CERT Advisory CA-2002-14 - A remotely exploitable buffer overflow in Macromedia JRun v3.0 and 3.1 when running with IIS 4 or 5 allows remote attackers to execute code with SYSTEM privileges. According to Macromedia, JRun is deployed at over 10,000 organizations worldwide.
cee2fc10d87afb680259c6f67e016f6345d10f40911ebac451a3ef50ee172dd7Syscall Tracker is a very powerful tool for Linux 2.2 and 2.4 which allows you to write rules to track system calls. It includes a kernel module plus a userspace applications. Currently only logging the invocation is supported, but in the future, you will be able to fail the system call (i.e. force it to return some error code), or suspend the process executing it. Allows you find out info that is hard to find, for instance to determine which process touched a certain file.
3c662bd4b93a91c6be40a21fe63190ffe5e64e9a9a64d6002b2c872c579a39b1A directory traversal vulnerability found in Shambala v4.5 can lead to the disclosure of files that are stored outside the served directories. More info on this bug available here.
792ce8a4307b49251659094a08eb30bb916bc5d232a44e48c27fb7fa5360260fMandrake Linux security advisory MDKSA-2002:037-1 - ISC DHCPD in its version 3 introduced new dns-update features. ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack, while reporting the result of a dns-update request.
42232836f0d3fb1ef90a2677417ea2433081cd0f3beee7cf19875a6a8511d9c2Caldera Security Advisory CSSA-2002-SCO.23 - A vulnerability found in the Open UNIX and UnixWare FTP daemon can allow remote attackers to hijack passive FTP data connections.
2ba86861d069c9bc17521caaefcb7ca1c5ad9ae7377ab0c78f4293019c0c4363Mandrake Linux security advisory MDKSA-2002:034 - A remote overflow found in the WU-IMAP daemon v2001a and below affects Mandrake 7.1, 7.2, 8.1, 8.2 and Corporate Server 1.0.1.
ccb9e4f0cf15f78cf499d5204b26c83fea31cfd471f6bf7d99bdaded7df24b9eConectiva Security Advisory CLA-2002:490 - Several vulnerabilities were found in the Mozilla package v1.0rc1 which allows hostile web sites to read and list local files. The vulnerability was related to the XMLHTTP, a component that is primarily used for retrieving XML documents from a web server. Fixed packages have now been released for Conectiva Linux 6.0, 7.0, and 8.
c7bcc06f713f54cc826c79b1c5b09093f8a35b0ee1fae86fccaad9566107e1f1Safemode Security Advisory SRT2002-04-31-1159 - Several local and remote overflows have been found in the Mnews package v1.22 and below.
34e50c77bf1364ae80884b5a9c0e02f0f32770926beb9492611db880bf70ab98Red Hat Security Advisory RHSA-2002:084-17 - A format string vulnerability found in the pam_ldap module affected Red Hat versions 6.2, 7.0, 7.1,7.2, and 7.3. Red Hat released fixed packages that can be used to counter this vulnerability.
fc2c689b4513509af1f8a5e7f2046d6dea50643ccac8e23b7cebe0b1fd61ab30A vulnerability in the Xandros Linux autorun utility can be used to disclose parts of protected files such as /etc/shadow.
82784ea64ae0545645c2ce9fc64d6aed90906eec891e5e934434f6621cad4670Packet Storm new exploits for May, 2002.
8650725205a461908be4ba21749215d0a22d1bab51a9b3c9b8df1f4bada63029Xinetd backdoor.
dee84d089e45597a9c2a27792c04cb8fa64bf053b8299baa9691b1eaf689e153
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed