Secunia Security Advisory - A vulnerability has been reported in Namazu, which can be exploited by malicious people to conduct cross-site scripting attacks.
a625c0b9f46afe3f1ca83c83c8721d8899df7282bf3c3072372f4d591e43f89bUbuntu Security Notice USN-44-1 - A race condition and possible information leak has been discovered in Perl's File::Path::rmtree(). This function changes the permission of files and directories before removing them to avoid problems with wrong permissions. However, they were made readable and writable not only for the owner, but for the entire world, which opened a race condition and a possible information leak (if the actual removal of a file/directory failed for some reason).
bab695d09e76838888e95d779f68cdd4e972ff241d2834061b2bd608eb47437cSecunia Research has discovered a vulnerability in My Firewall Plus, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Smc.exe process invoking the help functionality with SYSTEM privileges. This can be exploited to execute arbitrary programs on a system with escalated privileges.
85323ae425e47da08beea66a0a16908505ca64951280ffd2c4c34781b5cfdaecXprobe2 is a remote active operating system fingerprinting tool. Xprobe2 uses advanced techniques, such as the usage of fuzzy logic to match fingerprinting results with the tool's signature database and unique fingerprinting methods to provide accurate results.
a7c860e4e8a3594085cb1bdd36e217130c0b305b4b86ba63af7e86675be16fc9Ethereal Security Advisory Enpa-sa-00016 - Multiple vulnerabilities in Ethereal versions 0.9.0 to 0.10.7 have been discovered that all result in denial of service outcomes.
26706ece0901143aea3dd1b50abd9335a2d455edeacc2dbfcee2666f1f8ce72be_Board version 4.0 is susceptible to a directory traversal attack.
49d8fea77c51cbb9c27281fce5a2c3752fd4ca40015f0bcfc4732b0dc78b8891IBOD 1.5.0 and below local proof of concept buffer overflow exploit.
9a604874ed4c3a5442bb00dbf27ccce5d305c9bfed784c062e3cd4b3737e97fbPerl script exploit extracted from the phpBB worm. This code attempts to deface htmls found on a target machine and attempts to use google to find more machines to attack.
edf382ee4d44601d99afea7f3daf8a668b6e92cd119c8b50c7f608dac2f3d77eMIT krb5 Security Advisory 2004-004 - The MIT Kerberos 5 administration library (libkadm5srv) contains a heap buffer overflow in password history handling code which could be exploited to execute arbitrary code on a Key Distribution Center (KDC) host.
8afcac7cf93898ab1d3d2e0f2225c4a3929f21722ddcc457450e59dffa3526d6A buffer overflow vulnerability exists in the Yanf news fetcher utility version 0.4.
877eee2f42cbd1fbc93e5f7b498d7e966f2d625fc7823cb2e7dcd7ce37052da0iDEFENSE Security Advisory 12.20.2004-1 - Local exploitation of an untrusted path vulnerability in the invscout command included by default in multiple versions of IBM Corp.'s AIX could allow attackers to execute arbitrary code as the root user. Verified in version 5.2.
235ab9c853ddb84e9b00f9fbd6d8633e16b5fcfae7ddd82d665f8ccf07b8184diDEFENSE Security Advisory 12.20.2004 - Local exploitation of an untrusted path vulnerability in the chcod command included by default in multiple versions of IBM Corp. AIX could allow for arbitrary code execution as the root user. Verified in version 5.2.
5fcb009b609699d12cd1c4c09eee472af26805ac0e9da8716890e671ec6d8c2aSecunia Security Advisory - Some vulnerabilities have been reported in PHPFormMail, which can be exploited by malicious people to conduct cross-site scripting attacks.
92ca82c5724daa51e197fd7a11be7504b3b88424a2a02fd722f848864636cf89Faronics FreezeX version 1.00.100.0666 is susceptible to a denial of service attack.
4b95bbec5e4d3a5fa68737e01355b32d94a3cbac1de4e9842565247e2fb05d77It is possible to remotely conduct a denial of service attack on a Gadu-Gadu client by sending special crafted messages several times. All versions up to 6.1 build 156 are affected.
319325bba63d3c3846e86ffd415a85985e53bf73e9be51eb8dbf0c244dca4f6aA cross site scripting flaw exists in the Workboard 1.x module for PHP-Nuke.
1e9c560f0a1da8a7dede76d12d2021a3fb4a1deddc1905c10f9eae07941e85b9Secunia Security Advisory - A vulnerability has been reported in ArGoSoft Mail Server, which can be exploited by malicious people to conduct script insertion attacks.
baa6d38e27b266b7c196e409d7afc0f2dfc3a89c61bac22ad7d003004b1f30bdGentoo Linux Security Advisory GLSA 200412-21 - Multiple overflow vulnerabilities have been found in MPlayer, potentially resulting in remote executing of arbitrary code.
747c5835ac16bc7e325b87fef9cd14c3d309bad7cdf92fa9b79ebdcb5a813d62Various vulnerabilities exist in rftpd2 and rpf 1.2.2.
2ed7f2d3bc39db9d613a507fce37b089494a62dcb4dfa22d782fc9823f7b8131
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed