IOActive Security Advisory - A vulnerability exists within AscoServer.exe of SIEMENS SiPass during the handling of RPC messages over the ethernet bus. Insufficient sanity checking allows remote and unauthenticated attackers to corrupt a heap-allocated structure and then dereference an arbitrary pointer. This flaw allows remote attackers to execute arbitrary code on the target system, under the context of the SYSTEM account, where the vulnerable versions of SIEMENS SiPass Integrated are installed. More advanced payloads could modify the behavior of the application’s internal controllers to unlock doors, control specific hardware, or expose businesses to other security risks. SIEMENS SiPass Integrated versions MP2.6 and earlier are affected.
6c360fd7a497194cefa22ee03fee415561bb9f756de284b4f7fa3b2eae5e5953IOActive Security Advisory - DASDEC-I and DASDEC-II from Digital Alert Systems (DAS), which are used in the Emergency Alert System, have an embedded root ssh key that enables an attacker to transmit false emergency information over a large geographic area.
b32108bd2c0d9441bb1f18cfa9a0bc8a321063c45c679b287a55fffbc1d67034Mandriva Linux Security Advisory 2009-198 - Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open() on an invalid URL which looks similar to a legitimate URL and then use document.write() to place content within the new document, appearing to have come from the spoofed location. Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client. IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.
75f839274f8e82729d0a4c1aca579dbfb860f6c2f1f69f8353c4f57860a78bd7PyString_FromStringAndSize() incorrectly validates input in Python version 2.5.2. Earlier versions may also be vulnerable.
acdffd19a5b36cf9a44eb0ee3ce3dda152701c5d20c417990d3d9dd1d9b1ff11The zlib extension module in Python version 2.5.2 contains a method for flushing decompression streams that takes an input parameter of how much data to flush. This parameter is a signed integer that is not verified for sanity and is thus potentially negative. When passed a negative value memory is misallocated and then the signed integer is converted to an unsigned integer resulting in buffer overflow.
c3a0dd34a8717e04bba206262904ef9f4e4455f57c9ce9a73f69101d7914ff88IOActive Security Advisory - IOActive has discovered multiple critical vulnerabilities within the Mercury SiteScope server monitoring software, some of which allow for complete remote compromise of the entire monitored network, as well as arbitrary code execution on all servers managed by the SiteScope software. All versions are affected.
bdf701facaff7c05ea1f467d97bae23f2034d266aaa8c38317cac7d77ffcb638IOActive Security Advisory - mod_jk2 versions prior to 2.0.4 are vulnerable to multiple stack overflow vulnerabilities. Specifically, IOActive has discovered multiple locations where these vulnerabilities are exploitable via the Host request header in any given request. These overflows all result in remote code execution under the user of the running Apache process.
0161744beee5c0442c15b6bd90c5e6d1e55cbe47940ec1ba4424c2446c68071e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed