Ubuntu Security Notice 413-1 - A flaw was discovered in the HID daemon of bluez-utils. A remote attacker could gain control of the mouse and keyboard if hidd was enabled. This does not affect a default Ubuntu installation, since hidd is normally disabled.
834f72f161cb8c4ad8db8173e5a61b0920888eac4654a8f11bdb5d8862c92b39Ubuntu Security Notice 412-1 - Dean Gaudet discovered that the GeoIP update tool did not validate the filename responses from the update server. A malicious server, or man-in-the-middle system posing as a server, could write to arbitrary files with user privileges.
75b01f4e95484735f0268d67b3306e71226620a309e2561ff38b6f456e600f2cGentoo Linux Security Advisory GLSA 200701-20 - When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer overflow. Versions less than or equal to 4.21.0-r2 are affected.
a1f7767dbb2d379cb09fc4180b478e63b2d36e5bba8701fac6befa6f250e33f1Mandriva Linux Security Advisory - A vulnerability in squid was discovered that could be remotely exploited by using a special ftp:// URL. Another Denial of Service vulnerability was discovered in squid 2.6 that allows remote attackers to crash the server by causing an external_acl_queue overload. Additionally, a bug in squid 2.6 for max_user_ip handling in ntlm_auth has been corrected.
11540046c10ad3af9debd60876f59d47e79624788a04c5462e7c0ac8c1a3673cGentoo Linux Security Advisory GLSA 200701-19 - Tavis Ormandy of the Gentoo Linux Security Team has discovered that the file gencert.sh distributed with the Gentoo ebuild for OpenLDAP does not exit upon the existence of a directory in /tmp during installation allowing for directory traversal. Versions less than 2.1.30-r10 are affected.
5468113777086781392051d7368fa75858c1ae56199c6ef6e639886a4a0c0f44Ubuntu Security Notice 411-1 - Roland Lezuo and Josselin Mouette discovered that the HTTP server code in libsoup did not correctly verify request headers. Remote attackers could crash applications using libsoup by sending a crafted HTTP request, resulting in a denial of service.
78466fc80920f0fd557bd484850d7ec3e2c3194723ffe8f0d8018cd2ed6fb697Gentoo Linux Security Advisory GLSA 200701-18 - Due to the improper handling and use of format strings, the errors_create_window() function in errors.c does not safely write data to memory. Versions less than 0.99.5_pre20060716 are affected.
8c21d5b78b307ad1d75637fd491cecc5c3b4b07b492ec0dd2ef3b403bf8e6d86Mandriva Linux Security Advisory - A slew of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.
e7b641de127f69ce0a081b499798c0bf28627c5b51adffd9f4484360bf668fc8SUSE Security Announcement - This update fixes a remotely exploitable denial-of-service bug in squid that can be triggered by using special ftp:// URLs. Additionally the 10.2 package needed a fix for another DoS bug and for max_user_ip handling in ntlm_auth.
1469a0f69055d3f88f2ea053c782a2513e948289eac73e651405ac77e1c5e98bUpload Service version 1.0 suffers from a remote file inclusion flaw.
ba0bfa958df599ce727eaf211393014b2e9944204f9b13abb3650607af4ea8eeGentoo Linux Security Advisory GLSA 200701-17 - Liu Qishuai discovered that glibtop_get_proc_map_s() in sysdeps/linux/procmap.c does not properly allocate memory for storing a filename, allowing certain filenames to cause the buffer to overflow on the stack. Versions less than 2.14.6 are affected.
ee1a93bedee22e4acbb3bbdddfac57e9eecf06c73b90cde4089d6ae5ae2fb12eSyScan 07 Call For Papers - The Symposium on Security for Asia Network (SyScan) aims to be a very different security conference from the rest of the security conferences that the information security community in Asia has come to be so familiar and frustrated with. SyScan intends to be a non-product, non-vendor biased security conference. It is the aspiration of SyScan to congregate, in Singapore, the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia.
3a1ef440f328035f1853d850e904335dc8991db7c0a9b0d2b5889999028ed6ecMandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.
ad52671748d44b66eb8be6798b1b0881f0e6bf8f92e2ecb7487b826152d5b76bGentoo Linux Security Advisory GLSA 200701-16 - Adobe Acrobat Reader in stand-alone mode is vulnerable to remote code execution via heap corruption when loading a specially crafted PDF file. Versions less than 7.0.9 are affected.
5b407216e87ea84e50448fe21e241bece83b951de5dd418880925a300925fb69Gentoo Linux Security Advisory GLSA 200701-15 - Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an unspecified vulnerability in Sun JDK and Sun JRE relating to unintended applet data access. He has also discovered multiple other unspecified vulnerabilities in Sun JDK and Sun JRE allowing unintended Java applet or application resource acquisition. Versions less than 1.4.2.13 are affected.
63830323e08b92fc6b4b1f109445b2c51b1e53ed641374b3a9b53574564d0cdeGentoo Linux Security Advisory GLSA 200701-14 - Mod_auth_kerb improperly handles component byte encoding in the der_get_oid() function, allowing for a buffer overflow to occur if there are no components which require more than one byte for encoding. Versions less than 5.0_rc7-r1 are affected.
88dd7ce1d595e333c09159258811c30bc62e956ecedb085b66b98b5b09190992Technical Cyber Security Alert TA07-022A - The Sun Java Runtime Environment contains multiple vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
436ac73973feffa44cc829c5d34b78dc1d943464a304bd115115b88395122383Bitweaver version 1.3.1 is susceptible to cross site scripting attacks.
3c529894f4f1dae48debfb510b1132234ee5cd8c473db9dfd614319f61e4c675Microsoft Visual C++ 6.0 is prone to a stack based memory corruption vulnerability during the processing of .RC resource files. Exploit included.
8696e5a5416cd2f40b051e194616ca6a631f2a6140fa34b75255ec156816cf72Check Point Connectra End Point is susceptible to a bypass flaw.
9c4bd92a1c99cc73f4cff85e7926a401ced28074124ee8b438d2858e5df2c682Fish Cart is susceptible to SQL injection attacks.
2a6bbf15f38a3aa2d131fc77d3ed42070f0ce7357d7ee50f55e87b2ad61f7727Month of Apple Bugs - A vulnerability exists in the handling of ARGB records (Alpha RGB) within PICT images, that leads to an exploitable memory corruption condition. This is the proof of concept exploit in .pct format that demonstrates this vulnerability.
cae45c1818004c6d0fa86b4df9d9713a53b3af47e14c3b7813983523855384baMonth of Apple Bugs - InputManager provided by the user. Code within the input manager will run under wheel privileges. In combination with diskutil and a wheel-writable setuid binary, this allows unprivileged users to gain root privileges. This is the proof of concept exploit that demonstrates this vulnerability.
649846dcedfd17c9b293d5b586249ab6641f7f2f4b7077ce8728d64523c3794eMonth of Apple Bugs - The preference panes setuid helper, writeconfig, makes use of a shell script which lacks of PATH sanitization, allowing users to execute arbitrary binaries under root privileges. This is the proof of concept exploit that demonstrates this vulnerability.
bc6a6482959f9f36bea4aefc8de705de29960037c93a88c4c71f6382b1e18c26Month of Apple Bugs - Apple iChat AIM URI scheme (referred as the 'url handler') handling is affected by a classic format string vulnerability, allowing remote users to cause a denial of service condition or arbitrary code execution. This is the proof of concept exploit that demonstrates this vulnerability.
c72c10a4e48008dc4508828d784627e557382e0c510236900986c74a82eab3f4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed