Ubuntu Security Notice USN-802-1 - It was discovered that mod_proxy_http did not properly handle a large amount of streamed data when used as a reverse proxy. A remote attacker could exploit this and cause a denial of service via memory resource consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. It was discovered that mod_deflate did not abort compressing large files when the connection was closed. A remote attacker could exploit this and cause a denial of service via CPU resource consumption.
25501b4d25ab339dc83e00431f8456774abbafa2cdfb4b9a42421a7af1c61253Ubuntu Security Notice USN-801-1 - Tielei Wang and Tom Lane discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, an attacker could execute arbitrary code with the privileges of the user invoking the program.
fbebd80ad0fa9ea3d1e1115edd08f092c3087a2125a9d4d8fdd3d7c74650ceabUbuntu Security Notice USN-800-1 - It was discovered that irssi did not properly check the length of strings when processing WALLOPS messages. If a user connected to an IRC network where an attacker had IRC operator privileges, a remote attacker could cause a denial of service.
ce7ca2131dc12e95e9d15b67ec28bb2d3a6383d3f2426257dc2492d554505fddUbuntu Security Notice USN-799-1 - It was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies.
d478213a621a4417020bea1db18714e63d38cad8b46e524f8b76b5e337178424Local denial of service kernel panic exploit for FreeBSD versions 6 and 8 that takes advantage of the ata device.
0d0bc3bb1d78ccd24a5e499aaa69c2a6845c58b7800175a57622b9e9bffb949aMandriva Linux Security Advisory 2009-150 - Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. Fix several places in tiff2rgba and rgb2ycbcr that were being careless about possible integer overflow in calculation of buffer sizes. This update provides fixes for these vulnerabilities.
10574ff24efb8275b0d6a98f173fd59b823216304e43547bd800fc89a9846c46ScITE Editor version 1.2 denial of service proof of concept exploit that creates a malicious .rb file.
a0d8632ea802dcccf10e41933e1086fe69d8e106caabbec2af26471f7205825dFotoFlexer suffers from a remote shell upload vulnerability.
2e7684ea72a9ae0a66accdb7debe1782f76a6c72a191fd4780be3ae2968ae1a2HP Security Bulletin - Potential security vulnerabilities have been identified with HP ProCurve Threat Management Services zl Module (J9155A). These vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS).
578c541ffa117e6c9bebb84fdf15f5e8f7cb698546412b505fd33d4e70135d24Tandberg MXP F7.0 remote buffer overflow proof of concept exploit.
8c5571392075d43859baeceec35dfcd3eee7145ccde1a497c903a2290fb0efc1The libtiff image library tools suffer from integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The libtiff package ships a library, for reading and writing TIFF, as well as a small collection of tools for manipulating TIFF images. The cvt_whole_image function used in the tiff2rgba tool and the tiffcvt function used in the rgb2ycbcr tool do not properly validate the width and height of the image. Specific TIFF images with large width and height can be crafted to trigger the vulnerability.
9e9c7deaec9dd58d4d77399f154f17a206dba8d37ca5edc54e61b7f12217a6adHTMLDOC versions 1.8.2 and below proof of concept buffer overflow exploit that creates a malicious .html file.
e496cc7b934ed1158b2c285007f8a12e720369a1e86102989cc2c33d5de49b9fVMware Security Advisory - A vulnerability in the udev program did not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. Sudo versions 1.6.9p17 through 1.6.9p19 do not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which might allow local users to leverage an applicable sudoers file and gain root privileges by using a sudo command. The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to trigger arbitrary requests to intranet servers, read or overwrite arbitrary files by using a redirect to a file: URL, or execute arbitrary commands by using a redirect to an scp: URL.
759e7d969ae9dbcf95da34e7d98cb345a45a4ba05ec0e0d5f59318f5305afec4Gentoo Linux Security Advisory GLSA 200907-11 - Multiple vulnerabilities in multiple GStreamer plug-ins might allow for the execution of arbitrary code. Versions less than 0.10.14 are affected.
65f2ad848313d3757203dc621dcf67f90a500f586c6f01936864f1b497f45c65Gentoo Linux Security Advisory GLSA 200907-10 - Syslog-ng does not properly initialize its chroot jail allowing for an escape if a separate vulnerability in Syslog-ng is exploited. Florian Grandel reported that Syslog-ng does not call chdir() before chroot() which leads to an inherited file descriptor to the current working directory. Versions less than 2.1.3 are affected.
a12d30f8b2b58d0c2927518d29fd96a238b9ec37c9ba01e1ee3aff0512e66939The Joomla Category component version 1.0.12 suffers from a remote SQL injection vulnerability.
fd84c5fa70fc0f9cc07ab759b15c9a242982c35dc3f60a1141f4582b01ad107dBotan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
835fd3b204cc6132e21a0af5534857dd96cd4346d1c004091fb303ac6dcb96f0d.net CMS suffers from arbitrary reinstall and blind SQL injection vulnerabilities.
ce57f5352ad11459ea690fa11e0cf646f43aebba735a6d242ad9e5bedb9e8f18GLinks version 2.1 suffers from a remote blind SQL injection vulnerability.
af77b102254a57379e550998c110d1eca26bc2192cff6b600d2e9c77fec5bd2aThe login screen of the LogRover web interface is vulnerable to a SQL Injection which can allow remote attackers to login to the system via an authentication bypass. Version 2.3 for Windows XP is affected.
b832d3ca0b87a2af8dbee8aa316223db6c183bd4783e1738021a348e20ff5c31Gentoo Linux Security Advisory GLSA 200907-09 - A buffer overflow in Cyrus-SASL might allow for the execution of arbitrary code in applications or daemons that authenticate using SASL. James Ralston reported that in certain situations, Cyrus-SASL does not properly terminate strings which can result in buffer overflows when performing Base64 encoding. Versions less than 2.1.23 are affected.
143ce1e9a85916bd0eefb3aa9a59c9aa4178d0d8f74c6dc29160ea68153dc8b7Gentoo Linux Security Advisory GLSA 200907-08 - An integer overflow in multiple Ralink wireless drivers might lead to the execution of arbitrary code with elevated privileges. Aviv reported an integer overflow in multiple Ralink wireless card drivers when processing a probe request packet with a long SSID, possibly related to an integer signedness error. Versions less than or equal to 1.2.2_beta3 are affected.
2e7493dd76114d4fcaa47058d23d79edac292eb52d3b93944dfcc70dcfe7f34cCensura version 1.16.04 suffers from cross site scripting and blind SQL injection vulnerabilities.
7b8ec007207c363e6bf64ec525ffee94aa1fa0036903f720729c09915fa66152Ksplice is practical technology for updating the Linux kernel without rebooting. It enables you to avoid the disruptive process of rebooting for kernel security updates and bugfixes. By making it easy to keep your systems up to date, Ksplice helps you avoid the security and stability risks of running out-of-date software.
65cec28e8cf413d85d5b7efea08fe890360567b4f51b8cb81b137dd67f174862Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python.
6a8cab4c0b7a8b786d72af3519a92018b6f897985092d96814a50784d0f9a073
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed