Mandriva Linux Security Advisory - MDKSA-2006:064: MySQL allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function.
4a4244ae0beeb209f950fccdf977eb49bbd29281b7f1fe880225a0c331f5ca48Mandriva Linux Security Advisory - MDKSA-2006:063: A vulnerability was discovered where the html_entity_decode() function would return a chunk of memory with length equal to the string supplied, which could include php code, php ini data, other user data, etc. Note that by default, Corporate 3.0 and Mandriva Linux LE2005 ship with magic_quotes_gpc on which seems to protect against this vulnerability "out of the box" but users are encourages to upgrade regardless.
78262414453a18d74993749df6712321776cbd76fef99b47a0376bcdd40706e5Mandriva Linux Security Advisory - MDKSA-2006:062: Three buffer overflows were discovered by infamous41md in dia's xfig import code. This could allow for user-complicit attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid color index, number of points, or depth.
46a668207512540b5308a4296ea6e5d10a881784569110a52dc660a41a65aa78Horde Help Viewer remote PHP code execution exploit.
3783e4752241a7aa60e7b46a703cfaba27d243c8a50eca9106fa2a651bd7385dPHPMyChat "SYS enter" remote command execution exploit patched to work on the 0.14.6dev to 0.15.0dev branch.
38f842312aedd97bbc094d9b66bd6dd19a72a194a0e2484372b8c1f981853092PHPMyChat less than or equal to 0.14.5 "SYS enter" remote command execution exploit.
73bfdce3a8b3605243c6b28f32b500b1210c726241864d8f1082e403efe9d28dSSHeater is a program that infects the OpenSSH daemon in run-time in order to log all future sessions and implement a backdoor where a single password, chosen by the user, can log into all accounts in the system. There's a log parser included in the package that can display authentication information about sessions as well as play the session just like TTYrec/play.
ddc5f0ffbef955cabdf2fb58ed422c04a74622619744e0a7698ca94c6723c5abSecunia Research 03/04/2006 - AN HTTPD Script Source Disclosure Vulnerability - The vulnerability is caused due to a validation error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files (e.g. PL, CGI, and BAT) from the server via specially crafted requests containing dot and space characters.
3168e45f9455ce990326326f5827fc180003afd049d6d88213c158675d75fbe9FleXiBle development script suffers from remote command execution and XSS
10296054362eb5e6ab48fde7a2d864ba1709f39b7e2858a56aba2be7c25dd632pid-check is a perl script that uses the kill() and setpriority() system calls to find hidden processes.
c84e1506e2f1e46b1bb4e29b75e781654f04b72ae63c91d5917174c5ee8c0182w3wp remote DoS exploit due to improper reference of STA COM components in ASP.NET.
012bbb7a3a8e236db1320cbab6d721129dda52a8403343cea4180f2a6ff96e14This is the IOS binary image packing and unpacking for reverse engineering program capable of calculating a correct checksum for these images.
14ea902c6b350ddcf1c39c10938e90194d7999bb6cb7ea744ea111062d369d36TFTP-bruteforcer is a fast TFTP filename bruteforcer written in perl.
2af969e3ce63a74869227e49056fa595115bfee36f4d4b0b86b4006dd1feceb5EIGRP Tools - This is a custom EIGRP packet generator and sniffer developed to test the security and overall operation quality of this Cisco routing protocol. Using this tool requires a decent level of knowledge of EIGRP operations, packets structure and types, as well as the Layer 3 topology of an audited network.
f8918de3a4115310e2c6fb3f16c9d1d669736e7d41b9985c6de42cc177d00707THC is proud to be the first who are releasing an comprehensive attack toolkit for the IPv6 protocol suite. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. Included is a fast and easy to use packet crafting library to create your own attack tools.
577fb708c202a62615c74e3fff77c90277801dc6ef131673f0b978d0059a198dSecunia Security Advisory - Two vulnerabilities have been reported in NOD32, which can be exploited by malicious, local users to gain escalated privileges.
ea0502d548d8d9d82096da408779c5de32402083dce1a5b367de1364c0283490Secunia Security Advisory - r0t has discovered some vulnerabilities in Crafty Syntax Image Gallery, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct SQL injection attacks.
37d142afaff0b2f4708465d7ebe44f4769b096ba296277b93dc0a438136d04caSecunia Security Advisory - r0t has reported some vulnerabilities in SKForum, which can be exploited by malicious people to conduct cross-site scripting attacks.
9021f262c26bff2e922f6c9a6341f6d2eeb2d92ef7d17ba75f323ed0166d5308Secunia Security Advisory - Pratiksha Doshi has discovered some vulnerabilities and a weakness in Interact, which can be exploited by malicious people to gain knowledge of certain information, and conduct cross-site scripting and SQL injection attacks.
225af40f1f5a0084dae4a3cdebf15e895068c473c036034600875c12dc442959Secunia Security Advisory - Mandriva has issued an update for freeradius. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
78300f248e4e5b40cfa915e87a2ff2320aed0d062aae1d2cc6a5fea3cce403fcSecunia Security Advisory - Luigi Auriemma has reported two vulnerabilities in Ultr@VNC, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
2fd0e94ebdebf42a70812e15cc08b6ce7bfef12fef479bbfdf74f83bd1514ad2Secunia Security Advisory - Gentoo has acknowledged some vulnerabilities in doomsday, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
a23746e378664458d421fc336f2074ffae2df8d295cf685cb3af23758953d585Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered some vulnerabilities in N.T., which can be exploited by malicious people to conduct script insertion attacks and by malicious users to compromise a vulnerable system.
9903eac740d284e7d26048d26e303089e1a140c796be0aa8eeb25fb4c687c08eSecunia Security Advisory - Gentoo has issued an update for freeradius. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass certain security restrictions.
040287a5156dbed1c180b0b99449a267b92e78779951bd3d9b31c3255e7c3056Secunia Security Advisory - Gentoo has issued an update for horde. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.
568a9673c461691bfff6a29b3749040d4afce0bd130e16d9b485f4ca3598a63b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed