Gentoo Linux Security Advisory GLSA 200603-15 - Lincoln Stein discovered that Crypt::CBC fails to handle 16 bytes long initializiation vectors correctly when running in the RandomIV mode, resulting in a weaker encryption because the second part of every block will always be encrypted with zeros if the blocksize of the cipher is greater than 8 bytes. Versions less than 2.17 are affected.
98b4260c3958cdda1483553b567a7c164c6521d191aa95d1bf9018a077c81d52Gentoo Linux Security Advisory GLSA 200603-14 - An unspecified privilege escalation vulnerability in the rshd server of Heimdal has been reported. Versions less than 0.7.2 are affected.
ee96fefa3554d0a7c11fc25ea6e4f551feeac41d66073fa438e8c2f7d598a5edGentoo Linux Security Advisory GLSA 200603-13 - Matt Van Gundy discovered that PEAR-Auth did not correctly validate data passed to the DB and LDAP containers. Versions less than 1.2.4 are affected.
e91f97f00f01aeccf3e0e7781875bd9580f4949a6892c434e6f7720b2efba62bGentoo Linux Security Advisory GLSA 200603-20 - The Macromedia Flash Player contains multiple unspecified vulnerabilities. Versions less than 7.0.63 are affected.
70e7db5c214546ad7fd1a9375fd512914e003894ca345c202081d4958b965db0Gentoo Linux Security Advisory GLSA 200603-19 - Ulf Harnhammar reported a possible buffer overflow in the handling of TFTP URLs in libcurl due to the lack of boundary checks. Versions less than 7.15.3 are affected.
839fb0bbd599ff83c72942a1a3401a9fc5b9073d6e5417f1410a19f8b6d8d42cGentoo Linux Security Advisory GLSA 200603-18 - Carsten Lohrke of Gentoo Linux reported that Pngcrush contains a vulnerable version of zlib (GLSA 200507-19). Versions less than 1.6.2 are affected.
30e1cc0457b46546cdb7a07aa961e135ccc86355a78ba3c3fd14a6851605ecb5Gentoo Linux Security Advisory GLSA 200603-17 - INFIGO discovered a problem in the URL handling code. Buffers that are allocated on the stack can be overflowed inside of nextCGIarg() function. Versions less than 0.1217 are affected.
af149940fed075b66c47861b911347704ca7c557440c5bf5aa2b7bdf53189021Debian Security Advisory DSA 1008-1 - Marcelo Ricardo Leitner noticed that the current patch in DSA 932 (CVE-2005-3627) for kpdf, the PDF viewer for KDE, does not fix all buffer overflows, still allowing an attacker to execute arbitrary code.
55bef6a4d267c9bd39440e1787a28926abbb81d9e94f846a28e69383f494329cDebian Security Advisory DSA 1007-1 - The Drupal Security Team discovered several vulnerabilities in Drupal, a fully-featured content management and discussion engine.
4e2ef81faf6b4eb3f2a79ebb5a9ffd7ca9d6a464ea18ce8431a30814c5bc2020Debian Security Advisory DSA 1006-1 - "kcope" discovered that the wzdftpd FTP server lacks input sanitising for the SITE command, which may lead to the execution of arbitrary shell commands.
843158fcf7ed9bc27eb365270cd8e40583f31026ca07ee81249a31bb9d55c429Debian Security Advisory DSA 1005-1 - Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. xine-lib includes a local copy of libavcodec.
65d3d57bb35fd2e3209b06a022ecc80e75cb758750c07df574096bf619026335Debian Security Advisory DSA 1012-1 - A buffer overflow in the command line argument parsing has been discovered in unzip, the de-archiver for ZIP files that could lead to the execution of arbitrary code.
152b98431a209cefd9f94464eb3e26576d778b0f8d48635b5a6c9cd131c17cd4Debian Security Advisory DSA 1011-1 - Several vulnerabilities have been discovered in the Debian vserver support for Linux.
07f3c44b4de0e3381174ce5cf910dacc2dc093aac220f69443e97822aa2c0b4dDebian Security Advisory DSA 1010-1 - Ulf H
3c9fe029691f8f64b444353cd0aaa55923c4fb67cf9f99e29a2a29b47a8e9059Debian Security Advisory DSA 1009-1 - A buffer overflow has been discovered in the crossfire game which allows remote attackers to execute arbitrary code.
024cec435be525afb0dfee5db587d397fb20cab7abbd0c4d61085764bb8ac582Debian Security Advisory DSA 960-3 - The former update caused temporary files to be created in the current working directory due to a wrong function argument. This update will create temporary files in the users home directory if HOME is set or in the common temporary directory otherwise, usually /tmp.
ee4e2d7cb92f99c8e52104264f924760a877592360879d5263c6011b48dba3e1IRC_slave.a is a perl script designed to listen on a specified IRC channel and execute commands on the host running the script.
53d088089b935357d79526fc69ee0901b9009d69abfe8823e2ab2313466dd941ARP Tools is collection of libnet and libpcap based ARP utilities. It currently contains ARP Discover (arpdiscover), an Ethernet scanner based on ARP protocol; ARP Flood (arpflood), an ARP request flooder; and ARP Poison (arppoison), for poisoning switches' MAC address tables.
02c84696d1a9d9338986cb09008f6d96617de3535cf85db3acf13e29e5f87de8A vulnerability in HT 9.1 allows attackers to supply a malicious file that will cause a buffer overflow to occur when it copies [file name] to [fullfilename] and print it on *htapp::window_create_file_bin using *printf()*. Local exploit.
8891b52c870f8802bc053fec0d2a286c8c027a8964df1839696982bde03f0df4Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4f96072f915687a4fcd4867cdcd5a78b15457e0ce38dce2dc26c1a6d3e4c6316Secunia Security Advisory - SUSE has issued an update for xorg-x11-server. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions.
6f62bbd35d6b77aa87e6a03c1f49bc78678cf146fefed1a7b0d7cca13f3251c3Secunia Security Advisory - rgod has discovered two vulnerabilities in PHP iCalendar, which can be exploited by malicious people to disclose potentially sensitive information and to compromise a vulnerable system.
f512aa1f08376535169c59f6093f8946c5c983da2a4a8263f4d130505bf4ad47Secunia Security Advisory - nukedx has discovered a vulnerability in ASPPortal, which can be exploited by malicious people to conduct SQL injection attacks.
789d50c4f72e5e3ac2420752a579cfe51b1d83c8bb4128e027f9a6d32bc624eeSecunia Security Advisory - Gentoo has issued an update for peercast. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
d7e574f34701c4722480e3058bdb95775b2f25ea4f6f20f900272c708af64cadSecunia Security Advisory - Soot has discovered a vulnerability in Contrexx CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
526be0848dc8e0bc0a4343fa55c3cfe028179c12d90302020a6c2b9b6ee886d8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed