DeleGate versions 8.9.2 and below have a remotely exploitable buffer overflow vulnerability that exists in the SSLway filter.
af459a2b5ac1aeeb978fc864bdf2c67dc74606237fb7e1a493d1e9c3ea733a63PHP-Nuke version 6.x through 7.2 suffer from various SQL injection and cross site scripting vulnerabilities.
ad379be5f5c68b56e0ab441f91d7a6268421e39c8a16990e45fab5dbff03f558Two stack based buffer overflows exist in Exim 3.35. Both bugs need features enabled and are not in the default configuration. Proof of concept exploitation given.
353e702b40c92a2c6f894d544e776cf46bb65be439d7576759dac932b6645004The Microsoft Active Server Pages (ASP) engine does not properly handle special cookie values when they are retrieved. Because of this, an unhandled error is returned to the client. This behavior can be used maliciously to gather sensitive information from web applications. All Microsoft Internet Information Server (IIS) web applications using Active Server Pages (ASP) are affected.
219594d6344f26a93e4767585c0c158ebb409b44abf565c8eeabc7209a00c60cKolab server version 1.x suffers from an information disclosure vulnerability where it stores the OpenLDAP root password in clear text in slapd.conf.
5577b500fe7d4fa497685539c4065b07d95e2f424467819fb801504690524b83SMF version 1.0 Beta 5 public is susceptible to a script injection vulnerability. This company used to produce YaBB SE.
e736457eeb8aafb46103798872b48e1a7e58d0fe8c0825054e41c0e3017ab7a0Fuse Talk version 4.0 has various flaws that would enable a remote attacker to ban users and the possibility of tricking an administrator into adding accounts for them. It is also susceptible to various cross site scripting issues.
0c7f319978492b72b5e525abd241b7e17abd784f0cec34b4edb16eccce6acd13P4DB versions 2.01 and below suffer from a lack of proper user input validation that allows for remote arbitrary command execution. Some cross site scripting flaws also exist.
6390622a21f3e54ee10bb6c049b0b2bcc002303a14516a83f160e7e29e1f2279Heimdal releases prior to 0.6.2 with kadmind version4 have been found vulnerable to a remote pre-auth heap overflow.
e9904e864457a433ac51672c12211c9ea2fc1e1a4bccf613bd089f2a6f702889MyWeb version 3.3 is susceptible to a buffer overflow attack when a specifically crafted HTTP GET request which contains over 4096 bytes of data is sent to the server.
8c6ae777b6a360a4f96a220dd57b6374108d8a4834630ebc996a37fed98c9050A security vulnerability exists in South River Technologies' Titan FTP Server. An attacker issuing a LIST command and disconnecting before the LIST command had the time to connect, will cause the program to try and access an invalid socket. This results in the FTP service crashing. Version affected: 3.01 build 163.
fb3ef6076a6e79f2243e64e12aba03fa357bda221b1e27fdd0e0eb401cb48a53Verity Ultraseek versions 5.2.1 and below suffer from a path disclosure vulnerability.
7d453bcafb1e5f1d30de0877909326e0a78a7f4796780b0c8aa184c41961b2cdAppfoundry Message Foundry version 2.75.0003 is susceptible to a denial of service attack when an HTTP GET request for /com1 is passed to the server.
6fa96862a7762879110943f732fe540c79262e37ea1324de738b481659707844Local root exploit for sendmail versions 8.12.9 and below that makes use of the prescan function vulnerability originally discovered by Michal Zalewski back in September.
6b92118a7fe3130fa6ec45d888da04dc8d72dfd1264fed483ce66005c203ca9dPHPX versions 3.2.6 and below have cross site scripting, path disclosure and arbitrary command execution vulnerabilities. Full exploitation given.
721b697fe7688e4f5cd82bffa98fa28968a6f5bafa7c37047140619bc081fa19Hilarious take on how Red Hat is changing over to Fedora and letting the community know how things will work in general.
b7d261ead6f578271a830821c653ce6481f4f3bcd9c311c3af6c608b1ede7911Atstake Security Advisory A050304-1 - The AppleFileServer provides Apple Filing Protocol (AFP) services for both Mac OS X and Mac OS X server. AFP is a protocol used to remotely mount drives, similar to NFS or SMB/CIFS. There is a pre-authentication, remotely exploitable stack buffer overflow that allows an attacker to obtain administrative privileges and execute commands as root. Versions affected are Mac OS X 10.3.3, 10.3.2, and 10.2.8.
d0a99458eaeba41776f013f6acd2684183376fa3765005d3b0854d047a21d569
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed