CA ARCserve Backup for Laptops and Desktops contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.
5454620d885de990b879969d7c8d672b34a987080f8b5bfd71c41320e3bc6593A vulnerability allows remote attackers to extract IP addresses visited through the SOCKS4 Proxy on vulnerable ISA Server installations. Authentication is not required to exploit this vulnerability. This specific flaw exists when an empty packet is sent to the SOCKS4. The server will return a packet containing the last IP address it proxied to.
f30d0f1e2eb43b479f7d970aebd91125dc694b6b614b48a7bc103ad84491b0bcThe NetSupport Manager client that listens on TCP port 5405 does not properly handle authentication sessions. It is possible to pose as the NetSupport Manager, associate to a client, and then issue commands without performing the authentication sequence. Both the basic and advanced authentication schemes can be bypassed in the same manner. When properly exploited, this flaw will results in a complete compromise of the target system. Version 10.20 is susceptible.
a7aa7a89ba82c8c08a48411e2af71abe65594cf6df8a1bfd651ca4314c53d9dfThe Barracuda Spam Firewall with firmware version 3.4.10.102 suffers from a cross site scripting vulnerability.
73c210a75e96db9b0ef220f0c9d717f3b8fe755f378c8347463d89062fd2a53eRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
a46610fc761e61f4f85750693f6e17aafa3a47e24e8cef76401f67d25e94d186EB Design Pty Ltd suffers from multiple remote vulnerabilities in EBCRYPT.DLL version 2.0.
64e9cfc0021a7f031209234997abfa4c823ce8ce2d3a653528c729abb2ce4d12AskJeeves Toolbar version 4.0.2.53 ActiveX remote buffer overflow exploit.
0a3890122c69043fae4c5cc4605243b6dec0e894f55f72492fb37a47c1822c75Xitami Web Server version 2.5 remote buffer overflow exploit that spawns calc.exe.
60660998d133283bc88a1ec5a304f2ebfe9239ed5de4ef86b8b7f70b2f86b6e5EasyMail MessagePrinter Object buffer overflow exploit that makes use of emprint.DLL version 6.0.1.0.
ef38c253e5f6159950c93daca6f0f601d24318dd711729c8dcbe93c1154b92d0IPSwitch IMail Server version 8.0x remote heap overflow exploit with connect-back shellcode.
a5363271012a058fb9a6669c3d86455f5a9b0066909dd74798b8d10d90c59905sk.log versions 0.5.3 and below suffer from a remote file inclusion vulnerability.
e83dfae8de90183d56fb0d14e9b13c0fb45ef971e4f6a2e8690734777a513adcDFD Cart version 1.1 suffers from multiple remote file inclusion vulnerabilities.
a99140c4d562a84ac318e3e7d542019e5338c5fd3cb53ee6b642c034bd5c1ef3phpFullAnnu version 6.0 suffers from a remote SQL injection vulnerability.
c73afb2e15ac32ad94eafe50d378f6d490a57f829113a00c457e8327e73faaecHelplink version 0.1.0 suffers from a remote file inclusion vulnerability in show.php.
0f9090c3fefd61f60261dc676243ccd5f06924ddc6dc6404a5c4e47a334a6757PHP-Nuke addon Nuke Mobile Entertainment version 1 suffers from a local file inclusion vulnerability.
3e3b2dc8f026993f69b0ad60da73b06f413998d7a819bfdf4b0210b8301cd0a4WordSmith version 1.0 RC1 suffers from a remote file inclusion vulnerability in config.inc.php.
0b29b8d86e0901fc1cfcfa37acbb400b7336821b6028d29f532a6285bb85d174Black Lily 2007 suffers from a remote SQL injection vulnerability in products.php.
27325fe7025b4adb9c04ced45314d2b25770832f733eb24218a82971c84bba86Clansphere 2007.4 suffers from a SQL injection vulnerability.
c67c580183912ac663e02568f6f6a2068dd0794f790055fcadc892506c91774bCMS Made Simple version 1.1.2 suffers from a remote code execution vulnerability.
530f5de900e630d298e02ee74a835040cde0185a873b831031c50a2a663e12b6iziContents version RC6 and below suffer from multiple remote and local file inclusion vulnerabilities.
2b38f77b836705cb82aaebfd5e5ae5065364febb7a695a15cce7e68ba24f5d5aNeuron News version 1.0 suffers from a local file inclusion vulnerability.
371eb8ac5be5bb79c09f39272e06ff2ed57c735e59ae285fcbeef016b6ae489fDebian Security Advisory 1377-2 - Matthias Andree discovered that fetchmail, an SSL enabled POP3, APOP and IMAP mail gatherer/forwarder, can under certain circumstances attempt to dereference a NULL pointer and crash.
4ee92c1fad9f4edda0d63f1087baa06c396a1ddbdf9a9f5cdba81ff9949d9832Debian Security Advisory 1377-1 - Matthias Andree discovered that fetchmail, an SSL enabled POP3, APOP and IMAP mail gatherer/forwarder, can under certain circumstances attempt to dereference a NULL pointer and crash.
16ad80fc16b60510da6fad11ac0f5d822a84d3e12ea6688cdd824ab610d0e4faDebian Security Advisory 1376-1 - iKees Huijgen discovered that under certain circumstances KDM, an X session manage for KDE, it is possible for KDM to be tricked into allowing user logins without a password.
490fbb9332aa848c9c36f0ac94c6af9792e5dd2a801cddb4ffdff130febedee3Secunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in Xitami, which can be exploited by malicious people to compromise a vulnerable system.
2f6f5c8a417bebbe53bc95029ddf6264fde3a97577ba277bea41498fd52add4d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed