Gentoo Linux Security Advisory GLSA 200706-03 - Arnaud Giersch discovered that the add_filename_to_string() function in file intl/gettext/loadmsgcat.c uses an untrusted relative path, allowing for a format string attack with a malicious .po file. Versions less than 0.11.2-r1 are affected.
8d7e63c6ab6f0de085de5c4192022d277d750df211de20f98ce2f25dfddd2f7eGentoo Linux Security Advisory GLSA 200706-02 - Ulf Harnhammar from Secunia Research has discovered a format string error in the write_html() function in the file calendar/gui/e-cal-component-memo-preview.c. Versions less than 2.8.3-r2 are affected.
71360f7d5a83f20506cb31ba8e95914f7f36eb539553e2c72ca0778680ff566fDenyHosts, Fail2ban, and BlockHosts are vulnerable to remote log injection attacks that can lead to arbitrary injection of IP addresses in /etc/hosts.deny.
8bda772b2de34916e706de270c5be22d04dc763b90b83e944118ee2f55ecc07eLight Blog version 4.1 suffers from a cross site scripting vulnerability.
0f4ad51426b878029cf3cf08020f11932c9fe929c32258b7b1c0f83bfcbaf735RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
4b499055c970530937adabe851561a4416f87e34b7dce2603d9a670081022ec6iDefense Security Advisory 06.05.07 - Remote exploitation of multiple denial of service vulnerabilities in Symantec Corp.'s Ghost could allow remote attackers to crash the Ghost service. These vulnerabilities affect both the client and server daemons due to what looks like a shared communications library. The daemons listen on UDP ports 1346, and 1347 respectively. By sending a malformed UDP-based request to either service, an attacker can cause the service to crash due to an invalid memory reference. This condition can be caused by any of several unique requests. In each case, the particular cause for the access violation varies. iDefense confirmed the existence of these vulnerabilities using Symantec Ghost version 8.0.992 (as supplied with Ghost Solution Suite). Other versions may be vulnerable as well.
b66143fb85b4ecc4a638b1b0c2312cb75c9821753c09e18d841ae956fee69f82This whitepaper is a presentation of methods used to penetrate web servers with various examples and some ideas on how to fix the vulnerabilities.
ef69300e90e6306ca50fb24a0a83ab5e9f9ba12ac5c9957dbcffae9e0f7575bcThe CSIS Security Group has discovered an "Integer division by zero" flaw in the GDI+ component of Windows XP. Exploitation of this flaw can result in a denial of service condition.
7980b62bbb2093953a906e97875be655482e9335939734e9bd72a508ae4ef66eUbuntu Security Notice 469-1 - A weakness in APOP authentication has been discovered in Mozilla Thunderbird. Additionally, various flaws were discovered in the layout and JavaScript engines.
6a5b07673c9e18ef70ac98fb87c93a90eab38f92f0d5ba20debaed79ea4449caCacti suffers from a denial of service vulnerability when an authenticated user manipulates some parameters.
440e27ea43b2248169ef4a5a77bf56e93b2cb09dfb579ee25aa362b1faf3c7cfMandriva Linux Security Advisory - lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.
8233710d362155b2373263e89415fc48a34feb82e6aa5230f4f058d91e7f3699Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.
9b8196a0f22153c7a1013cdf750477fa3763792e4d21045d0f68564dabf789cfBeltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
47efe5d658ac943387fc635d10ed36b5d34a9d35abda43806256b427ca4bdaa1HP Tru64 remote secure shell user enumeration exploit.
08abc2bc8e46245c8a000cd064c55c818fc2dd3ec65867d82d5156554ce8a7d2IBM Tivoli Provisioning Manager PRE AUTH remote exploit that binds a shell to TCP port 4444.
274b58c71804e51a1b53bb25dfe6e426f2dad792e863c34a4944ce547967aa3aInternet Explorer 6 / provideo Camimage class (ISSCamControl.dll version 1.0.1.5) remote buffer overflow exploit.
3aab16ecb5367ff36e1d1932841b62652beb912e7e48c1e65e46180075fbf37dZenturi ProgramChecker ActiveX sasatl.dll remote buffer overflow exploit.
97a5b5c12e08ca387c7dd60f60fa00fd6d9b6f46289d6bc720ef1ef70cd7ef63Screen versions 4.0.3 and below suffer from an authentication bypass vulnerability when it is locked.
b967318756ba3a99cd10614a3f1df67c080af7881ed47503fbff5decaf6edf5aDVD X Player version 4.1 Professional .PLF file buffer overflow exploit.
78eb0dd0da83d8445be445af9b4b383c5c9621fc8177717c9ea0863ad505a8aeKartli Alisveris Sistemi version 1.0 suffers from a remote SQL injection vulnerability.
b187b77e1f0354623d283147f19244b2ffffdb3e270d322c7fbf299268944a99Wordpress version 2.2 remote SQL injection exploit that makes use of xmlrpc.php.
3e6963c3b5b7d011738fd48340c04cfcb6dac32b59ece096d209e950b7e598e8Comicsense version 0.2 remote SQL injection exploit that makes use of index.php.
1000c185bd868962ceeb0527ca535dd206f0f2f937059c498102bac6c17d3390PBLang versions 4.67.16.a and below remote code execution exploit.
ddea26ba775c98a928c93d671becbd34a279d12fb8fa4f8c9f3bf1cdda74fe0aMandriva Linux Security Advisory - A flaw how libpng handled malformed images was discovered. An attacker able to create a carefully crafted PNG image could cause an application linked with libpng to crash when the file was manipulated.
017e9fa350056fb86d18ca033b7d565a504ce7aadef5c8c7be4eb2fa8f4139dcMandriva Linux Security Advisory - The update to correct CVE-2007-1536 (MDKSA-2007:067), a buffer overflow in the file_printf() function, introduced a new integer overflow as reported by Colin Percival. This flaw, if an attacker could trick a user into running file on a specially crafted file, could possibly lead to the execution of arbitrary code with the privileges of the user running file. As well, in file 4.20, flawed regular expressions to identify OS/2 REXX files could lead to a denial of service via CPU consumption.
cae4022bb7ea6910fc77cadf0b9d709a67740bfc9477488f415d84f5f6312cdd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed