Technical Cyber Security Alert TA09-105A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
94105afd3b535cdfbefb6dcced0c507848f22cf6a98ab82edfcc63bac48889b8Debian Security Advisory 1771-1 - Several vulnerabilities have been discovered in the ClamAV anti-virus toolkit. Attackers can cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error. Attackers can cause a denial of service (infinite loop) via a crafted tar file that causes (1) clamd and (2) clamscan to hang. Attackers can cause a denial of service (crash) via a crafted EXE file that crashes the UPack unpacker.
dd4582c7ce66daa9cb0edcf432b78f10bb534cdb0ba8461534b5101238db5c9ciDefense Security Advisory 04.15.09 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s Advanced Interactive eXecutive (AIX) could allow an attacker to gain root privileges. The set-uid root binary "muxatmd" concatenates the calling program name with the static string ".pid". The destination buffer passed to the function call used for concatenation is a static-sized stack buffer. Since no bounds checking is performed, a stack-based buffer overflow can occur when a long program name is given. iDefense has confirmed the existence of this vulnerability in IBM Corp.'s AIX version 5.3 (5300-09-02-0849). Other versions may also be affected.
3b317e77470c29314f27d74a37e2613a44dff497e0d08d313ad991e166571d2aiDefense Security Advisory 04.14.09 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the content of a Word97 format file. When reading in the data, the code uses a 32-bit integer from the file to check a buffer length while using the lower 16-bit value to do the actual copy. This results in a stack buffer overflow. This stack buffer is overwritten with data from the file. iDefense has confirmed the existence of this vulnerability in Wordpad on Windows 2000 SP4. Windows XP SP3 is not affected. Vista and Server 2008 are not affected as they no longer contain the Word97 converter.
619400cb987192e72c2d05da51ff52e996d4d4c10414389a155b0889e87cb2bfSKPD is a tool that will dump a running process to an executable ELF file. Written to work on various flavors of Linux.
ec6d74a7d74610444f1b0d45a29b83d2bd0391a4c0b5188f859e0f0881d2597fSEC Consult Security Advisory 20090415-1 - The Nortel Application Gateway 2000 versions 6.3.1 and below suffer from a password disclosure vulnerability.
6a602258e8f29deb14f3eb5ff281f26e0e43c3f7484aceaeafab1860a788f32dSEC Consult Security Advisory 20090415-0 - Multiple vulnerabilities have been identified in Novell Teaming. These include enumeration of usernames, information disclosure, and cross site scripting flaws. Version 1.0.3 is vulnerable.
e32f1a48232fe353e2a85526ef291e78bafffd7789d861410bca9cc87b1b1dc3The perl-status utility as included with Mod_perl suffers from a cross site scripting vulnerability.
de439bb421e77dc689929ce1ef77502f19c9bc54c7d2836c7d566630c8db74c5Secunia Research has discovered a vulnerability in the Oracle BEA WebLogic Server plug-ins for web servers, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing certificates and can be exploited to cause a stack-based buffer overflow by supplying a specially crafted certificate. Successful exploitation may allow execution of arbitrary code. Oracle BEA WebLogic Server Plug-ins version 1.0.1166189 is affected.
5074d6ba3a66e64cbd2128beff95b591a78d8db4beb783f1de7c833c207d8698Secunia Research has discovered a vulnerability in the Oracle BEA WebLogic Server plug-ins for web servers, which can be exploited by malicious people to compromise a vulnerable system. The Oracle BEA WebLogic Server can be configured to receive requests via an Apache, Sun, or IIS web server. In this case, a plug-in is installed in the Internet-facing web server that passes the request to a WebLogic server. An integer overflow when parsing HTTP requests can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Oracle BEA WebLogic Server Plug-ins version 1.0.1166189 is affected.
dc03394e303c7b0bb15553655fc95276584fa1a608c7c0de7c576dc9a80e81c2Secunia Research has discovered a security issue in SAP GUI, which can be exploited by malicious people to gain knowledge of sensitive information, corrupt files, or compromise a user's system. The problem is that the bundled KWEdit ActiveX control (KWEDIT.DLL) provides the insecure method "SaveDocumentAs()", which saves an HTML document to a specified location. This can be exploited in combination with e.g. the "OpenDocument()" method to disclose the contents of files or to execute arbitrary code on a user's system. SAP GUI versions 6.40 Patch 29 and 7.10 Patch 5 are affected.
7618d00c720ce23c45412fe3d1fdff7227a5fd75d55de1cf1bf99df89823fb97Secunia Research has discovered a vulnerability in DivX Web Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a signedness error in the processing of "STRF" (Stream Format) chunks. This can be exploited to cause a heap-based buffer overflow via a specially crafted DivX file. Successful exploitation may allow execution of arbitrary code by tricking a user into visiting a malicious website. Version 1.4.2.7 is affected.
54ea8ecf7fafd5257e181eedfb9f4396be203de36a9e6faff27b7efd86841baaSniffJoke is middleware software for Linux that is managed by a web interface and enables connection scrambling technology, also known as sniffer evasion techniques.
5ddc5fffbed7e6ff9f0d22260acc4ad37ef5df2df0d55152510d368444648800The Call for Papers (CFP) for Hack In The Box 2009 Malaysia is now open.
7c60af675478f7689b55ce8070ad77da22186991b5523b7f99741d5116216eb0Mozilla Firefox version 3.0.8 zero buffer check memory exhaustion and leaking proof of concept exploit.
55bd1981802453b04fbaae6651ddbd514ddedb2596dd3a86acb01ecb680355eeFreeWebShop.org version 2.2.29 RC2 suffers from a local file inclusion vulnerability.
fcaa444b46cf486b74ca1eee5bf5cf6c70b16e27bbad26ad6348f3eff8e19a58Job2C version 4.2 suffers from a local file inclusion vulnerability.
8b5937336d357e213ed1b0430b8eda1904d04ce46f4ce49fb98c9c5dc0a655e3Ubuntu Security Notice USN-758-1 - Sebastian Krahmer discovered that udev did not correctly validate netlink message senders. A local attacker could send specially crafted messages to udev in order to gain root privileges. Sebastian Krahmer discovered a buffer overflow in the path encoding routines in udev. A local attacker could exploit this to crash udev, leading to a denial of service.
403f65c16827af7fc2d3ec856ded0e4c8179780173a8be6bb4a0c8d2bb73a00bUbuntu Security Notice USN-757-1 - Multiple vulnerabilities have been discovered in Ghostscript including a buffer underflow, denial of service, and code execution issues.
81628368b5aa45c28e702d4a6611558e09155398789324be0033f0f2ca44655cAria News suffers from remote SQL injection and cross site scripting vulnerabilities.
a389a2803ba19296806e9b594a0757403db2341a931ec39bf8bf6fa0291e11adA memory corruption vulnerability exists in Microsoft Office Excel which allows a remote attacker to compromise a system through a malicious document.
7a0c64574b2e01dbddc971f3557dfe31f8e6283bdc787167adabb29625283c88Zervit webserver version 0.02 suffers from a remote buffer overflow vulnerability.
716906102683fa275b36132876acd90673d96c37d9e4bf2fde2d57aac7f91d11Microsoft Windows Media Player integer overflow proof of concept exploit that creates a malicious .mid file.
18ac2d4542c7532118a30e5bf04569dc034bf7867da5c21434505321366f7458The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.
95bfe19dedc636526256f37438d735afed7e3a31e16e81546c01629c445b4defStar Downloader Free versions 1.45 and below universal SEH overwrite exploit.
ab6dea0952c0b1a664d818019ec8054f3e16fc46645f68d5dce4ff804577a426
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed