NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
d7921610a1c045c8557dd0c719ad17b1d94b9c5e227409d9e07e53621c7025d8Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a boundary error when parsing embedded fonts. This can be exploited to cause a heap-based buffer overflow via a specially crafted Shockwave file. Successful exploitation may allow execution of arbitrary code. Version 11.5.6.606 is affected.
c0df90ba22d702d5895e0e567d8b513727f5c0fb8f18fea09ecb1d9b6df3de7bSecunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error when processing asset entries and can be exploited to corrupt memory via a specially crafted Shockwave file. Successful exploitation may allow execution of arbitrary code. Version 11.5.6.606 is affected.
fd7ee053649f29172199e1a95030011594179adc1655c800f9830c93e76ae257Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an integer overflow error when processing Shockwave files. This can be exploited to corrupt memory when a specially crafted Shockwave file (e.g. ".dir") is opened. Successful exploitation may allow execution of arbitrary code. Version 11.5.6.606 is affected.
b5ce1892a860a21e337e443c62011c129dda014f2c804f59309422383732a762Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an array indexing error when processing Shockwave files. This can be exploited to corrupt memory when a specially crafted Shockwave file (e.g. ".dir") is opened. Successful exploitation may allow execution of arbitrary code. Version 11.5.6.606 is affected.
aaccf5333966fa257d1abf65746a2b24762c1eea4ffaf39c72989322d81409fdSecunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a signedness error when processing Shockwave files. This can be exploited to corrupt memory when a specially crafted Shockwave file (e.g. ".dir") is opened. Successful exploitation may allow execution of arbitrary code. Version 11.5.6.606 is affected.
0de19e3ef14663cc00a96c258b363f1f0f8271752f2f8f61678d437370f2d5b8Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when processing FFFFFF45h Shockwave 3D blocks. This can be exploited to corrupt memory via a specially crafted Shockwave file. Successful exploitation allows execution of arbitrary code. Version 11.5.6.606 is affected.
15a8dfe7974507aed2ca880478d7e11000be879f68bd99e4424659fe3687ca8aTwo vulnerabilities were discovered within in the Samba Smbd daemon which allow an attacker to trigger a null pointer dereference or an uninitialized variable read by sending a specific 'Sessions Setup AndX' query. Successful exploitation of these issues will result in a denial of service. Versions 3.4.7 and below and 3.5.1 and below are affected.
966a849f6f0bbe77647f785e18d732c6cf90fc1d9ef2d25203e0af89f41f2e05The Joomla Custom PHP Pages component suffers from a local file inclusion vulnerability.
37fd7f99dcb7450f65f3206615ec7dc1c407e8e4212cb9622005d447b02cd167iDefense Security Advisory 05.11.10 - Remote exploitation of a heap memory indexing vulnerability in Adobe Systems Inc.'s Shockwave Player could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability takes place during the processing of a certain malformed file. A function calculates an offset to be used within a memory mapped file and returns the offset value. The return value is not checked. This can lead to a condition where an attacker is able to overwrite memory outside the bounds of the allocated memory map. iDefense has confirmed the existence of this vulnerability in the latest version of Shockwave Player at the time of testing, version 11.5.6r606. Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh are vulnerable.
d94b185f92bdc137032a8bcdd7bb769637e8dacb78286c282baa5d43828cc72bEvents Manager Wordpress plugin versions 2.1 and below suffer from a remote blind SQL injection vulnerability.
49ee90956f2a053ee664c6466f6d91586a585c8f4d3d2848c19b3094882dd546The Cumulus widget for BlogEngine.net suffers from a cross site scripting vulnerability.
f9f2fb842980a1cbf6534317e4ac7e6639652b99bf6fdca510dfa960ec0a923fDebian Linux Security Advisory 2045-1 - Bob Clary, Dan Kaminsky and David Keeler discovered that in libtheora, a video library part of the Ogg project, several flaws allow allow context-dependent attackers via a large and specially crafted media file, to cause a denial of service (crash of the player using this library), and possibly arbitrary code execution.
fa35d975d28eaad266cdb2a8f03dc6bb1b4d40ed95aa95d20e92299281e0d163Code Audit Labs has discovered a vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used during a memory dereference a possible 4-byte memory overwrite may occur. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.
a0f77eecd2a1403c980cb9c466c4691d6c105d645ef19b2d595726c654d1d978Code Audit Labs has discovered a vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used extern to signed integer. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.
cf8e78b21a4eb4ac23bd52a6d488b0cc6e64d0a9c2ab1359260c09254c4e44f0Code Audit Labs has discovered a vulnerability on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. Exploitation can lead to remote system high cpu load (infinite loop).
0a144e4f9c1a09ee66a7a07dc51e8d46f392d77a7ee37b73e6d6eb2a5343baffZervit version 0.4 suffers from a directory traversal vulnerability.
7c1ca6fe84c4de2aa716b107c41d848c7e69aa998fa8938b2484e801aeeb0a1cGhostscript suffers from code execution and stack overflow vulnerabilities.
3ae78b80a2f029d3507689c46f8386059dca772b84fc5bee89098e5fb38a420bShockwave Player versions 11.5.6.606 and below from Adobe suffer from memory consumption / corruption and buffer overflow vulnerabilities that can aid the attacker in causing a denial of service scenario and arbitrary code execution. The vulnerable software fails to sanitize user input when processing .dir files resulting in a crash and overwrite of a few memory registers.
8ec4df5f63f6cfd2422941ca53290e7e3b28c5e09824a064172cf191aa1bea88Zero Day Initiative Advisory 10-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing Director files. When the application parses the pami RIFF chunk, it trusts an offset value and seeks into the file data. If provided with signed values in the data at the given offset, the process can be made to incorrectly calculate a pointer and operate on the data at it's location. This can be abused by an attacker to execute arbitrary code under the context of the user running the browser.
b0f3e98e0013cb6764a4bb4e0ad867ded078f4a857a2b0f9b74785a7f0adfd8fZero Day Initiative Advisory 10-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the code responsible for parsing 3D objects defined inside Director files. An undocumented 4-byte field within record type 0xFFFFFF49 can be modified to cause corruption of heap memory. This corruption can be used to modify function pointers and achieve code execution.
5e8e6aca52cd9ed7563236913285f6f64f77388220a08ca6e191ad9106f6dc26Apple Safari version 4.0.5 parent.close() memory corruption code execution exploit.
ec04bbdd890c422fd0bf99cfa6580ba3c2940087c9f7ba1dbbb3e82ee2f42968724CMS Enterprise version 4.59 suffers from a local file inclusion vulnerability.
0eae52b395b389ce17db83940bc719f6ccd308c8deb409c11ac294a7001ba1b5Zero Day Initiative Advisory 10-087 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required in that a target visit a malicious website. The specific flaw exists within the code responsible for parsing Director files. The vulnerable function is exported as an ordinal from the iml32.dll module. Ordinal 1409 trusts a value from the file as an offset and updates pointers accordingly. By crafting a large enough value and seeking the file pointer past the end of a buffer this can be abused to corrupt heap memory. An attacker can abuse this to execute arbitrary code under the context of the user running the browser.
548c4ae30db5628a899d255cd9bcf59d4725bf60d8ac176ba248fdd5c8a1f82aCall For Papers for the 6th edition of the Ekoparty Security Conference being held from September 13th through the 15th, 2010, in Buenos Aires City, Argentina.
cfab5c9373d59f0a2818f8c55a1bc0a38dd1ac71c43c8c756251bfd0a79d669c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed