A flaw exists in Microsoft Internet Explorer 5.x-6.0 that allows a remote attacker to execute a file using chm in showHelp().
74dacbfe84a67a971cd82b2d9a84831f67dbb9786abc754990bc01ccd23a36b1The Landesk Management Suite versions 8.0 and below suffer from a buffer overflow in their SetClientAddress function inside of YAUTO.DLL.
5a625063a7cfb000b398dba689f5dbde9099a3be80474bd16b2c97f3b3361e10Opera versions 7.22 and below allow for a remote site to overwrite local files during temporary file creation due to a lack of sanitizing filenames.
60c29d87a6f9de9b85286c7f945db2574fa8ee1f7e1c33632321555b1477c9eaosCommerce versions 2.2-MS1 and 2.2-MS2 allow a remote attacker to send a malformed URI that can effectively deny a user legitimate access to their account via a denial of service attack that will cause an unremovable item to be placed in the users shopping cart. These releases are also subject to SQL injection attacks and cross-site scripting problems as well.
4c4f31e91ddc721a290c33f3497928cb959707eed54691809a10b531978ae64eXerox Document Centre 470, 255ST, and possibly others allow for remote unauthorized access to files, access to plaintext passwords for the HTTP administration interface, access to DES passwords for the operating system, and read-write access to HTTP users and passwords.
026b93d3219efe238d3210af33b8dafe109314334e03c1bb222b23d44131e548Weak encryption in the client for the game Dark Age of Camelot exposes customer billing and authentication information during transmission.
6d944e3dc153c45f1774d46011fc92c063d2ad92d85abf77cd1c805dfeb68133Two buffer overflows exist in lftp versions 2.3 to 2.6.9. When using the ls and rels commands during an HTTP/HTTPS connection, an attacker has the opportunity to exploit a sscanf() call in try_netscape_proxy() and try_squid_eplf().
763cfb7b83021a88fea152144b0becd3ae188d5febab74fae428d2aa26a62665Eznet v3.5.0 and below contains a stack overflow in eZnet.exe which can be exploited in a GET request to SwEzModule.dll.
f6257c897987cc1e3d11a346e0c9313375ab796a397fcf72b2e85cc15cd1b584Opera for Windows v7.x prior to v7.23 build 3227 contains a file overwrite vulnerability which allows remote downloads to overwrite any file on the filesystem.
f4080a105f0722ecfb13159fccbb24fb407efafa0251c74c77d7beb48149e744Core Security Technologies Advisory CORE-2003-12-05 - New attack vectors were found for the Workstation Service vulnerability discussed in MS03-049 and the Messenger service vulnerabilities in MS03-001, MS03-026 and MS03-043. It was found that the attacks can be directed at UDP ports from spoofed source IP's, at the UDP broadcast addresses, or to ports above 1024, bypassing many firewalls by setting the source port to 53 and spoofing the packet from a trusted DNS server.
44529d93a00bb88bb168c0c51d37842dbc5cf391d901a6518dd8e0c2baf882eeSybase Adaptive Server Anywhere v9.0.0, the relational database at the core of SQL Anywhere Studio 8 contains over 50 vulnerabilities including format string overflows, buffer overflows, and denial of service conditions. Fix available here.
85b020d178f9754cbb630b420899e0a35ec15ff5fd3c3ba755e03d19390d2f14Secure Network Operations Advisory SRT2003-12-04-0723 - Ebola, the AntiVirus scanning daemon system versions 0.1.4 and below, contain a remotely exploitable buffer overflow in their authentication sequence.
ab8ac4be2a73ff8565230c696bef71988ee754456506e8ac690fced1879fa5ebSending a blank GET request to a Linksys WRT54G v1.0 (firmware v 1.42.3) router results in a denial of service.
986a4c9134cb217705aa68dacd125d9dff813dac0af519f895c98449cde6ce59Websense Enterprise versions 4.3.0 to 5.1 are susceptible a cross-site scripting attack where an end user may be tricked into running malicious code in their trusted zone.
6e69678fcb36ec02588ee2c42ee95597361b4f16a38bd7afc185b5f0ad3d4b42Yahoo Instant Messenger versions 5.6.0.1347 and below is susceptible to a buffer overflow attack in the YAUTO.DLL file when a long URL is passed to the Open(String Url) function.
5d7b42348c6d1f81129057e67e3bb4a60281eb97d1d5a6558791d635b6257c57The pxboard executable in XBoard versions 4.2.6 and below creates and writes to a file with a predictable filename in the /tmp directory.
273fdbcba2883e7c9dd1149352709a9f8d46252e9ea39b799308b8eb63cb590dGentoo Linux Security Announcement 200312-01 - On December 2nd, the rsync.gentoo.org server was compromised via a heap overflow in the rsync 2.56 server implementation.
db69bcc79065d6bee04297b0bb9b90c91db819197c09304db31a87f2671a117eDetailed information on the linux kernel v2.4 prior to v2.4.23 local root vulnerability in the do_brk() kernel function. Kernels 2.4.20-18.9, 2.4.22 (vanilla), and 2.4.22 with grsecurity patch are confirmed vulnerable.
43a76479ec2e92c678e1e79c86fa11a5609b490ba6e29b4d220c64300a875126Linux v2.4.x below v2.4.23 was found to contain a local root vulnerability when a multiple servers of the Debian project were compromised using a new kernel exploit. Due to an integer overflow in the do_brk() system call, it is possible for local users to gain root access. Users of kernel v2.4.22 and below should upgrade.
6b7bf49bb900c4191213c7198954faf0787e580c8572403926b9a31da91795b0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed