Secunia Security Advisory - SUSE has issued an update for XFree86 and Xorg. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information, cause a DoS (Denial of Service), and gain escalated privileges.
1a51d137df8e3b4ecad120c8b6d4e86b72867ff064c65a431a968d3c8e208b9bSecunia Security Advisory - Gentoo has issued an update for nas. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).
b69839f12a87cdc45ee41017463446e20ac1a4cc16bb13fc53120104108a9610Fedora Core 6 (exec-shield) based GNU imap4d mailutils-0.6 search remote format string exploit.
446e3e6b76cd0a02db343848337da632eee1d94487876ba6ba92fdc125f114b8Joomla version 1.5.0 suffers from a remote file inclusion flaw.
18f4a56ce599dec9df466fc5c2c576f8db8f601b8b54ac3c2a2e294d30cc073cHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS).
0a3f64b0c024991f6dd8f18cdae4cc5d8f4180cfa3960b640b1112b72af63cb8DmCMS suffers from an upload flaw that allows for arbitrary code execution.
f86805fd85028e70de17afb8679cb044733c40f80cb78968189faff88b2ed932Gentoo Linux Security Advisory GLSA 200704-20 - Luigi Auriemma has discovered multiple vulnerabilities in NAS, some of which include a buffer overflow in the function accept_att_local(), an integer overflow in the function ProcAuWriteElement(), and a null pointer error in the function ReadRequestFromClient(). Versions less than 1.8b are affected.
1b1fc75c1301e61b9e4c99459a4dc73a21d41a123e92c98f299fe1ba654484bcMandriva Linux Security Advisory - A stack-based buffer overflow in the ZZIPlib library could allow user-assisted remote attackers to cause an application crash (DoS) or execute arbitrary code via a long filename.
c6280ef2a4de4aa714c357c031c17e27a2db5f5e993af121d2654fea612d01cbMandriva Linux Security Advisory - Multiple buffer overflows were found in the FreeRADIUS package version 1.0.4 and prior that could allow a remote attacker to cause a crash via the rlm_sqlcounter module. As well, an SQL injection vulnerability was also found in the rlm_sqlcounter that could allow a remote attacker to execute arbitrary SQL commands via unknown attack vectors.
67d9567a9b98915bc435635edcb3e4970353328e0e0ee19b7f4341abec6c5202Gentoo Linux Security Advisory GLSA 200704-19 - Stefan Cornelius of Secunia Research discovered an insecure use of the eval() function in kmz_ImportWithMesh.py. Versions less than 2.43 are affected.
01c561e001cdfa5d4392f3a83044df3e53edcd7db96d9d8c331c25d62c07072bLWphpBB2 version 0.4c suffers from a remote file inclusion vulnerability.
e33e569ff829f7ce60fdc6bf087928db8aa872ca773e01560a6fce63809700a9ZoneAlarm's srescan.sys versions 5.0.155 and below suffer from a local privilege escalation vulnerability.
775c99470739d0eb1c3a8cd2b64abad45293f4d798c6987cc8f13256f43795e6TJSChat version 0.95 suffers from a cross site scripting vulnerability.
e50a7ea3c463eff5655e8114e1ceb64db0c90cfb1ece8ed259062a7314f1cb0bacvsws_php5 version 1.0 suffers from a remote file inclusion vulnerability.
2c5488bf602294350b8f6c7beae8782bcdfd188c48e4b3e5fd27292e2b35e878PHPMybibli suffers from a remote file inclusion vulnerability.
3afca6e0c021b1b9e5c1e2e9cbee7429561081e891769272b776b6729e58df54phpMySpace Gold version 8.10 suffers from a blind SQL injection vulnerability.
89dc9b946f4c351bf1b066f7e308857dcb3ca2ec6ce120560a1d9e3a42b81314Post Revolution versions 6.6 and 7.0 RC2 are susceptible to a remote file inclusion vulnerability.
d3a9d58c2219d1f734f52137fd3a9ce61a8bc118cfc5662588fc3added384de7Ripe Website Manager versions 0.8.4 and below suffer from a cross site scripting vulnerability.
977ecfcaf20a5a72669e5f5cd307b061392a16d6c52492e26512d2db4b49f696Gentoo Linux Security Advisory GLSA 200704-18 - CJ Kucera has discovered that some Courier-IMAP scripts don't properly handle the XMAILDIR variable, allowing for shell command injection. Versions less than 4.0.6-r2 are affected.
fa84019855a7397b2431e99055c6145ba8d9de34b1baaf1eebcac81380e8108bGentoo Linux Security Advisory GLSA 200704-17 - The 3proxy development team reported a buffer overflow in the logurl() function when processing overly long requests. Versions less than 0.5.3h are affected.
2c6d042f3528205cda3e8b222a826c500151c9492d5de3f074bd1c0575d7b700Gentoo Linux Security Advisory GLSA 200704-16 - Jonathan So reported that the airodump-ng module does not correctly check the size of 802.11 authentication packets before copying them into a buffer. Versions less than 0.7-r2 are affected.
b7b2c525823a088adbdfa259f5bb2c9503054d11e9552ef2320c662198bc2f4dbibtex mase beta version 2.0 is susceptible to a remote file inclusion vulnerability.
915fe7d848b538da54bed1648765407848f38fdae96705a5b6d9c1b445fd70e4File117 is susceptible to a remote file inclusion vulnerability.
0acaa4f7b78a0d84c7f2e1e106c96e169c10ccc76746074683850972acf11150EsForum version 3.0 is susceptible to a SQL injection vulnerability.
29bb5a908882789794688a6fa64de3fe6e8769aea9d8b869faa4e5d8cdbe4036c-arbre is susceptible to a remote file inclusion vulnerability.
8166071a15de6569e2209e034633576b370c5bd8e7f70a09f16e1f716e31a531
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed