A vulnerability has been discovered in vmnat.exe on Windows hosts and vmnet-natd on Linux systems. The vulnerability makes it possible for a malicious guest using a NAT networking configuration to execute unwanted code on the host machine.
f96629f05845bbd34a3ff9f3f3a26b3046dd855025b7de2d9092c97196ab45abTolva PHP website system version 0.1.0 suffers from a remote php include vulnerability.
8f3756c80a600b928d4a87a0b7c76f561a614d4e89d58181d3c27e54e0e5f32cACS Security Assessment Advisory - Remote Heap Overflow - A vulnerability was identified in VMware Workstation (And others) vmnat.exe, which could be exploited by remote attackers to execute arbitrary commands. This vulnerability allows the escape from a VMware Virtual Machine into userland space and compromising the host.
8e8b39c82e3f13db9886e3ed72d044f15d441c3fafdc12016855eed9b8169a4eEXPL-A-2005-017 exploitlabs.com Advisory 046 - Dev hound suffers from multiple vulnerabilities including XSS and path disclosure.
91c0c40600c9b49ab6f372d2158ef227d46eba203d6428fb4507b65dbd700319Mandriva Linux Security Advisory - Charles Morris discovered a vulnerability in sudo versions prior to 1.6.8p12 where, when the perl taint flag is off, sudo does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment variables, which could allow limited local users to cause a perl script to include and execute arbitrary library files that have the same name as library files that included by the script.
4ac05f5250746008f7cc1d3a17896fef9440b0e513f9e63a2f86e8a3f70c404aiDefense Security Advisory 12.20.05 - Remote exploitation of a buffer overflow vulnerability in Qualcomm WorldMail IMAP Server allows unauthenticated attackers to execute arbitrary code.
47475781a2d2b684b7e8319f238e979c746804fab848ef3c5702f982dbe540c9THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
d3dc9646807a7074bac799b74b68808f2805d59a216fe04671c418cd476230e0Enterprise Connector v.1.02 suffers from Multiple SQL Vulnerabilities and Login Bypass vulnerabilities.
e6742281eaad3a5b9cc936b7e2fd11d98cfa81e7a1c289907ae15bf9a5067c62iDefense Security Advisory 12.20.05 - Remote exploitation of an access control vulnerability in McAfee Security Center allows attackers to create or overwrite arbitrary files.
8aae57aa8f61d78c37ccd9a11213d8a5ff27ace01598a7dfa03953e3807109c0HP Security Bulletin - A potential vulnerability has been identified with HP-UX running Software Distributor (SD) programs. The vulnerability could be exploited by a remote user to gain unauthorized access.
5e5c5f29997dc43ad09a1f80a01908de82de5265c2631ceae455223c0225aad9Digital Armaments advisory is 12.15.2005 - WEBsweeeper/MIMEsweeper suffers from a vulnerability in its regular expression which can allow an attacker to trick a user to execute malicious code on his system
a71683664a998ad26658adb77769a43c2cc486692573adfbc3b6db5408abc6e6Several vulnerabilities in Acidcat CMS v 2.1.13 and below have been found which can be used to discover the admin credentials or download the database.
472c98fc023f7527ac3a42041c418860089f96762b868456e8267de01f8cf514PHPGedView versions less than or equal to 3.3.7 arbitrary local and remote code execution and php injection exploit.
d5fea3e84f0a0bd3b9291b64956268acdf37b109235e642ccc78911a9190c4b4Overflow.pl Security Advisory #4 - Blender BlenLoader Integer Overflow - Remote exploitation of an integer overflow vulnerability could allow execution of arbitrary code or cause denial of service.
ecad4ecf01d7a30fd3c0c8494f3547a01b76cffdd091d9ddd8de47fbe8856d76Secunia Research has discovered two vulnerabilities in Pegasus Mail, which can be exploited by malicious people to compromise a user's system.
54e7c14fe91c09b67b14fa60339a95d0b7b5c1159ce1efb8851f646535e36e5bRM Security Advisory No. 014 - Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent
d31cb760d8c84be73e419d002d442d2df531f72d5420e40ff4c57ead99aae8bbIRM Security Advisory No. 013 - Ultraapps Issue Manager is vulnerable to Privilege Escalation
a10d908818bbfe4b55e4e4e015492e12a1a57e73b4ec23ec55c7ceb5a188ffa1IRM Security Advisory No. 012 - Portfolio Netpublish Server 7 is vulnerable to a Directory Traversal Attack
9b51e2e076faa24329d3777a6a7fa00a5d6011ab65b393a2b36ca2fd22029b82The Symantec Antivirus Library provides file format support for virus analysis. During decompression of RAR files Symantec i s vulnerable to multiple heap overflows allowing attackers complete control of the system(s) being protected. These vulnerabilities can be exploited remotely without user interaction in default configurations through common protocols such as SMTP.
dcbde29aba5cd0432baf2e97646ba98b60fd26042acab5d3a9d921591ee5b1feWordPress versions less than 1.5.2 suffer from a full path disclosure vulnerability.
626b96e62c1bbb752059b1d5b069a1c5b3997b53b9a508350b7f65ef793b6b62Gentoo Linux Security Advisory GLSA 200512-11 - Gentoo developer Wernfried Haas discovered that when the Enable peer-to-peer communications option is enabled, CenterICQ opens a port that insufficiently validates whatever is sent to it. Furthermore, Zone-H Research reported a buffer overflow in the ktools library. Versions less than 4.21.0-r2 are affected.
f5272e7a669c1fb9d6bced6a733711016966d85c8232182f767a6dbb5bedc540FTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to multiple format string overflows via specially crafted imap requests. A remote attacker could issue the vulnerable command followed by a malicious code to execute arbitrary code.
a47e7eb0be3dd0bc9509f26a3564669f185666ee7e5b48e96fe7bde7f3cc4176FTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to multiple format string overflows via specially crafted POP3 requests. A remote attacker could issue the vulnerable command followed by a malicious code to execute arbitrary code.
b7eefec861546594804c164bd3f79bfd50e07bb9d2260244150f37dc75c83ae3FTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to buffer overflow via a specially crafted POST request. A remote attacker could issue the vulnerable command followed by a malicious code to execute arbitrary code.
8d70a55b6d1356e4222330573ca0f8f0ba5da6c80f8e2cd6e90aa19164f8a946FTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to specially crafted XSS requests. A remote attacker could trick a user into viewing a vulnerable page which could then lead to remote compromise.
33dfe89225193d68e6d1206225306097c653ed2c3a7fbe883ede8191c580112c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed