Secunia Security Advisory - Debian has issued an update for glibc and eglibc. This fixes a security issue which can be exploited by malicious, local users to disclose sensitive information.
8bc7d793dbdd24f549ebf33df39966a8c8b480cf126545b29f9137b19274ef89Panda Security suffers from a local privilege escalation vulnerability. Proof of concept code included. This is an updated version of the original advisory.
68c919cfbbcaab6c8202cec461ff70cb5276a6228828dd6772a6c974b0ae4c75Zero Day Initiative Advisory 10-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Asset Management. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficient sanity checks on the documentID parameter to the docfiledownload component. A carefully crafted parameter can result in direct SQL access to the underlying SQL Server database which can be further leveraged by an attacker to potentially execute arbitrary code.
dbed8d04e273771933d3b4da838a3a601689977a848150c4023cb76a10ddc0a519 bytes small Win32 Calc.exe shellcode.
019eda4d4389bfff8259d75682c620fad8b3fa62585b5d47408cb638fae846fcCisco Security Advisory - CiscoWorks Internetwork Performance Monitor (IPM) versions 2.6 and earlier for Microsoft Windows operating systems contain a buffer overflow vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code. There are no workarounds for this vulnerability.
f0e30bb50d61457d3ef1a8c4bca1ec714f17c9b65ce6a0f5eaf039c14adf4f21Mandriva Linux Security Advisory 2010-021 - The original fix for was found to be incomplete. BIND was incorrectly caching certain responses without performing proper DNSSEC validation. CNAME and DNAME records could be cached, without proper DNSSEC validation, when received from processing recursive client queries that requested DNSSEC records but indicated that checking should be disabled. A remote attacker could use this flaw to bypass the DNSSEC validation check and perform a cache poisoning attack if the target BIND server was receiving such client queries. There was an error in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records proven by NSEC or NSEC3 to exist) to be cached as if they had validated correctly, so that future queries to the resolver would return the bogus NXDOMAIN with the AD flag set. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally BIND has been upgraded to the latest patch release version.
fde9ce451295f0fdc7dc688f5f0672ee2a2653ca75f5f9708eab123dfd58073cUbuntu Security Notice 890-1 - Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
d4220160b2265aec5952c4517574f263f4c2b458f115db9b08bc867f153d8cbdUbuntu Security Notice 889-1 - It was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Aki Helin discovered that gzip incorrectly handled certain malformed files compressed with the Lempel
2d7b396c190d62a5aab0c1e1b39b06e60d46fda949cf0f9f8483b808e93b4b85Chipmunk news version 2.0 suffers from cross site scripting vulnerabilities.
1a7514898635ae897044cd042b55cbcf726734c49336957080185ba5a1a99863Ubuntu Security Notice 888-1 - It was discovered that Bind would incorrectly cache bogus NXDOMAIN responses. When DNSSEC validation is in use, a remote attacker could exploit this to cause a denial of service, and possibly poison DNS caches. USN-865-1 provided updated Bind packages to fix a security vulnerability. The upstream security patch to fix CVE-2009-4022 was incomplete and CVE-2010-0290 was assigned to the issue. This update corrects the problem. Michael Sinatra discovered that Bind did not correctly validate certain records added to its cache. When DNSSEC validation is in use, a remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.
0cfe920e44dece7a866b45de4a885c3fdd90cec12f9a05bff742df28193d5751Mandriva Linux Security Advisory 2010-020 - A missing input sanitation flaw was found in the way gzip used to decompress data blocks for dynamic Huffman codes. A remote attacker could provide a specially-crafted gzip compressed data archive, which once opened by a local, unsuspecting user would lead to denial of service (gzip crash) or, potentially, to arbitrary code execution with the privileges of the user running gzip. An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
7980610906396d3404f249abea3a118e88d040bb5af629574f6c48ec40499772Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7 NtVdmControl()->KiTrap0d local ring0 exploit. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
6a0ec1b7f7b4f802f1a7194731df55893de13da5d1130f531f16e715e4a747a4Secunia Research has discovered a vulnerability in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input sanitation error when handling "fileName" parameters passed to /goform/formExportDataLogs. This can be exploited to overwrite arbitrary files with almost arbitrary data via directory traversal attacks. Successful exploitation allows execution of arbitrary code. Version 4.2.9 is affected.
be4b9c605f1e45334909465187ee5e897a6299693f76211f87cc8076ab39e313Secunia Research has discovered a vulnerability in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when processing parameters sent to the /goform/formExportDataLogs URL. This can be exploited to cause a stack-based buffer overflow via an overly long "fileName" parameter. Successful exploitation allows execution of arbitrary code. Version 4.2.9 is affected.
fbf4697d7b193b303eab401b5d9ec51a535b6334f69e22214ec5cb25d1d89dd6Secunia Research has discovered four vulnerabilities in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by four integer overflow errors when processing a certain block type. These can be exploited to cause heap-based buffer overflows via specially crafted Shockwave files. Successful exploitation allows execution of arbitrary code. Version 11.5.2.602 is affected.
2b675879c41d33b1cef80c5262c5a1ef851e8b47dff731fcab135b0972822b31
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed