A buffer overflow vulnerability exists in the way a dynamic linking library (ssinc.dll)that is shipped with Microsoft IIS 4.0/5.0 handles the files it contains. Exploiting the vulnerability, local attackers could gain local system privileges.
f9be980a2327c68bcbad02560bc941dbiDEFENSE Security Advisory 05.30.03: Passing an overly long string to the apr_psprintf() APR library function that is used by the Apache HTTP Server could cause an application to reference memory that should have already been returned to the heap allocation pool.
9b8e4ed50f2475f0e636c2312503263dThe Goldmine mail agent can run arbitrary code via a malicious formed HTML e-mail. It does not even run the email in the 'security zone' as does Microsoft Outlook, but passes anything that looks like HTML to be executed unrestricted directly to the default Browser, which for many is usually Internet Explorer.
eeedecb314651db083cfc7debb183791Amusing addition to the vulnerability found in the Axis Network Camera HTTP server. Apparently the de-facto e-mail address for SMTP alerts is set to mail@somewhere.com and if this feature is enabled without changing the destination address, somewhere.com gets some very amusing insight as to what is being watched. Original vulnerability information is posted here.
524a48a4b047f299af88f8248c550f54S 2 1 S E C Advisory 017 - The Vignette Content Management and Application Portal software is vulnerable to a remote attacker accessing the SQL database without authentication by modifying a cookie. Affected versions: StoryServer 4 and 5 and Vignette V/5.
46c27d0650a3f0472de8493880dc4ad6S 2 1 S E C Advisory 016 - Vignette Content Management and Application Portal software has a vulnerability that allows a remote attacker to inject a server side include that could lead to remote command execution. Affected versions include, but are not limited to, StoryServer 4 and 5 and Vignette V/5 and V/6.
61c49e1af45f2771f6e937e5630fa113The AnalogX Proxy server suffers from a buffer overflow when handed a URL that is greater than 340 bytes in size. A specially crafted URL allows for remote execution of arbitrary code.
b071639b2f8c0ef354b91652da33734aMailmax Version 5 has a buffer overflow condition in its IMAP4 server that can cause the service to stop responding and allows a remote attacker to overwrite the exception handler on the stack. Doing this could allow arbitrary code execution as the SYSTEM user.
8e2091f8285d63a80ce395cea651ee84Atstake Security Advisory A051203-1 - The Apple AirPort XORs a password with a fixed maximum of 32 bytes against a predefined key. If a password is set to one character, a simple sniff of the 32 byte block will reveal 31 bytes of the XOR key. The final byte can be obtained by XORing the obfuscated first byte against the first character of the plaintext password.
40ac67afe52c63da1895de09b86cabe7Secunia Research Advisory - Opera browser versions 7.10 and 7.03 suffer from denial of service and possible remote code execution vulnerabilities due to incorrect handling of long filename extensions.
9325932165bd7f56c958043eae54822eA buffer overflow exists in the ESMTP CMailServer 4.0.2002.11.24 SMTP Service, resulting in a denial of service attack. It is possible to overwrite the exception handler on the stack allowing a system compromise with code execution running as SYSTEM.
190616081f26e58539f1d58a70e3c95aSecure Network Operations, Inc. Advisory SRT2003-05-08-1137: A problem appears to be created by a series of strcat(), sprintf(), and strcpy() functions in ListProc <= 8.2.09 enabling an attacker to gain root privileges through a buffer overflow.
06a6e9f0c077a98cf5148ea15cddc1ecWindows Media Player versions 7 and 8 are vulnerable to a directory traversal attack when skin files are downloaded from Internet. The vulnerability allows malicious users to upload an arbitrary file to an arbitrary location when a victim user views a web page.
29c1ca44e838d70bd75e8ead3c24ff0eNGSSoftware Insight Security Research Advisory #NISR07052003B - SLWebMail 3 is vulnerable to various buffer overflows in many of its ISAPI DLL applications including showlogin.dll, recman.dll, admin.dll, and globallogin.dll. It is also vulnerable to arbitrary file access via ShowGodLog.dll which does not even force authentication prior to use. Physical paths can also be determined by making invalid requests to certain DLLs.
a5a523964f494ad0e022b05aea0acfa5NGSSoftware Insight Security Research Advisory #NISR07052003A - SLMail 5.1.0.4420 suffers from multiple remotely exploitable buffer overflows in its SMTP engine, poppasswd and pop3 server.
55a87f6617585ffbcff18010b221bc7dCisco Security Advisory: Multiple vulnerabilities have been found in the Cisco VPN 3000 Concentrator series which includes models 3005, 3015, 3030, 3060, 3080 and the Cisco VPN 3002 Hardware Client. The enabling IPSec over TCP, malformed SSH initialization packet, and malformed ICMP traffic vulnerabilities are discussed.
2871da229ac3afe1c329311dc949412eCore Security Technologies Advisory ID: CORE-2003-0303 - Six vulnerabilities have been found in the Mirabilis ICQ Pro 2003a client that are both locally and remotely exploitable. Use of these allow for remote code execution and a denial of service.
ce54c0966b83d67e6fcaaddb323e6a0ayoubin, the utility that acts as a network version of the utility biff, has insufficient bounds checking that allows arbitrary code execution.
1e8374fcea43889fec5866f83956a143
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed