Vim versions 7.0 through 7.2c.002 suffer from unfixed vulnerabilities in Tar plugin version 20.
8d2656b1d8ef0e29912ed8a10e520a3493d5bf180a29d0ed2cf3d359eed82a0cVim versions below 7.2c.002 and above 7.0 suffer from a vulnerability that allows for potential arbitrary code execution when handling tar archives.
a9486b21729eee59d2a535ec6d0b54386cb2d2c87ea8c15b6e5de7aca2ccb936Various OpenID Providers (OPs) have TLS server certificates that use weak keys as a result of the Debian predictable random number generator vulnerability.
4ddd04a36c9b48f9c80e6563aa1fa71fc5a92fd3361f08a3b4f6e658063a2112e107 versions 0.7.11 and below suffer from an arbitrary variable overwriting vulnerability.
cb23f42f17ee87ada053dfc819ffddd713c4852b3de3a083e644c48a3dbea3e2Secunia Security Advisory - Fedora has issued an update for libxslt. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
7574bdad2ef296fc166c847183c62577e5b0943d445396a86abddf5382bf7e94Secunia Security Advisory - Fedora has issued an update for httpd. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
73e10972975c9cb304b0bcaeee741eccc9eaa5c2b3f53d32c8e81dfac6b735b4This whitepaper details a way of making DNS cache poisoning / response spoofing attacks more reliable. A caching server will store any NS delegation RRs if it receives a delegation which is "closer" to the answer than the nameservers it already knows. By spoofing replies that contain a delegation for a single node, the nameserver will eventually cache the delegation when we hit the right transfer id.
abbfbe58cec35345e772a4e4a619f470fd28ce8a650d46a2ece0e7973192ec4cLinkspider version 1.08 suffers from a remote file inclusion vulnerability.
51828669489198e3979f8d74803897462b14d45e25be12672b3d1dd200936ef8The finger service in OpenVMS suffers from a stack overflow vulnerability.
393fdae2c7316eed51cd6c4e905ba9e53bae60629db8e31e5537a5320f7ba91bDenial of service proof of concept exploits for Halo: Combat Evolved versions 1.0.7.0615 and below which suffer from endless loop and resource consumption vulnerabilities.
e6a06c267bf5dc284b5805fb4e206dfdb5d85473755dc55f0d0cc676cbad1722Halo: Combat Evolved versions 1.0.7.0615 and below suffer from endless loop and resource consumption vulnerabilities.
053465b82a50378a5079d59cc82e0d967adfac8a332fa08bf2b4d5404ad96aafp0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.
b1b3a50167e875ae8a49b1069e893267ee5dd2ab3c6ef6b733760e63b4bdc904iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.
ac4e695caef5952318c8fbb63daaf776f00d93fb8d46d612c8908b8e98ffa133Gentoo Linux Security Advisory GLSA 200808-09 - Cameron Hotchkies discovered an error within the parsing of ASN.1 BER encoded packets in the ber_get_next() function in libraries/liblber/io.c. Versions less than 2.3.43 are affected.
1f4168b40dfa4fef8ab399ecfb21e6e13e842ce6e17a8cebff30ea1fab76bfe7Gentoo Linux Security Advisory GLSA 200808-08 - An unspecified bug in the OCSP search functionality of stunnel has been discovered. Versions less than 4.24 are affected.
a473ced32f0857429b8e783cad0e41b31cd8299fb24ca6bfa7c4729104e743f1Gentoo Linux Security Advisory GLSA 200808-07 - Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Versions less than 0.93.3 are affected.
72e5ff72652f3e908577cc6bcfb0e2b935ef32a1138deaa2c92eaaa5dc59473btxtSQL version 2.2 Final suffers from a remote file inclusion vulnerability.
274923712042cbe88490fb4189bf4e8e053ce84648f792d01e14313dfce386f5Mandriva Linux Security Advisory - Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules. Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems. Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption. The updated packages have been patched to correct these issues. As well, Python packages on Corporate Server 4 have been updated to the latest version 2.4.5.
7dc4bf08958120be9ebfa5a253d3225fede65d00fa94562dac3b315b2ecf3cbcMandriva Linux Security Advisory - Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules. reported an integer overflow in the hashlib module on Python 2.5 that lead to unreliable cryptographic digest results. Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems. Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption. The updated packages have been patched to correct these issues. As well, Python packages on Mandriva Linux 2007.1 and 2008.0 have been updated to version 2.5.2. Due to slight packaging changes on Mandriva Linux 2007.1, a new package is available (tkinter-apps) that contains binary files (such as /usr/bin/idle) that were previously in the tkinter package.
9a50d43050213b8aac716a2a7270d520a3c43c10e5bec3a1910ee71cf69067abMandriva Linux Security Advisory - Multiple vulnerabilities have been found in Qemu. Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to attempting to mark non-existent regions as dirty, aka the bitblt heap overflow. Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 receive integer signedness error. QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction. QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by aam 0x0, which triggers a divide-by-zero error. The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 mtu heap overflow. Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the net socket listen option, aka QEMU net socket heap overflow. QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an overflow, via certain Windows executable programs, as demonstrated by qemu-dos.com. Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. Changing removable media in QEMU could trigger a bug similar to CVE-2008-2004, which would allow local guest users to read arbitrary files on the host by modifying the header of the image to identify a different format. the -usbdevice option. The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted. The updated packages have been patched to fix these issues.
3380ae58913127c7fb6ccbd1450908ff88b2015b5cb9a5bc0c75e03a81cde85eGallery version 1.5.7 and 1.6-alpha3 suffer from a local file inclusion vulnerability.
ebb3687b57b82586a67f94319d168fb825fb1e5e7b36ec847729ac16fc9aced6Mandriva Linux Security Advisory - A vulnerability in rxvt allowed it to open a terminal on :0 if the environment variable was not set, which could be used by a local user to hijack X11 connections. The updated packages have been patched to correct this issue.
e60f27b0775d9c012b721d0ab173af4f74bc20df9f23fe93dd15ac0af121939fSecunia Security Advisory - Ghost Hacker has discovered a vulnerability in csphonebook, which can be exploited by malicious people to conduct cross-site scripting attacks.
fec76cf5c2afb61ef238ec9156854a8f9357df0d05bf816264e414f86feac12dSecunia Security Advisory - Some vulnerabilities have been reported in Contenido, which can be exploited by malicious people to compromise a vulnerable system.
b6af12ba6d45c053dd2ab0e03ef0b58d23ce59e966c0ef9a4a3353db2d666cf8Secunia Security Advisory - lvlr-Erfan has discovered a vulnerability in Free Hosting Manager, which can be exploited by malicious people to bypass certain security restrictions.
14f42f96991c3ad7dd241bbe2902f46061f8c670c28b566bb18380c1b51f95ce
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed