Mandriva Linux Security Advisory 2011-196 - ipmievd as used in the ipmitool package uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file. In Mandriva the ipmievd daemon from the ipmitool package does not have an initscript to start and stop the service, however one could rather easily craft an initscript or start the service by other means rendering the system vulnerable to this issue. The updated packages have been patched to correct this issue.
e7ceb452eacf5294054577ed0e7859c33ab09a7e6112efc684299aa6865ac1a1Most hash functions used in hash table implementations can be broken faster than by using brute-force techniques (which is feasible for hash functions with 32 bit output, but very expensive for 64 bit functions) by using one of two "tricks": equivalent substrings or a meet-in-the-middle attack.
5ba7d905a60a09b9e51b4bfc83a4c27718fe15666e0535630b7937cc69f6152fMIT krb5 Security Advisory 2011-008 - The telnet daemon (telnetd) in MIT krb5 (and in krb5-appl after the applications were moved to a separate distribution for krb5-1.8) is vulnerable to a buffer overflow. The flaw does not require authentication to exploit. Exploit code is reported to be actively used in the wild.
94f4852b4ef0d480fd44f6fff8a1a449daff42441b00c788d6970db82695afc2Mandriva Linux Security Advisory 2011-195 - A vulnerability has been discovered and corrected in krb5-appl, heimdal and netkit-telnet. An unauthenticated remote attacker can cause a buffer overflow and probably execute arbitrary code with the privileges of the telnet daemon. In Mandriva the telnetd daemon from the netkit-telnet-server package does not have an initscript to start and stop the service, however one could rather easily craft an initscript or start the service by other means rendering the system vulnerable to this issue. The updated packages have been patched to correct this issue.
088c8d790f512be759b35321724ad47890342945dbacb0e3d9083cc426187e2cWhitepaper called Denial of Service attacks and mitigation techniques: Real time implementation with detailed analysis. Unlike other theoretical studies, this paper lays down the steps involved in implementing these attacks in real time networks. These real time attacks are measured and analyzed using network traffic monitors. In addition to that, this project also details various defense strategies that could be enabled on Cisco routers in order to mitigate these attacks. The detection and mitigation mechanisms designed here are effective for small network topologies and can also be extended to analogous large domains.
f1811013d7d890533de92c4b33eb002cc4aea6e5e46e851c9ffe27c39fa5f389FreeBSD Security Advisory - Some third-party applications, including KDE's kcheckpass command, allow the user to specify the name of the policy on the command line. Since OpenPAM treats the policy name as a path relative to /etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run such an application can craft their own policies and cause the application to load and execute their own modules. If an application that runs with root privileges allows the user to specify the name of the PAM policy to load, users who are permitted to run that application will be able to execute arbitrary code with root privileges.
685c68cd0d879191a8f6e9dd16fb3ba8d2d61b100f23301bbe8d7f9cde467b5eFreeBSD Security Advisory - The OpenSSL library call used to decrypt private keys ignores the passphrase argument if the key is not encrypted. Because the pam_ssh module only checks whether the passphrase provided by the user is null, users with unencrypted SSH private keys may successfully authenticate themselves by providing a dummy passphrase. If the pam_ssh module is enabled, attackers may be able to gain access to user accounts which have unencrypted SSH private keys.
3f9adbe4371e9a27a25b335c20511c3b4a8582a5127ca9a55c06862e006c1268Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
d488e05390fc02274354b9eb2deb35cb28a9702082aeccf1b3d64435758ea353This Metasploit module exploits a buffer overflow in the encryption option handler of the Linux BSD-derived telnet service (inetutils or krb5-telnet). Most Linux distributions use NetKit-derived telnet daemons, so this flaw only applies to a small subset of Linux systems running telnetd.
bb350fce364cccea32d543a818c1ec5ccbfecf4e11c746fbe8c7d8b76c2cfd89This Metasploit module exploits a buffer overflow in the encryption option handler of the FreeBSD telnet service.
5c027aef49c6a33044ddd945cfc6d9db2dfdaac94f49b241b9d556902a49848aSecunia Security Advisory - A vulnerability has been reported in Kerberos, which can be exploited by malicious people to compromise a vulnerable system.
acded041cda02e4e3d59b3cde944830d45625de300c6fee114da710417fc54c3Secunia Security Advisory - A vulnerability has been discovered in the Mailing List plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
a4a45f784900f393ec9b67aa538aa4764438ec5b192357bff7d03aa0455f883fSecunia Security Advisory - Debian has issued an update for openswan. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
b0dfdc798a5c9dccb21e03e20faf64ada3a91aae607a956c6991127856f5fc86Secunia Security Advisory - A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features.
13ccb23946e03420bb12718ff2bd98f6dafb4049ce6affb6dc4a973e65302c8bSecunia Security Advisory - Debian has issued an update for krb5 and krb5-appl. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7d83aa6c255db315344a341862eb0c3d82513e47db652e0e8ba8145e7563e3dcSecunia Security Advisory - A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features.
8279c69737b4f8fae1c664728d54eb21e6679334bad5d43630e2c56349cd3f66Secunia Security Advisory - Francois Harvey has discovered a vulnerability in vtiger CRM, which can be exploited by malicious people to bypass certain security restrictions.
9e2160a497daaa7c509714a388c2909ccc36e0786d8ca689bc24b6574c52a8e9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed