Netragard, L.L.C Advisory - The libxml library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability. Safari uses the vulnerable libxml library and can be attacked via the feed:// input vector. Versions below 3.2.3 are affected.
9012ec278979cbf1e8f349fe20406fb03ef5ed6f98fa19b6fa6209f214f162f3Secunia Security Advisory - Netragard has reported a vulnerability in Sonexis ConferenceManager, which can be exploited by malicious people to bypass certain security restrictions.
e7316ea9a949c93000bf0f98f59eb5b7d4a4f3adc55f37f93aa47b2e39c6bb38Netragard, L.L.C Advisory - Sonexis ConferenceManager versions up to 10.x suffer from multiple information disclosure and lack of authentication vulnerabilities.
0187c6fccee74ba3fb6221abae73c77e6c4eedd2deda0b9b3c2c76138719014dNetragard, L.L.C Advisory - Sonexis ConferenceManager version 9.3.14.0 suffers from a remote blind SQL injection vulnerability.
1f9f92a63ad712d5bdad484011567b4dc9edf18843008ce146b3c460e4a79e40Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution.
b4e62b2f700ce3815f78c1991849fbb9ad953a16a199be95b8d4740f1b5ad9a7Netragard, L.L.C Advisory - The GoGo Inflight Internet service fails to encrypt wireless connections between users and the access point.
e15a68a398d9fbb9df850bb9e64eb1d67cbb71a7114d0a7fa4d220d64af99af9Netragard, L.L.C Advisory - The Cambium Group Content Management System (CAMAS) Failed most Open Web Application Security Project ("OWASP") criterion during testing.
6dc9216857c8b8a7de3efc27c3d5195a6260f1f1903675c0dbdb8d568555f4bbNetragard's account of using Facebook to earn the trust of a company's employees and turning the tables on them.
07fe17adad384be9b339492dc7d5434525fa2531f80cffe9d1b7b53cb9c1ae1aNetragard, L.L.C Advisory - Core Image Fun House versions 2.0 and below for OS X suffer from a buffer overflow vulnerability when a specially crafted .funhouse file is leveraged. Proof of concept code included.
6c6bce17e27550c78e31772953580b27edbf6c06eb465a112c51012482a46cacNetragard, L.L.C Advisory - Netragard's SNOsoft Research Team discovered two critical vulnerabilities in the OpenBase SQL Relational Database that can lead to full system compromise. OpenBase versions 10.0.5 and below are affected.
461394d46dce182dddd5cd5ac8284bec3acbe0ca019c1b7a15477e4a510c19e6Netragard, L.L.C Advisory - Maia Mailguard versions 1.0.2 and below suffers from file read and directory traversal vulnerabilities that allow for remote code execution. Details provided.
d36bb22c015e1a08a2926bcf374d2972835a70bfa94c4a09681029459a05bf6fNetragard, L.L.C Advisory - An exploitable vulnerability exists in FrontBase that can be used to gain NT AUTHORITY\SYSTEM or root privileges on an affected system. FrontBase versions 4.2.7 and below are affected.
cd42c535ea4a9cbfa1eb848bf2b4eff416a1e0f36719dba4953b028de6dfb69eNetragard, L.L.C Advisory - McAfee Virex contains an exploitable feature that enables users to define what files should be excluded for scanning. This feature relies on a configuration file with insecure privileges and is located in /Library/Application Support. Any user on the system can modify or delete the configuration file thus affecting what Virex will scan. Versions 7.7 and below are affected.
a3cb1e800dcc7d0c7dfc001dd8db9bc345f0a9944f95a36846b83a05d5b0d489Netragard, L.L.C Advisory - It is possible to take control of an @Mail webmail email account by exploiting a Cross Site Request Forgery (XRSF) vulnerability in the @Mail webmail product. An attacker can send a specially crafted email to any @Mail webmail user with a forged "img" tag. This forged tag, if crafted properly, will inject new settings into the @Mail webmail users account. Version 4.51 is susceptible.
b627e59c9804ad47e3a14c93ce12874b3658b67c476646c57f75d4949ef620ceSecunia Security Advisory - Netragard has reported two vulnerabilities in @Mail, which potentially can be exploited by malicious people to conduct cross-site scripting attacks or cross-site request forgery attacks.
bff33a0a54f68c1dc7dfeeec0b093a1d4de527fda7c9500f91c11143103abc6fNetragard, L.L.C Advisory - @Mail version 4.51 does not properly sanitize email allowing for cross site scripting attacks.
39e68d57bada5a83cf9b09964668a0c6d5d4d57328013bb0836d4cd7e2938ac1Netragard, L.L.C Advisory NETRAGARD-20060810 - libpthread suffers from a buffer overflow vulnerability which may enable an attacker to execute arbitrary commands on the system. This vulnerability may potentially be exploited by a creating a specially crafted buffer and inserting it into the PTHREAD_CONFIG variable. Version 5.1b is affected.
987de219a762a82acd64d995906ea3a9208ed3a544ba195b808c097d325cf8e8Netragard, L.L.C Advisory NETRAGARD-20060810 (UPDATE): dtmail suffers from a buffer overflow vulnerability which could result in the execution of arbitrary code. More specifically this vulnerability is triggered when using -a flag:
cb88802b1e79a6bd8af6ec797980b6a411c718a0a876e8bd52cf03e206da577dSecunia Security Advisory - Netragard has reported a vulnerability in HP-UX, which can be exploited by malicious, local users to gain escalated privileges.
3f090a25d04fb56d07b90c95e4e81386ee14c049a49b9a4b9d3d25ca57df6699Secunia Security Advisory - Netragard has reported a vulnerability in HP Tru64 Unix, which can be exploited by malicious, local users to gain escalated privileges.
dd02a6184379d075785aaeaac740927344a336dd166c168054e630b4bf7d00d9Netragard, L.L.C Advisory: dtmail suffers from a buffer overflow vulnerability which could result in the execution of arbitrary code. More specifically this vulnerability is triggered when using -a flag:
f6f661eece2e97c0022011ba50f31579053126df8dbf50a9b0712d7a70ad6fccSecunia Security Advisory - Netragard has reported a vulnerability in Roxio Toast Titanium, which can be exploited by malicious, local users to gain escalated privileges.
3b84b83f9fa36faf7e178100c8d3c95de1210aea8f0399d32521a03e770ac188Roxio 7 Toast contains locally exploitable vulnerabilities due to insecure system() by calls by suid binaries which use the user's $PATH environment variable.
a9a41ad652cad025669286ea026676bda759c1424a925ade740e5e98f354c33a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed