Core Security Technologies Advisory - The NASA BigView package suffers from a stack buffer overflow when parsing specially crafted (invalid) PNM input files. If successful, a malicious third party could trigger execution of arbitrary code within the context of the application, or otherwise crash the whole application.
e485520020981d3b3ed65b4b395b30ad8f4b39e901af7cdacb5e619551524084A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard StorageWorks Storage Mirroring. Authentication is not required to exploit this vulnerability.
a118c902376643ce29a17845a8997a5aba2deb72b473632718632d8308a20b8dA vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust SCM. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When issuing a request for a FTP service the process tries to decorate the contents of the transaction. In this particular case by specifying a overly long response to a LIST command a stack buffer can be overflowed. Successful exploitation can lead to complete system compromise under the SYSTEM context.
2b2f62d1683e52865e78f6f6f880a3489ddaed22b8cd6ba19e467337e9bb9828A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When issuing a request for a FTP service the process tries to decorate the contents of the transaction. In this particular case by specifying a overly long response to a LIST command a stack buffer can be overflowed. Successful exploitation can lead to complete system compromise under the SYSTEM context.
21e34cfd4839c547032ac5c2ccba71e32a4eaf4e2b2c53ce492ba25976122967VMware Security Advisory - Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues.
f098818652aa3effa44d42e138d658b7a0d4635486d171c6267c1242f5e9088eCisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. The first four vulnerabilities may lead to a denial of service (DoS) condition and the fifth vulnerability may allow an attacker to bypass control-plane access control lists (ACL).
e19124f08141814c581210137b97e74c25fff746475cfb4c26f68626344aab8bAkamai has become aware of a security vulnerability within the Akamai Download Manager up to and including version 2.2.3.5 of the ActiveX control.
424af193790920e4b9b1ef0bea10d815b1d41b449c2590c55487dd4a567af367PHP-Address Book versions 3.1.5 and below suffer from SQL injection and cross site scripting vulnerabilities.
c15e3511342a7565849f9794cfffde5571f835fa3d25be275ee6256060d17ce7Joomla EasyBook component version 1.1 remote SQL injection exploit.
539fc3006753d8b802e442ff3581a7482a7015320f5e7bf94b375a50336f4fc9This Metasploit module exploits a stack overflow in the authentication mechanism of NSI Doubletake which is also rebranded as the HP Storage Works vulnerability found by Titon of Bastard Labs.
b11b8864bed5bd764f0e67506b966fe1a60547bd6c1146f232f001f64533ab69iDefense Security Advisory 06.04.08 - Remote exploitation of a security policy bypass in Skype could allow an attacker to execute arbitrary code in the context of the user. The "file:" URI handler in Skype performs checks upon the URL to verify that the link does not contain certain file extensions related to executable file formats. If the link is found to contain a blacklisted file extension, a security warning dialog is shown to the user. The following file extensions are checked and considered dangerous by Skype; .ade, .adp, .asd, .bas, .bat, .cab, .chm, .cmd, .com, .cpl, .crt, .dll, .eml, .exe, .hlp, .hta, .inf, .ins, .isp, .js. Due to improper logic when performing these checks, it is possible to bypass the security warning and execute the program. iDefense confirmed version 3.6.0.248 of Skype to be vulnerable. Previous versions are also suspected to be vulnerable.
6e1d4278ddd25067bb3840166b2556601b051ac2ab7e7e7434da7c39d4abd6c3iDefense Security Advisory 06.04.08 - Local exploitation of a stack-based buffer overflow in Kaspersky Lab's Internet Security could allow an attacker to execute arbitrary code in the context of the kernel. The kl1.sys kernel driver distributed with Internet Security contains a stack-based buffer overflow in the handling of IOCTL 0x800520e8. This issue is caused by a failure to properly perform bounds checks on user-supplied data that is passed to the swprintf function as a source buffer. The destination buffer in this case is a 2,000 element wide-character array. If the source buffer exceeds 2,000 characters, a buffer overflow will occur leading to the execution of arbitrary code. Kaspersky Lab's Internet Security version 7.0.1.325 is confirmed to be vulnerable to this issue. Previous versions are also suspected to be vulnerable.
76b1a9b68c1292103ca437e858f41f941b735e53432fe2069ab285b88ffe6825iDefense Security Advisory 06.03.08 - Remote exploitation of design error in Sun Microsystem's Java System Active Server Pages allows attackers to bypass administration server authentication mechanisms. The vulnerability exists due to improper design of the ASP application server. The administration application server exists as a stand-alone service that listens on TCP port 5102. By connecting directly to this service and making requests, attackers are able to bypass authentication mechanisms introduce by the administration HTTP server. iDefense has confirmed the existence of this vulnerability within version 4.0.2 of Sun Microsystems Inc.'s Java System Active Server Pages. Older versions are suspected to be vulnerable.
2d4b1c50109624d2045044c60d6b665894482900ea27dac1d1192bf883ed8983iDefense Security Advisory 06.03.08 - Remote exploitation of multiple command injection vulnerabilities in Sun Microsystem's Java System Active Server Pages allows attackers to execute arbitrary code with root privileges. These vulnerabilities exist within several ASP applications that execute shell commands. The problem lies in the fact that these applications do not filter or escape the parameters passed to these commands. By inserting shell meta-characters into an HTTP request, an attacker is able to execute arbitrary shell commands. iDefense has confirmed the existence of these vulnerabilities within version 4.0.2 of Sun Microsystems Inc.'s Java System Active Server Pages. Older versions are suspected to be vulnerable.
bb385586ed5b085d8de367bb6c7da6fe1d3365325ddb8e023922c855c7c1387ciDefense Security Advisory 06.03.08 - Remote exploitation of a buffer overflow vulnerability in Sun Microsystem's Java System Active Server Pages allows attackers to execute arbitrary code in the context of the ASP server. The vulnerability exists within the request handling code within the ASP server. An attacker supplied string is copied into a fixed size stack buffer without first validating that there is sufficient space available. By supplying a specially crafted request, an attacker can cause a stack-based buffer overflow. iDefense has confirmed the existence of this vulnerability within version 4.0.2 of Sun Microsystems Inc.'s Java System Active Server Pages. Older versions are suspected to be vulnerable.
e2f254af6aff69047008749f49ba6f0fb9cd30aa7d3d81dc5c29e530df9bbcffiDefense Security Advisory 06.03.08 - Remote exploitation of multiple directory traversal vulnerabilities in Sun Microsystem's Java System Active Server Pages allows attackers to obtain the contents of, and delete, sensitive files on the system. Both vulnerabilities exist within ASP applications included with the product. When accessed via the administration server, the ASP engine does not prevent directory traversal using the "../" construct. By supplying a specially crafted HTTP request to one of the affected ASP applications, an attacker is able to read from arbitrary files. One of the applications will disclose only the first and third lines of the file. Once the application is finished processing the file, it will delete it. iDefense has confirmed the existence of these vulnerabilities within version 4.0.2 of Sun Microsystems Inc.'s Java System Active Server Pages. Older versions are suspected to be vulnerable.
06339fb58e85c14dade0d0848d5a3801cfdec62e2742d377201912f9e58723d2Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Evolution, which can be exploited by malicious people to compromise a user's system.
4ba89345600b74c0ae0b9a170b553cdc1d10cef5db03ab8d1160a515c8c14573Secunia Security Advisory - His0k4 has discovered a vulnerability in the JooBlog component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
34389448a565aa51fbafb055807736e12a9a9a117427253ddd59e9fe141d4d11Secunia Security Advisory - A vulnerability has been reported in Sleipnir, which can be exploited by malicious people to execute arbitrary script code.
98c1015799b378dcfe3c453a7811dc18cca644dfe6831d2fbc531edfab16e2ddSecunia Security Advisory - Lidloses_Auge has reported a vulnerability in CMS Easyway, which can be exploited by malicious people to conduct SQL injection attacks.
7cc587ad7938619c019530058a710e304605c080412ce1ecd296bf3bbe759cb1Secunia Security Advisory - AmnPardaz Security Research Team has reported multiple vulnerabilities in QuickerSite, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, script insertion attacks, SQL injection attacks, and potentially compromise a vulnerable system.
ee6c5c037cd047d7e47aeb0aa26dc74a9f067bacd0c02b6dc5535e3768ce97b9Secunia Security Advisory - Bl@ckbe@rD has reported a vulnerability in Battle Blog, which can be exploited by malicious people to conduct SQL injection attacks.
e00de43175040137fd8477381ee9dd4912e3a273df9da23027b87365cbebf26cSecunia Security Advisory - His0k4 has discovered a vulnerability in the IDoBlog component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
93a43c78ce7004e8cb3ce89f2028c0eba78e5b67336451af5ad8762c698ef922Secunia Security Advisory - Nine:Situations:Group::SnoopyAssault has discovered a vulnerability in Icona SpA DownloaderActiveX ActiveX Control Module, which can be exploited by malicious people to compromise a user's system.
ae7f67cec1dc3ecdf5d0fdb2037c7acc85f47ce2e6644f1f1aad477b25ea7286Secunia Security Advisory - His0k4 has discovered two vulnerabilities in the JoomRadio component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
6b23f63fd510266326d8eee7d0df777870e6f5bcf9b51b27ad6c64559ec163eb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed