EEYEB-20051017 Windows Media Player BMP Heap Overflow - eEye Digital Security has discovered a critical vulnerability in Windows Media Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code in the context of the user who executed the player.
f1baeab1ad4615826aca9038420615c7d577b1f3b123bf4ad45ead17f38ed1f7Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution.
4dc06c6b161ce560635da9b75584bc3fe8ab2c10601075166c27377d5be07648IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
21d4091a11893c2f623dcf9af8a85b61ca78beeefce83a0173a12f40cbd50b63AIM Admin: A perl script designed to accept and execute commands via the AOL Instant Messenger service. Supports crypted passwords and sends back the output of all commands.
2f0dceb8a4ac1a32a697f0a2d02db93a269402ef63f052b363983131ed147041perl shell: a simple perl backdoor script that listens for a plantext password and can run a shell. .
4684fcea6110c5c3403a3bbc88c6ccbf603a0e471c9ce2e35bf6dd939eca9001XMB Forum versions less than or equal to 1.9.3 are vulnerable to SQL injection or XSS attacks.
5df693e8b3f83f6c9fd9ba93aade7d9ba321cc4c5c84e1e33193921ec3c002c0Honeyd is a small daemon that creates virtual honey pot hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.
557afbc284292d69d5e8cf3853500ae9e349c1fbb0d35d32c9a822586f158577Honeyd Security Advisory 2006-001 - A bug in the IP reassembly codes causes Honeyd to reply to illegal fragments that other implementations would silently drop. Watching for replies, it is possible to detect IP addresses simulated by Honeyd.
903a2732d19e38bb846aa47f06b02942617b166ed0c95da09abed903d227f34aMyBB v1.0.3 suffers from SQL injection and XSS in private.php.
096be85f6c06fd66761115a1947a27daefcaeaf06dd4799920bb743adf7bf5dfMyBB v1.0.3 suffers from XSS and SQL injection in moderation.php.
1af72497fae8d4e661ec32cc7c1e02d16cc08c1912528ab387f9b15ba6e987b9Debian Security Advisory DSA 977-1 - Two vulnerabilities have been discovered in heimdal, a free implementation of Kerberos 5.
557bf8847acad39f8733f4f14091b0524be253752529b81f9900b92c7e189adaUbuntu Security Notice USN-251-1 - Evgeny Legerov discovered a buffer overflow in the DER format decoding function of the libtasn library. This library is mainly used by the GNU TLS library; by sending a specially crafted X.509 certificate to a server which uses TLS encryption/authentication, a remote attacker could exploit this to crash that server process and possibly even execute arbitrary code with the privileges of that server.
aac537d98df84dc7d27202d8a51880a432696da19ef74a1f2e32c21b5ef2154dGentoo Linux Security Advisory GLSA 200602-08 - Evgeny Legerov has reported a flaw in the DER decoding routines provided by libtasn1, which could cause an out of bounds access to occur. Versions less than 0.2.18 are affected.
d3010df9aa3707090b7ffc7b2a9dd5b0ce1a83c0750d52f98e07207562878013Secunia Security Advisory - Two weaknesses have been reported in Winamp, which can be exploited by malicious people to cause a DoS (Denial of Service).
33944f9c428b1d41bfc7bda884d3912fe698ce6e75ec954a8799cb292abf517dSecunia Security Advisory - Thomas Pollet has discovered a vulnerability in Clever Copy, which can be exploited by malicious people to conduct script insertion attacks.
3ed3051b823fc0ca38f5d6504ef03e52082edc4e34a0fd426a1e9395c19260dfSecunia Security Advisory - Thomas Pollet has discovered a vulnerability in @Mail, which can be exploited by malicious people to conduct script insertion attacks.
92518311b8168335d4fb1ac0a68f9169468a4047578f7e9b5836773cf822ed22Secunia Security Advisory - Aliaksandr Hartsuyeu has reported a vulnerability in Teca Diary Personal Edition, which can be exploited by malicious people to conduct SQL injection attacks.
0084185fbd13b8505a0b4d0a44542d9736d2adef01e4ad5d093ed0bd3fa9f088Secunia Security Advisory - Aliaksandr Hartsuyeu has reported a vulnerability in BirthSys, which can be exploited by malicious people to conduct SQL injection attacks.
080a23f1e0f8cb5417b2e40d836083b01b4f4954740c83de733fb2e976e071ceSecunia Security Advisory - Debian has issued an update for heimdal. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).
c4fcc97118d422c679b18b27374b1cbedcac746cd5038e3f281e75c16cf99451Secunia Security Advisory - Slackware has issued an update for fetchmail. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of certain sensitive information and by malicious people to cause a DoS (Denial of Service).
0373bc42199f34d908777d03fee2560716505de955a04b0027ab9730de9adbaeSecunia Security Advisory - evader has reported a security issue in Kyocera FS-3830N Printer, which can be exploited by malicious people to gain knowledge of or potentially to modify certain system information.
376159192a7c0fac0456d91d7199a09a420025f2bcf9262c30f12469432ffb46Secunia Security Advisory - imei addmimistrator has discovered vulnerabilities in MyBB, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
caef375bf8978e7a93bd1632fca68afd3980b6c916b83905428ee08abb921211Secunia Security Advisory - Slackware has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
48a5900d7441715563a994c07fb53718605598bbf908a9743d9d89f99e3a87deSecunia Security Advisory - ReZEN has reported a weakness in Wimpy MP3 Player, which can be exploited by malicious people to modify certain data.
62aeb5dca252b17cd38cb4308b58e417dca4731f67ada30a9d09716d63937936Secunia Security Advisory - ReZEN has reported a vulnerability in HostAdmin, which can be exploited by malicious people to compromise a vulnerable system.
a98c1e58a5d1708945a50a34de78a64919dd519d1f6e4555c65d793345345087
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed