa1174802098b087df439518629c2d84186e693Secunia Security Advisory - BeyazKurt has reported a vulnerability in ScarNews, which can be exploited by malicious people to compromise a vulnerable system.
2705e6274131ebff26240ad16993913e5ccae75f1454cfdf255b6df518f9dc57Secunia Security Advisory - Kacper has reported a vulnerability in SmodBIP, which can be exploited by malicious people to conduct SQL injection attacks.
70567ef9ad53ae3c0d55d618f812473e10f51025727727eb459bfddb809925db
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed