Secunia Security Advisory - Gentoo has issued an update for vixie-cron. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6070035454c1e8af3986e80de763036db2531328cdcd7a44331ca6f9bbee291dSecunia Security Advisory - Gentoo has issued an update for openoffice and openoffice-bin. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
b956867fd695ccc47e9ccff8a9fb98c3d8065ce0dd0649a659c9a6d11de9562aSecunia Security Advisory - Mandriva has issued an update for freeradius. This fixes a security issue, which can be exploited by malicious people to cause a DoS (Denial of Service).
8eaadb51ec2f7d0ec4a7ead686341e2a6a7e7d9b264c1614aeb0c25ae00dca66Secunia Security Advisory - Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to potentially compromise a vulnerable system.
2e9b01717c1135e437ceaa33c7ed0bd61d2988cbf18a8e983b82f12309b93f85Secunia Security Advisory - A vulnerability has been discovered in Simple PHP Scripts Gallery, which can be exploited by malicious people to compromise a vulnerable system or to disclose sensitive information.
fcdffc0f169020a7423aa17f46cb01c2a388970d8838bb356c0cc6b5851b4826Secunia Security Advisory - A vulnerability has been reported in the Wizz RSS News Reader extension for Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system.
d216147630a973eb70ee5fa075ad06ab5540cb5e359149f5efd318c4c6da7b04Secunia Security Advisory - David Vieira-Kurz has reported a vulnerability in oe2edit, which can be exploited by malicious people to conduct cross-site scripting attacks.
0baaf1dd7f82fc7bd4bdc70ad21fe89a7d31b1bbabbeb085a674c39cfa7ed205Secunia Security Advisory - Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
645c40de016fba29431c05b6fe55543973aae44489641d2435d096396168d933The backdoored version of OpenSSH 4.6p1. It logs passwords to /tmp/.sshell and also has the typical magic password.
e7b387ce9625c809ee37ee23445454a77300c36d5494e83ceaa8a7e4479c4b0dGentoo Linux Security Advisory GLSA 200704-10 - Kees Cook has discovered two vulnerabilities in Inkscape. The application does not properly handle format string specifiers in some dialog boxes. Inkscape is also vulnerable to another format string error in its Jabber whiteboard protocol. Versions less than 0.45.1 are affected.
86a76b321bf3aa5d24fec6730c05e55ad02b27f30a4bf14f46554cede7aa949dMicrosoft DNS Server remote code execution exploit and analysis. This exploit works against TCP port 445. Tested against Windows 2000 server SP4 and Windows 2003 SP2. Binds a shell to TCP port 4444.
da933bee902a9d0ad317df3b6dae1ddd4b4844a53889479f6ff633eed2376da5ZoneAlarm 6 hooks many functions in SSDT and in at least two cases it fails to validate arguments that come from the user mode. User calls to NtCreateKey and NtDeleteFile with invalid argument values can cause system crashes because of errors in ZoneAlarm driver vsdatant.sys.
fcd7bd87b13df86865442d572eb803649930e47135824d5a3559af5194aa811dProof of concept exploit that demonstrates a denial of service condition in ZoneAlarm 6.
62a8f322749e196b5ea633d8a4ba127bf4834b6daecd3c8cfb6cadc91c05dca8Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
30df6a5d4a591dcd4acd7d4cce54dcfd260280fce6bbc9d19d240967bcdabbfaNuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
a89986e8b3fc0401074ee8f2824fab0b6f44355b9699f03db1b85ef5de67e88bFTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
8d25ea7a5778438fcee469f8824aa64b3a209769d358260e6c94a927e7064e58FlashFXP Account Spy 1.5 - Utility to capture login credentials of FlashFXP.
0b06a8ba5caf53a8edbfb021db532e04486671fe7835b9c6c4e5f9737aeb2121Microsoft Windows DNS DnssrvQuery() stack overflow exploit. Binds a shell to TCP port 4444.
9a0d4f0a88750a0b158b64ad37458f8acd0311b1d32be48d548093923aee9e46XAMPP for Windows version 1.60a and below remote buffer overflow exploit that makes use of adodb.php/mssql_connect().
e8b8148137ce07d3d758b2ae85fc587a23a57f19191b4d7d62e9980449cf192eRemote exploit for the Microsoft Windows DNS RPC service vulnerability. Tested on Windows 2000 SP4. Binds a shell to TCP port 4444.
52be5bb153f92f69f6c22aada5a4bf41e884d3ca129b013c5861c86b7ca83c81Internet Explorer NCTAudioFile2.AudioFile Active-X remote overflow exploit.
bacae3d65db1f95466d499e6b178ee67c525bd6f876be6d241308b333ab8cd6cProFTPD versions 1.3.0 and 1.3.0a local overflow exploit.
f226fa4b69a0b38b89856b6fdf13dd0cae57a2c097428ced1cb703ee6948d130XOOPS module tsdisplay4xoops version 0.1 suffers from a remote file inclusion vulnerability.
8d1aff9a80dd183ee98a0c42e254bac83ce2a5b96fd12369b2a4909fbf4d4718StoreFront for Gallery suffers froma remote file inclusion vulnerability.
b701422b79589090c868b33c0646654499c4c1ecfe555d915493f46c504450b4SunShop Shopping Cart versions 3.5 and 4.0 suffer from a remote file inclusion vulnerability.
07272df07d81f6395d02745c33c415a8100656fbcdea55eff2e63e73fbc5cb78
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed