CUPs 1.x denial of service exploit.
ff8f9da2b2ed05af80951b23e43eb74ed987f6722dc4d1ea584c2d80c7787aa3PBLang 4.65 and possibly prior versions suffers from remote code execution, administrative credentials disclosure, system information disclosure, cross site scripting and path disclosure vulnerabilities.
84a134af30b6692cbf66438fd56695b6abe5c6c2dea7995c936cbf3e2c321475Proof of concept exploit for the Free SMTP server versions 2.2 and below spam filter vulnerability.
b485079266d6c7fe72d7da767cc57e2c2566ce8afd5ee06e61f7f8bda14d8d9aMS05-018 windows CSRSS.EXE stack overflow local exploit version 1.0. Systems affected: Windows 2000 SP3/SP4 (all languages).
9c1056b4ba445574dabd5303c06b7ba842e5dcfa7223af9c95e2b901dd7205fc23 byte linux/x86 /bin/sh sysenter opcode array payload.
c6fcfb33ec9f6fc7239338c5b769cff2c18bd07163945629fb794f7efd19c361All versions of MyBB suffer from cross site scripting attacks.
3c0d0eb7558a6e11df2060e31d9588a96c78988c96cbd18c3cc63f9be9ca13d3This document discusses the use of the Internet Control Message Protocol (ICMP) to perform a variety of attacks against the Transmission Control Protocol (TCP) and other similar protocols. It proposes several counter-measures to eliminate or minimize the impact of these attacks.
eb26edb362c9db7aef2e0588ce1edd7b2f8dc2c57ec441e0f593bc216e865275KDE Security Advisory: Ilja van Sprundel from suresec.org notified the KDE security team about a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. In order for an exploit to succeed, the directory /var/lock has to be writeable for a user that is allowed to invoke kcheckpass. Affected are all KDE releases starting from KDE 3.2.0 up to including KDE 3.4.2.
e4126780e1718411fc8d987b510d320c1017a094f233983191e32430a74092d1Debian Security Advisory DSA 801-1 - SuSE developers discovered that ntp confuses the given group id with the group id of the given user when called with a group id on the commandline that is specified as a string and not as a numeric gid, which causes ntpd to run with different privileges than intended.
d4e455be01cadb224df268157536181536c5ef1de1c81dd3c2f12e57d1b90fd0aMember Pro 2.3.4 is susceptible to a remote PHP file include vulnerability.
e826f8dad2f582fbaf38fdb09b5c49dba4e0e2ddbcdce640cb8c10b9c2c41156Proof of concept exploit for Realchat version 3.5.1b that allows for user impersonation.
f4c1139cfee6a3ba25b5722799f246a9759ec17aa2936d739329ab923d7ffe9fUrban 1.5.3_1, part of the FreeBSD ports collection, is vulnerable to a stack overflow when handling the $HOME environmental variable. Since urban is installed with setgid games privileges, privilege escalation is possible. Earlier versions may also be susceptible. Proof of concept exploit included.
b4fa91cfa2c177e64461bac4e36029a755502d986f5de31f6bfe695b11b11cb7IIS 5.1 allows for the remote viewing of source code on FAT/FAT32 volumes using WebDAV.
71528d3970bd932550ccf507c4fd3dfa9cae1251b3b375b64db24ec3aabd1137Open Webmail 2.41 is susceptible to cross site scripting attacks.
93ea05d29c12a308bbb9e008504aac101b3c0d0d4be430fd8246c908adafe22aMidiCart ASP Shopping Cart, evaluation/standard/pro versions 7, are susceptible to cross site scripting and SQL injection attacks.
506319fb974fb904b22b77946fbfc9a8bcc55cd7e82544174c57fbeedc98c389Secunia Security Advisory - Harry Johnston has reported a security issue in Oracle Database Server 10g, which potentially can be exploited by malicious people to compromise a user's system.
ca34e29f4f23a22953a1ad4544f498794d923d1f4d135f08aab33dd81b6501caSecunia Security Advisory - A security issue has been reported in LiveUpdate Client, which can be exploited by malicious, local users to disclose certain sensitive information.
42a1a55b8e935eb69f618d87a7f57dfd62a0862070c153f8e192dbde036114a0Secunia Security Advisory - shaun has reported some vulnerabilities in URBAN, which can be exploited by malicious, local users to gain escalated privileges.
a77199a831e71645bfec386b9d0601e0ce044c7acd0a3ce85e80a10a0175b1f4Secunia Security Advisory - Gregory R. Panakkal has discovered a security issue in Rediff Bol, which can be exploited by malicious people to disclose sensitive information.
d1e83b6e37a45eb6bfbc1f5c6c27e61b11c6d8a582cdacaa458ca874fb0b66d6Secunia Security Advisory - Debian has issued an update for ntp. This fixes a security issue, which can cause ntpd to run with incorrect group permissions.
880527d0e2e0cf4ff4e925e1826aceea8b7dd5fd71342bf66fda40c7547cef79Secunia Security Advisory - A vulnerability has been reported in Apache, which can be exploited by malicious, local users to gain escalated privileges via a specially crafted .htaccess file.
4b5a67d48e7bf1626eddaad75aaf4d576b6684814098ee262e7d9efc5cf58df2Secunia Security Advisory - A vulnerability has been reported in kcheckpass, which potentially can be exploited by malicious, local users to gain escalated privileges.
6f4ca82480fa301128546ef2cc6aeccd24be537ce5d6f3dae386977ed57f05ceSecunia Security Advisory - Some vulnerabilities have been reported in MAXdev MD-Pro, where some have unknown impacts and others can be exploited by malicious people to compromise a vulnerable system.
e8b61109087e661e996eee8f38d1d95fe85ecc0f494404bd2f0528ccb2ffc9d4Secunia Security Advisory - Gentoo has issued an update for gnumeric. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
b7ddc5d456a0b294d9944382b571f756629912d46b6342cf2b269449fe3847dfSecunia Security Advisory - Alexey Dobriyan has reported some vulnerabilities in OpenTTD, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
ecccf54632f65a2145d7c14f427c31f8a4861d11ceaf79501451048b80a3f12e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed