.:[ packet storm ]:. - http://packetstormsecurity.org/

Section: .. / 0705-advisories /

Page 6 of 18
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >> Files 125 - 150 of 441

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	05.25.07-1.txt
Description:	iDefense Security Advisory 05.25.07 - Remote exploitation of multiple stack-based buffer overflows in Sun Microsystems Inc's Java System Web Proxy allows unauthenticated attackers to execute arbitrary code with superuser privileges. The problem specifically exists within the "sockd" daemon. This daemon implements SOCKS proxy support for the Web Proxy product. Attackers can cause a buffer overflow by manipulating certain bytes during protocol negotiation. iDefense has confirmed the existence of this vulnerability using version 4.0.3 of Sun Java Web Proxy Server. Lab tests were performed on an x86 RedHat enterprise Linux machine. Previous versions, including products released under the "Sun ONE" product line, are suspected to be vulnerable.
Homepage:	http://www.idefense.com/
File Size:	3483
Last Modified:	May 31 05:12:04 2007
MD5 Checksum:	1598909a3d4f1ba7380b51a8e5f82b75

/// File Name:	05.02.07-1.txt
Description:	iDefense Security Advisory 05.02.07 - Remote exploitation of a heap overflow vulnerability within LiveData's Protocol Server could allow an attacker to cause the service to crash or potentially execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in LiveData Protocol Server version 5.00.045 which was the current release as of September 13th 2006.
Homepage:	http://www.idefense.com/
File Size:	3470
Last Modified:	May 3 09:46:53 2007
MD5 Checksum:	879424bc88729ddda6fed02139472d3d

/// File Name:	04.30.07-1.txt
Description:	iDefense Security Advisory 04.30.07 - Remote exploitation of multiple vulnerabilities in the Internet Relay Chat (IRC) module of Cerulean Studios' Trillian could allow for the interception of private conversations or execution of code as the currently logged on user. When handling long CTCP PING messages containing UTF-8 characters, it is possible to cause the Trillian IRC client to return a malformed response to the server. This malformed response is truncated and is missing the terminating newline character. This could allow the next line sent to the server to be improperly sent to an attacker. When a user highlights a URL in an IRC message window Trillian copies the data to an internal buffer. If the URL contains a long string of UTF-8 characters, it is possible to overflow a heap based buffer corrupting memory in a way that could allow for code execution. A heap overflow can be triggered remotely when the Trillian IRC module receives a message that contains a font face HTML tag with the face attribute set to a long UTF-8 string. iDefense has confirmed the existence of this vulnerability in Cerulean Studios Trillian 3.1.
Author:	enhalos
Homepage:	http://www.idefense.com/
File Size:	3461
Last Modified:	May 3 08:35:16 2007
MD5 Checksum:	ae9a653cbd647041c3db1bf6b7603b55

/// File Name:	yate-dos.txt
Description:	Yate version 1.1.0 suffers from a denial of service vulnerability due to a null pointer reference.
Author:	Yuri Gushin
File Size:	3438
Related CVE(s):	CVE-2007-1693
Last Modified:	May 3 08:53:37 2007
MD5 Checksum:	c64818eba907977787a7e7d7c7602f00

/// File Name:	sa25220.txt
Description:	Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities and a security issue, which can be exploited by malicious users to gain knowledge of potentially sensitive information and to cause a DoS (Denial of Service), and by malicious people to cause a DoS.
Homepage:	http://secunia.com/advisories/25220/
File Size:	3437
Last Modified:	May 12 04:30:02 2007
MD5 Checksum:	55e21e19482aa1e68acb4e8e0e96dabc

/// File Name:	sa25091.txt
Description:	Secunia Security Advisory - A vulnerability has been reported in Sun Java System Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Homepage:	http://secunia.com/advisories/25091/
File Size:	3433
Last Modified:	May 3 01:50:52 2007
MD5 Checksum:	f6176a1e89b8e591ab96316a726c1dcf

/// File Name:	05.08.07-4.txt
Description:	iDefense Security Advisory 05.08.07 - Remote exploitation of an integer overflow vulnerability in the IMAP service of Microsoft Exchange 2000 could allow a remote attacker to crash all running Exchange services and other services in the same process. The vulnerability specifically exists in code responsible for reading of literals in the IMAP4 service. When the IMAP4 service encounters a specially crafted literal, it fails to properly process it. An access violation occurs causing an unhandled exception that terminates the process. iDefense confirmed the existence of this vulnerability in Microsoft Exchange 2000 with Service Pack 3.
Author:	Joxean Koret
Homepage:	http://www.idefense.com/
File Size:	3409
Related CVE(s):	CVE-2007-0221
Last Modified:	May 10 05:59:23 2007
MD5 Checksum:	41dfd11ab1612d6ad35ed1f0004b4d0e

/// File Name:	sa25157.txt
Description:	Secunia Security Advisory - Debian has issued an update for ldap-account-manager. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform actions with escalated privileges and by malicious users to conduct script insertion attacks.
Homepage:	http://secunia.com/advisories/25157/
File Size:	3385
Last Modified:	May 10 02:32:46 2007
MD5 Checksum:	e1338d72c104ef10d69c7b1bbb991280

/// File Name:	dsa-1287-1.txt
Description:	Debian Security Advisory 1287-1 - Two vulnerabilities have been identified in the version of ldap-account-manager shipped with Debian 3.1 (sarge). An untrusted PATH vulnerability could allow a local attacker to execute arbitrary code with elevated privileges by providing a malicious rm executable and specifying a PATH environment variable referencing this executable. Improper escaping of HTML content could allow an attacker to execute a cross-site scripting attack (XSS) and execute arbitrary code in the victim's browser in the security context of the affected web site.
Homepage:	http://www.debian.org/security
File Size:	3378
Related CVE(s):	CVE-2006-7191, CVE-2007-1840
Last Modified:	May 8 11:02:29 2007
MD5 Checksum:	47c3422532d28391639acdfef89b5cf0

/// File Name:	sa25079.txt
Description:	Secunia Security Advisory - Some vulnerabilities have been reported in VMware Workstation, which can be exploited by malicious users to cause a DoS (Denial of Service) or bypass certain security restrictions.
Homepage:	http://secunia.com/advisories/25079/
File Size:	3357
Last Modified:	May 2 04:17:18 2007
MD5 Checksum:	42b2505af2a989236d23a8c825f9e303

/// File Name:	sa25151.txt
Description:	Secunia Security Advisory - Slackware has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious users to manipulate certain data, disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or to compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or cause a DoS.
Homepage:	http://secunia.com/advisories/25151/
File Size:	3356
Last Modified:	May 10 02:32:46 2007
MD5 Checksum:	810e5f884bd975f23ff543bb22741d21

/// File Name:	sa25013.txt
Description:	Secunia Security Advisory - A vulnerability and a security issue have been reported in various Symantec products, which can be exploited by malicious, local users to disclose sensitive information, cause a DoS (Denial of Service), and gain escalated privileges.
Homepage:	http://secunia.com/advisories/25013/
File Size:	3335
Last Modified:	May 2 04:17:18 2007
MD5 Checksum:	79e4520bbbce798c8222f0bf0a24ad4b

/// File Name:	sa25217.txt
Description:	Secunia Security Advisory - Mandriva has issued an update for python. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information.
Homepage:	http://secunia.com/advisories/25217/
File Size:	3294
Last Modified:	May 10 02:32:46 2007
MD5 Checksum:	6bb145e81a138ec93872e203ab2ab25c

/// File Name:	sa25119.txt
Description:	Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service), or by malicious people to cause a DoS and potentially compromise a user's system, or to bypass certain security restrictions.
Homepage:	http://secunia.com/advisories/25119/
File Size:	3278
Last Modified:	May 7 20:45:49 2007
MD5 Checksum:	b770f47b3a600e6f54bd4007fa07b1e6

/// File Name:	sa25086.txt
Description:	Secunia Security Advisory - Some vulnerabilities have been reported in Trillian, which can be exploited by malicious users to gain knowledge of sensitive information or compromise another user's system.
Homepage:	http://secunia.com/advisories/25086/
File Size:	3272
Last Modified:	May 2 04:17:18 2007
MD5 Checksum:	e72d2490306a9ae8e08e00f2087fcc83

/// File Name:	glsa-200705-10.txt
Description:	Gentoo Linux Security Advisory GLSA 200705-10 - The libXfont code is prone to several integer overflows, in functions ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). TightVNC contains a local copy of this code and is also affected. Versions less than 1.2.9-r4 are affected.
Homepage:	http://security.gentoo.org
File Size:	3206
Related CVE(s):	CVE-2007-1003, CVE-2007-1351, CVE-2007-1352
Last Modified:	May 10 02:58:06 2007
MD5 Checksum:	4f3107dd626f8a2fd9887a41ac986405

/// File Name:	sa25069.txt
Description:	Secunia Security Advisory - Sun has acknowledged a vulnerability in the Java Web Start of the Java 2 Platform, which can be exploited by malicious people to bypass certain security restrictions.
Homepage:	http://secunia.com/advisories/25069/
File Size:	3205
Last Modified:	May 2 04:17:18 2007
MD5 Checksum:	54c0e86bc8e2d527f399b8631fb3e19b

/// File Name:	sa25242.txt
Description:	Secunia Security Advisory - Gilberto Ficara has reported a security issue and some vulnerabilities in TeamSpeak, which can be exploited by malicious users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.
Homepage:	http://secunia.com/advisories/25242/
File Size:	3170
Last Modified:	May 15 07:07:10 2007
MD5 Checksum:	501f652884890030aff9f1e66d7ab483

/// File Name:	sa25286.txt
Description:	Secunia Security Advisory - Derek Abdine has reported some vulnerabilities in Caucho Resin, which can be exploited by malicious people to disclose sensitive information.
Homepage:	http://secunia.com/advisories/25286/
File Size:	3166
Last Modified:	May 16 03:04:41 2007
MD5 Checksum:	27e74db63ef76f8aec7b4910af20b6a6

/// File Name:	sa25118.txt
Description:	Secunia Security Advisory - Mandriva has issued an update for xscreensaver. This fixes a weakness, which can be exploited by malicious people to bypass certain security restrictions.
Homepage:	http://secunia.com/advisories/25118/
File Size:	3158
Last Modified:	May 4 07:48:13 2007
MD5 Checksum:	80a16469e2a52d36cbd96c517d6e44c0

/// File Name:	n.runs-SA-2007.009.txt
Description:	A remotely exploitable vulnerability has been found in the file parsing engine of ALWIL avast! antivirus software versions prior to 4.7.700 when parsing .SIS files.
Author:	Sergio Alvarez
Homepage:	http://www.nruns.com/
File Size:	3151
Last Modified:	May 30 23:14:46 2007
MD5 Checksum:	68ed6d70bc1d37d65e894b6af1bfe3a8

/// File Name:	n.runs-SA-2007.008.txt
Description:	A remotely exploitable vulnerability has been found in the file parsing engine of ALWIL avast! antivirus software versions prior to 4.7.700.
Author:	Sergio Alvarez
Homepage:	http://www.nruns.com/
File Size:	3151
Last Modified:	May 30 22:42:22 2007
MD5 Checksum:	f7cc625231d8cfcdaec87993739d6639

/// File Name:	sa25153.txt
Description:	Secunia Security Advisory - Jesper Jurcenoks has discovered some vulnerabilities in Advanced Guestbook, which can be exploited by malicious people to disclose sensitive information or to conduct cross-site scripting attacks.
Homepage:	http://secunia.com/advisories/25153/
File Size:	3143
Last Modified:	May 10 02:32:46 2007
MD5 Checksum:	53302980ed4ccec3ed53a869013110c9

/// File Name:	sa25199.txt
Description:	Secunia Security Advisory - Some vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious users and malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Homepage:	http://secunia.com/advisories/25199/
File Size:	3125
Last Modified:	May 11 02:35:58 2007
MD5 Checksum:	e71b2947f495ad280b7406e263bd24e4

/// File Name:	05.10.07-2.txt
Description:	iDefense Security Advisory 05.10.07 - Remote exploitation of a buffer overflow vulnerability within Novell Inc.'s NetMail allows attackers to execute arbitrary code with the privileges of the service. This vulnerability specifically exists within the SSL version of the "NMDMC.EXE" service. The application does not perform sufficient input validation when copying data into a fixed size stack buffer. When processing a specially crafted request made to this service, a stack-based buffer overflow occurs leading to corruption of program control registers saved on the stack. iDefense has confirmed the existence of this vulnerability within version 3.52e_FTF2 of Novell Inc's NetMail. Older versions are suspected to be vulnerable.
Homepage:	http://www.idefense.com/
File Size:	3110
Last Modified:	May 11 04:03:48 2007
MD5 Checksum:	dc11553dd0c89f52a4081a3c78bf573c

/// Last 10 Files

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Advisories

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Exploits

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Tools

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Misc

[ Last 20 | Last 50 | Last 100 ]