Mandriva Linux Security Advisory - A problem with the way xscreensaver verifies user passwords was discovered by Alex Yamauchi. When a system is using remote authentication (i.e. LDAP) for logins, a local attacker able to cause a network outage on the system could cause xscreensaver to crash, which would unlock the screen.
bd6ea4fe888f2d8f67328e5e2797f47bb793f3c6aaf724d821bc118d19df96ceA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Rendezvous / XMPP (Extensible Messaging and Presence Protocol) messaging subsystem. Trillian locates nearby users through the '_presence' mDNS (multicast DNS) service on UDP port 5353. Once a user is registered through mDNS, messaging is accomplished via XMPP over TCP port 5298.
2fbe961a03444391b1fc35b9482c4017e92353628e9ec1605fa9996224f7441bA vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Tivoli Provisioning Manager for OS Deployment. Authentication is not required to exploit this vulnerability. The specific flaws exist in the handling of HTTP requests to the rembo.exe service listening on TCP port 8080. Several components of an HTTP request can be modified to trigger buffer overflows. For example, by supplying an overly long filename an attacker is able to overflow a 150 byte stack buffer and subsequently execute arbitrary code.
f65866c78f7bb498f38dd97caeb0ed17fc84a6714768fecf96aa9e304bd1c62eMandriva Linux Security Advisory - The BGP routing daemon in Quagga did not properly validate length values in NLRI attributes which could allow a remote attacker to cause a denial of service via a crafted UPDATE message that triggered an assertion error or out of bounds read.
751730867882a5c9d6a763a58a6b0a8973c8c346b2b6fea2b84b9e097baff778Debian Security Advisory 1286-1 - Several local and remote vulnerabilities have been discovered in the Linux 2.6 kernel that may lead to a denial of service or the execution of arbitrary code.
72ace028690c1ac846278f5e7f4d5d52a2d53a4f7e398bf44dfa8822b2a5e465iDefense Security Advisory 05.02.07 - Remote exploitation of a heap overflow vulnerability within LiveData's Protocol Server could allow an attacker to cause the service to crash or potentially execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in LiveData Protocol Server version 5.00.045 which was the current release as of September 13th 2006.
d2168fc5f09b9336d21e4398c99c6b284bf69b052840d5fa6156063914825764Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco Adaptive Security Appliance (ASA) and PIX security appliances. These vulnerabilities include two Lightweight Directory Access Protocol (LDAP) authentication bypass vulnerabilities and two denial of service (DoS) vulnerabilities.
938b16270987c9949389c0f5f59abe21ef4c478ccd6f2b976da7d85360cd4f56MailCopa is susceptible to an arbitrary code execution vulnerability.
50dce7d02353605899b2977d154541cb034851dcbfbfb59fd3445cf88d6b443aUbuntu Security Notice 456-1 - A really old denial of service issue with net-snmp has finally been fixed.
125fdfb43df19722f1ab66d2c154cbb6495fd4ae38d1e6b3b9352c02f61f4b12Gentoo Linux Security Advisory GLSA 200705-05 - The Quagga development team reported a vulnerability in the BGP routing daemon when processing NLRI attributes inside UPDATE messages. Versions less than 0.98.6-r2 are affected.
6a607378c17401310a4268154ac4c1cd8b508e5d326576bb411a8c6602ac212bGentoo Linux Security Advisory GLSA 200705-04 - Alex Solvey discovered that the path_info variable used in file RegistryCooker.pm (mod_perl 2.x) or file PerlRun.pm (mod_perl 1.x), is not properly escaped before being processed. Versions less than 1.30 are affected.
9e5a6dcdbd9b47cf10b752a5cf947783beb13a0c3c7d1e64f9432dc44e3893bbCMS Made Simple version 1.05 is susceptible to a SQL injection vulnerability.
e738af64f8d980e5b68b264308728a14da5a690aba0b0207f657b9c11a441998WOOT '07 Call For Papers - The First USENIX Workshop on Offensive Technologies (WOOT) will be held August 6, 2007 in Boston, MA, USA.
3629d47e087f7256727ca7e5600e1144b8d83649cc6fe4487b1108deef981177AtomixMP3 is susceptible to a buffer overflow condition. Advisory and proof of concept exploit included.
4e57cf5f8d570dea7dc7efbc57cb118f037eae3d6e69307c5c66cd35b870e19cMandriva Linux Security Advisory - A directory traversal vulnerability was found in KTorrent prior to 2.1.2, due to an incomplete fix for a prior directory traversal vulnerability that was corrected in version 2.1.2. Previously, KTorrent would only check for the string .., which could permit strings such as ../.
95e6acfad66c7d3960aa609df736b5c6c92cfe0c12dae9aefc472859674d3a16A vulnerability allows attackers to execute arbitrary code on systems with vulnerable installations of Apple's QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
ba713c314baf1496080cf8a7f18d2fc09ea9f48434abc1007d75e1a4358968f5Gentoo Linux Security Advisory GLSA 200705-03 - Tomcat allows special characters like slash, backslash or URL-encoded backslash as a separator, while Apache does not. Versions less than 5.5.22 are affected.
af5ff8f4aba2e8e66a38f61809dad3fef6df6019b9e4b4050eaf522de529babcGentoo Linux Security Advisory GLSA 200705-02 - Greg MacManus of iDefense Labs has discovered an integer overflow in the function bdfReadCharacters() when parsing BDF fonts. Versions less than 2.1.10-r3 are affected.
b8b78c0b16839c9d9ee86e8b2030072f94aa9dffa92ae1fd77a6499c2192ef60Gentoo Linux Security Advisory GLSA 200705-01 - Bryan Burns of Juniper Networks discovered a vulnerability in chunkcounter.cpp when processing large or negative idx values, and a directory traversal vulnerability in torrent.cpp. Versions less than 2.1.3 are affected.
b57efc215d1526e13a88dad0980b79388b365f50a3326ebe8a381ad5c7ef0948Debian Security Advisory 1285-1 - WordPress versions 2.1.2 and below suffer from cross site scripting and SQL injection vulnerabilities.
a98a6076e468434c9252d39dd5d954bd709dea42a7ef308569745adce9f4a38dYate version 1.1.0 suffers from a denial of service vulnerability due to a null pointer reference.
bf971e0d8192dbc7b4a1f344f636029f44bae424d1afdfc4430a2a296f1f7ee1iDefense Security Advisory 04.30.07 - Remote exploitation of multiple vulnerabilities in the Internet Relay Chat (IRC) module of Cerulean Studios' Trillian could allow for the interception of private conversations or execution of code as the currently logged on user. When handling long CTCP PING messages containing UTF-8 characters, it is possible to cause the Trillian IRC client to return a malformed response to the server. This malformed response is truncated and is missing the terminating newline character. This could allow the next line sent to the server to be improperly sent to an attacker. When a user highlights a URL in an IRC message window Trillian copies the data to an internal buffer. If the URL contains a long string of UTF-8 characters, it is possible to overflow a heap based buffer corrupting memory in a way that could allow for code execution. A heap overflow can be triggered remotely when the Trillian IRC module receives a message that contains a font face HTML tag with the face attribute set to a long UTF-8 string. iDefense has confirmed the existence of this vulnerability in Cerulean Studios Trillian 3.1.
52ff569f01cf668cdc9ed199dd0dfde4c56ca3d899c956a30770ee3961bca59cZoneAlarm 6 insufficiently protects the \Device\vsdatant driver from manipulation by malicious applications.
655d93d220df07a7674c237d2624e5f29d3aa3437c307a52a5e3e13a794493f6Debian Security Advisory 1284-1 - Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service.
f124a37a9317e0c8bf7a05197fcbf8c27cfaf939d12fd5f7217c496efe0fc02aE-Annu is susceptible to a SQL injection vulnerability in home.php.
9ca3b07db9f6299c7ab271ec4288ab4317b9c88efea943748f367f9d19ff0f4c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed