Gentoo Linux Security Advisory GLSA 200501-28 - A stack overflow was discovered in Xpdf, potentially resulting in the execution of arbitrary code. GPdf includes Xpdf code and therefore is vulnerable to the same issue.
6d3333856e42b7c6ad1eb56d1005d508fb653af894b3fb5d1b523cf052b14bb7GroupWise 6.5 suffers from a flaw where an unauthenticated user can get read access to various data.
39413578d2bf2ff35b828532fffd5974f3692be8c07c037819c3e88ee3e24666Proof of concept exploit for DivX player versions 2.6 and below that allow for arbitrary file overwriting via a flaw in handling skins.
528c24d73ee874822073440071c6461caba58ba67d803ce1718840bd7827fbffDivX player versions 2.6 and below allow for arbitrary file overwriting via a flaw in handling skins.
e0b91ab213ef109d3e7d5ee589275919f9cf35746ad3daa9a71e452a7be88ebeComersus ASP shopping cart version 6.0 is susceptible to administrator login bypass, SQL injection, and cross site scripting attacks.
fa4955168f9fcd7c71beff76ff8d521cc4ebd0d3663310ad159a5f3893552497NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in the Microsoft NetDDE service which can allow a remote attacker to execute arbitrary code on a system without authentication. This vulnerability can also be used by any low privileged local user to gain Local System privileges. Systems Affected: Microsoft Windows NT/2000/XP/2003 Server.
7fe7b3cd43a05089bc18d0500d8382f190e1c29289808a9a8cd64afe62566c0dCall for papers for the final issue of Phrack. Phrack number 63 will be released in hard cover format. The deadline for paper submission is July 10, 2005.
e253b29e59b3c6154c8c143a5ebc24019564a1fe1ad3ee157fd0f7811b43555eDebian Security Advisory 654-1 - Several security problems have been discovered in enscript.
5d28208ac57d5625dda59adf9f8c04c2de000131ef1678db9a147c58c7f214a7AIRT (Advanced incident response tool) is a set of incident response assistance tools for Linux. Tools allow you to look for hidden modules, processes, and ports. Additionally, two tools will dump and analyze hidden modules.
9686c7f859e29a96749089080f8f3ae874bff6d2ed8eca513afe8e9c935f527eGentoo Linux Security Advisory GLSA 200501-27 - Multiple vulnerabilities exist in Ethereal, which may allow an attacker to run arbitrary code, crash the program or perform DoS by CPU and disk utilization.
0828975659f7baf994aa7d61bb99530dfcd6577a681f5c5fc41c6cac7b15ba5biDEFENSE Security Advisory 01.20.05 - Remote exploitation of an input validation vulnerability in 3Com Corp.'s OfficeConnect Wireless 11g Access Point allows attackers to glean sensitive router information.
20d6f9dae34c3b4c99c46cf39adab6cad55fcb5b45259ad5e2453aaf25d2108cThis advisory covers nine of the 23 vulnerabilities recently discovered in various versions of Oracle's database server.
05f58b02101062b1f57e0de5e3166ee29294c50e446a28ff4adfd2aaf99ca936Siteman version 1.0.x is susceptible to administrative account injection due to a lack of variable sanitization.
e5a5bf492a4c40f297327f5f1d1daa9de444247c8372eae725e2f1b6c19ca055Secunia Security Advisory - A vulnerability has been discovered in the Apache check_forensic script that allows for local privilege escalation.
d4bd5c4ffda2aac9e74cafa67e43fbd8f1658d51600f2cb56c42471205d50f78Secunia Security Advisory - A vulnerability has been reported in 3Com OfficeConnect Wireless 11g Access Point, which can be exploited by malicious people to gain knowledge of sensitive information.
4f592f511c62e88075d0e9e04e3a75eada218e949fe02b570f10602507ec9b6fDebian Security Advisory 651-1 - A couple different overflows have been discovered in Squid. One is in the parser for Gopher and another is in the receiver for WCCP messages.
836558daf3b8225ee83be23b5502e47ecb6c82c7286dfd447db0ca184d7f8ab5Secunia Security Advisory - Some vulnerabilities have been reported in AntiGen for Domino, which can be exploited by malicious people to cause a DoS (Denial of Service) and by malware to bypass certain scanning functionality.
32287f8e52ff5ebe7d2934853f6926bea12e4cabc6b4437b3b9719960dec2988Debian Security Advisory 650-1 - Sword, a package for making a bible web site, is susceptible to a remote command execution flaw due to a lack of sanitizing input. Not even your god can save you now.
286c2640651ad4437f0111a699bc755f9e50d7537c9e72161cbab7ce90041134Sun Security Advisory - A vulnerability in the Java Plug-in may allow an untrusted applet to elevate privileges through JavaScript calling into Java code. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. A second vulnerability may allow an untrusted applet to inappropriately interfere with another applet in the same web page which may include causing it to incorrectly load non-code resources such as files and web pages.
fff12819e999f2aa04fd9023287b35be822c905487fcb22420f818a51a1e653fGeCAD NET Security Advisory - The HTML Help Control patch issued from Microsoft may be subverted via other known vulnerabilities that are left unpatched in Internet Explorer.
d32c5cf90c2bbe8ef625797db1169224db31dcd4ce0d0477dd0575f3454eb37fDebian Security Advisory 649-1 - A buffer overflow has been discovered in xtrlock, a minimal X display lock program which can be exploited by a malicious local attacker to crash the lock program and take over the desktop session.
61962f41f5e7339d97af3a6ced5488ce1a0da7b3ca851f38ddf0359b7a4f2d92KDE Security Advisory: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a buffer overflow that can be triggered by a specially crafted PDF file.
6b15ccf0b7bec83aa5472d69ac47e0982d0440956056b53788eaaf87744463e3fkey version 0.0.2 local file accessibility exploit.
dfb6bbb2d3c62d255c655605b6d08045515378ba0ce5439df34cced8c6849b4aSTG Security Advisory: JSBoard versions 2.0.9 and below suffer from an input validation flaw that allows for arbitrary file reading.
04fa973bf4b6839924d1a72282fd12936c652ed1299fc3906090b148f9953989STG Security Advisory: GForge versions 3.3 and below are susceptible to directory traversal attacks.
8dc2e1f4564aa448435f8b3771a3642f05fd3c4d9e6cbbf1dbd81ef08a7da42a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed