Secunia Security Advisory - A vulnerability has been reported in PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks.
f6c92b7d7a1f0943ff19cb296c0afb08a881f027dc19689b46e764a3cb6f0e40Secunia Security Advisory - Core Security Technologies has reported a vulnerability in ICQ Pro 2003b, which can be exploited by malicious people to compromise a user's system.
fda05f0a122c62bf8cea152904543f97f61b7ac90f015b1151f2db0d3d7727b1Proof of concept code for the X11R6 XKEYBOARD extension strcmp() buffer overflow vulnerability. Written for SCO UnixWare 7.1.3.
e767c4244c85d6574cfdd4eb3f5e611e1e55038f5361a51054cbbc92acb58183Proof of concept code for the X11R6 XKEYBOARD extension strcmp() buffer overflow vulnerability. Written for Solaris 8, 9, and 10 on the x86 architecture.
59b8701f86673823e6d2be4c038f685e96a1f7b835eed17860522d06c2383da1Proof of concept code for the X11R6 XKEYBOARD extension strcmp() buffer overflow vulnerability. Written for Solaris 8, 9, and 10 on the SPARC architecture.
6743da2899320f9c17b75434128525c671ea1118b660678fc056a9a0f8449a0bThere exists a vulnerability within a string manipulation function of the X11R6 (X11R6.4 and lower) X Window System library, which when properly exploited can lead to local compromise of the vulnerable system.
7911db7873cc4ace006bc5fcc5187ae6d8cd1f496a76dd9932cbcd786aa5bc69Ubuntu Security Notice USN-343-1 - bind did not sufficiently verify particular requests and responses from other name servers and users. By sending a specially crafted packet, a remote attacker could exploit this to crash the name server.
7d6b3d264963798ae68d292be23f75876a241cf79c47d41eaf15dfd788dd7cffFantastic News versions 2.1.4 and below suffer from a remote file inclusion vulnerability.
dca38814249da6ae5ef77b663211ee8b255f1ee9993ff35f80c78f5ed1adfe50Debian Security Advisory 1171-1 - Several remote vulnerabilities have been discovered in the Ethereal network scanner, which may lead to the execution of arbitrary code.
af357788322383752d2cae56616b9dd4a0989e986791c9ed4d0cf0342aa94b7eA vulnerability in ICS/IMail Server 2006 allows remote attackers to execute arbitrary code on vulnerable installations of the Ipswitch Collaboration Suite and IMail. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SMTP daemon. A lack of bounds checking during the parsing of long strings contained within the characters '@' and ':' leads to a stack overflow vulnerability. Exploitation can result in code execution or a denial of service.
b607965f5993385e1d37acb1d22cb4ce8d3c9e08e51d136f41a523133b516b14Mandriva Linux Security Advisory MDKSA-2006-162 - The file_exists and imap_reopen functions in PHP before version 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. A buffer overflow in the LWZReadByte function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before version 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
643f06d3c36b031840d60f7ef35b3fcfbf394ef6737c1a469ff32f9c413f159eGentoo Linux Security Advisory GLSA 200609-05 - Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. Versions less than 0.9.7k are affected.
8913ff7b0786ebeb23e920d0d3315835bec1384e177b2144cadf17f7d3f0d944Core Security Technologies Advisory - Security problems found in the ICQ Toolbar version 1.3 may allow attackers to control and change configuration settings and to inject scripting code in RSS feed contents and execute it in the context of the feed interface (IE's Local Zone).
8dd24520d90a217c1cbbe522c188fe480a01880771b3c81d67eb33c4279470a5DokuWiki versions 2006-03-09b and below /bin/dwpage.php remote command execution exploit.
b3aeaf21f9796f070c9cd179491db5683160befa275d0cd729fb805788a25341Hustle Labs Security Advisory - The alwil avast! Anti-virus Engine versions less than 4.7.869 for desktops and versions less than 4.7.660 for servers suffer from vulnerabilities that allows for local and remote code execution. Full details provided.
16e662cec2bb15035d4ca8470c82242b3be4981401d5abffe91a81653f40d323Core Security Technologies Advisory - A vulnerability in AOL's ICQ Pro 2003b instant messenger client could lead to denial of service attacks and remote compromise of systems running vulnerable versions of the client.
cab367ec5b73446d0549858a90aa72a0487dfd919bd81703daace906ba45f0a8The Linux kernel source tarball extracts files into a dangerous, worldwrite-able and setuid state.
5d050d1f33fc07b37238e62a1bdf056a03ee469762922b0453a28d5feb42d7b5AckerTodo version 4.0 suffers from a cross site scripting vulnerability.
11961d0624c90fb69176eb71173bd10da4c9f64165ef01108b6e081a7a9fb6e7Ubuntu Security Notice USN-342-1 - Multiple bypass and buffer overflow vulnerabilities exist in PHP4 and PHP5.
4c59a09b17fad2d2c14c6b1109b5fc05e9964de2289772d2e889d67b628df000Panda Platinum Internet Security 2006/2007 suffers from multiple vulnerabilities. Insecure file permissions allow an unprivileged local user the ability to obtain system-level access or access to account of another logged on user. Insecure design of the spam filtering control engine allows remote attackers to control bayesian self learning spam filtering process using a malicious web page.
64bf6b4e76147fd07e6e28bffb2aa61bd8df71d79c186dd1e124d9eb55b2dbacPHPFusion versions 6.01.4 and below extract()/_SERVER[REMOTE_ADDR] SQL injection exploit.
dd4b190a2ba9b3f73a1c5ef44f3f21d6efc7482616bbf953a0a1726dae42e586MKPortal M1.1 RC1 suffers from a cross site scripting flaw.
a3293062c86e5243250dafcd72391b066349e2af57ac34eb7c1b6378577e08aaOrkut.com suffers from a URL redirection vulnerability.
cd071a3edada5b89059b752e1871a54bf8cced21e63a44d289578dd90593e434SL_Site versions 1.0 and below suffer from a remote file inclusion vulnerability.
ac0a95e29c7deb0d6dabe96391978cb3fe82c80b5e4700b83361fe0b48fa6781Shadow Prmod versions 2.7.1 and below suffer from a remote file inclusion vulnerability.
9bfe3f6dc1ae25b1242daabdee3ef795377935b84088c2a5f96e93bb5d84210b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed