Gentoo Linux Security Advisory GLSA 200507-26 - GNU Gadu, CenterICQ, Kadu, EKG and libgadu are vulnerable to an integer overflow. Versions less than 2.2.6-r1 are affected.
8c3aaaaccf0fac192625a06806e0153319ef322a65cd4a6f3a2eae163005d614Debian Security Advisory DSA 766-1 - A vulnerability has been discovered in webcalendar, a PHP based multi-user calendar, that can lead to the disclosure of sensitive information to unauthorised parties.
a27b79d26374c35fbcc5b2e450f99e4b707fffe22b122a16083190fc49a2eef2Debian Security Advisory DSA 765-1 - A buffer overflow was discovered in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server.
b7baf9fd1de6d686f58aaba35950d80f6e018eae34e768acc7cda018e5fabe46The Novell GroupWise 6.5.3 client suffers from a remote buffer overflow vulnerability.
416b19430a2eb949354f800a7e077717fb0241942ea239754df3b2782f4eea1eWhen the UnixWare 7.x version of the RPC portmapper (rpcbind) receives an invalid portmap request, it falls into a denial of service state and cannot respond.
8807b2907f72caa93595e16a3af544c8a1a1d674b4ca5df6487e048bed5f118bGentoo Linux Security Advisory GLSA 200507-25 - Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats. Versions less than 0.86.2 are affected.
b3a7fcc88493feb480f9f4e78586c1d835b6e405e85b522567433aff52bda8b7Gentoo Linux Security Advisory GLSA 200507-24 - Several vulnerabilities in the Mozilla Suite allow attacks ranging from the execution of javascript code with elevated privileges to information leakage. Versions less than 1.7.10 are affected.
e3bb5316095871b4e09851a2d7a878477943503d8b8037205c99f6a2bbc07840Lotus Domino R5 WebMail versions R5, R6, and possibly R4 are susceptible to a default configuration information disclosure vulnerability.
34234d1ec904e4f9c078ad43fec5b2b46d2b151e92f5f498cdf8453683179a04Fetchmail version 1.02 suffers from a remote code injection vulnerability.
fc3f1ce80d30fc5169baa1476c5710f9cd636aec98c35ccdc729e1c419f34d2cCartWIZ suffers from a cross site scripting vulnerability.
55b39a11e65c04e115b346660460d185b1c7b5902fce31c6167047ef8a26773eSimplicity OF Upload 1.3 allows for remote code execution and cross site scripting attacks.
5aed3185aef2e54a81a96802e0d2aa259d7c0541c1281310f0132032e012c832The QCWLICON.exe and QCTRAY.exe binaries in IBM Access software allow anyone read access to the configuration of all connections.
ca1f1e403e44c575ce47a2a8135a8da6e1b491a26a2754749af7ace99003c1adSPIDynamics WebInspect is susceptible to cross-application scripting attacks.
1015978531e7b0bc37dd7eef03b9bb70913a12479637df33e68b9197fcf36a51Logging into FTPshell server version 3.38 will cause the ftpshelld.exe process to die, resulting in a denial of service.
e23a09711cefeb6f0b7eec5f4e9503bbd0e0015aa9b837345d02aeb9944f7ddfRemote exploitation of a buffer overflow vulnerability in Ares FileShare 1.1 could allow execution of arbitrary code.
69900714ad4b60f7881d9946c2804a1e724d0a2b64a5262a37935655d22d926dGentoo Linux Security Advisory GLSA 200507-23 - Kopete contains an internal copy of libgadu and is therefore subject to several input validation vulnerabilities in libgadu. Versions less than 3.4.1-r1 are affected.
8495487de7b3b61aac52bcedb9567407792fc59429d76c1586ee27556500b41cGentoo Linux Security Advisory GLSA 200507-22 - The Gentoo Linux Security Audit Team discovered that the sandbox utility was vulnerable to multiple TOCTOU (Time of Check, Time of Use) file creation race conditions. Versions less than 1.2.11 are affected.
8a44b3fd3621a574a9efbe950cc71ea1299e0cb5ab061553b8fa3a8862eb6987Gentoo Linux Security Advisory GLSA 200507-21 - fetchmail does not properly validate UIDs coming from a POP3 mail server. The UID is placed in a fixed length buffer on the stack, which can be overflown. Versions less than 6.2.5.2 are affected.
e183ba8135f58ed6750b8c55799fddc77fe41b5730a1d87bec474be7a913c8cfBy sending trigger packets to the management port (280/http-mgmt) of a Siemens Santis 50 wireless router, the device freezes the web interface and allows unauthenticated access to the telnet CLI.
55fd63fc68a9ff21180c20280c664708b42386f538608ed1c889437dee91b9b0Clam AntiVirus (ClamAV) versions 0.86.1 and below suffer from remote heap overflows.
d1fb6fbca8fea0d2ff3d187e619c601048b6ef729562695ccc5fe2f00936a6d1Corsaire Security Advisory - The SAP Internet Graphics Server versions below 6.40 Patch 11 are susceptible to a directory traversal attack.
bc1bf9061a5b291ddad02fbb0d9b84f70b54b11e4937e46f27f17ae2e47c5288Beehive Forum is susceptible to cross site scripting, SQL injection, and path disclosure vulnerabilities.
7f3929899fa6fa2c9f781611cd61144f5570e8c2ce489c88613dad141af19a06FtpLocate versions 2.02 and below remote code execution exploit that makes use of unsanitized user input.
fa9e7b29c5fd8639d1c710ca941a37e5849ae8474c833cc8940a2c6c1eef8849The ECI B-FOCuS router 312+ allows a remote, unauthenticated attacker the ability to download the configuration file containing the system passwords in clear text.
9f358cc045a943b64c3955ed564a3050e84f66b75c52ef9d76adf4d364432a55PHP FirstPost suffers from a remote command execution vulnerability due to a lack of sanitized input in block.php.
23f788bad7e03443852131b6ac6fe3e5bc8f884de20b561d3964e4f7376c8bad
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed