NetBSD Security Advisory 2005-001 - The Pentium CPU shares caches between HyperThreads. This permits a local process to gain a side-channel against cryptographic processes running on the other HyperThread. Testing for cached data can be accomplished by timing reads. Under some circumstances, this permits the spying process to extract bits of the key. This has been demonstrated against OpenSSL.
0b7d686df11dc8fabc0eddfddfd7f9ecAn error in Microsoft Windows NTFS driver code causes the file system to incorrectly assign disk blocks to files before they have been initialized. Following a recovery from a system shutdown, uninitialized data may be visible in files from previously allocated disk blocks.
79c040f93de735457827f1ffee7aafbeDebian Security Advisory DSA 733-1 - Justin Rye discovered that crip, a terminal-based ripper, encoder and tagger tool, utilizes temporary files in an insecure fashion in its helper scripts.
0fff2d105c320180022ccae5e1ba99a8FreeBSD Security Advisory FreeBSD-SA-05:15 - Two problems have been discovered in the FreeBSD TCP stack. First, when a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. Second, a TCP packet with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options.
a2e2310698e536c356b1f92c78772dc8FreeBSD Security Advisory FreeBSD-SA-05:14 - Two problems have been discovered relating to the extraction of bzip2-compressed files. First, a carefully constructed invalid bzip2 archive can cause bzip2 to enter an infinite loop. Second, when creating a new file, bzip2 closes the file before setting its permissions.
5db0df715ad1618105ef79a7b25521e2FreeBSD Security Advisory FreeBSD-SA-05:13 - The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be incorrectly matched against a lookup table.
11ef04975edaf951379bd3f0312f2061A flaw has been discovered in the third-party XML-RPC library included with Drupal. An attacker could execute arbitrary PHP code on a target site.
b89ee85cbcbfc655d22d82f97b68a289Kuba Zygmunt discovered a flaw in the input validation routines of Drupal's filter mechanism. An attacker could execute arbitrary PHP code on a target site when public comments or postings are allowed.
403e726f5adb10f2049d93abc4ca009eSoldier of Fortune II versions 1.02x and 1.03 suffer from a bug where a large client ID will crash the server.
6f1d72be1ff10e7a281dd1268605709cTechnical Cyber Security Alert TA05-180A - The VERITAS Backup Exec Remote Agent for Windows contains a buffer overflow that may allow an unauthenticated, remote attacker to compromise a system and execute arbitrary code with administrative privileges.
d9d0fb307ced357598b417f433b442f9Serendipity version 0.8.2 and below suffer from a remote command execution flaw.
57f6aa66cdfb12fcdeca32491121301aCisco Security Advisory - Remote Authentication Dial In User Service (RADIUS) authentication on a device that is running certain versions of Cisco Internetworking Operating System (IOS) and configured with a fallback method to none can be bypassed.
9fca874f85c2e6b97117d4bf0d227abciDEFENSE Security Advisory 06.29.05-2 - Remote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition. The vulnerability specifically exists due to improper behavior during exceptional conditions.
92592b1f6bb570322291c13790eb742ciDEFENSE Security Advisory 06.29.05-1 - Remote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition. The cabinet file format is a Microsoft archive format used for distributing Microsoft software. The vulnerability specifically exists due to insufficient validation on cabinet file header data. Versions below 0.86 are vulnerable.
93f682da2005fa52edf3aebe3c087caeGentoo Linux Security Advisory GLSA 200506-24 - It has been reported that the getterminaltype function of Heimdal's telnetd server is vulnerable to buffer overflows. Versions less than 0.6.5 are affected.
ecec9e3180dcf184418098358baab7efUbuntu Security Notice USN-146-1 - Nobuhiro IMAI discovered that the changed default value of the Module#public_instance_methods() method broke the security protection of XMLRPC server handlers. A remote attacker could exploit this to execute arbitrary commands on an XMLRPC server.
97ac1d95c155555b96bb504ba67aefe3phpBB versions 2.0.15 and below suffer from a code injection bug.
bb8c5f7d10a8edc52251f23cac28ce85Raritan console servers come with two unpassworded accounts. Vendor has confirmed these versions are vulnerable: DSX16, DSX32, DSX4, DSX8, DSXA-48 (MIPS and Intel).
3265735b8867339aaa9fcbc0527bcd24Secunia Security Advisory - A vulnerability has been reported in Serendipity, which can be exploited by malicious people to compromise a vulnerable system.
52640880289a0d6a96c5167f623fd533Secunia Security Advisory - Secunia Research has discovered a security issue in Adobe Reader for Linux, which can be exploited by malicious, local users to gain knowledge of sensitive information.
bf07a2cc13aa8b38b949fb3897698f85Secunia Security Advisory - A vulnerability has been reported in phpMyFAQ, which can be exploited by malicious people to compromise a vulnerable system.
d9a591c2fd7279a2988b7d79596334d2Secunia Security Advisory - Park Gyu Tae has reported a vulnerability in NateOn Messenger, which can be exploited by malicious users to disclose system information.
e1bc036c172838c24f7e3b0b6a72b65bSecunia Security Advisory - Nortel Networks has acknowledged an old vulnerability in Communication Server 1000 (CS1000), which can be exploited by malicious people to cause a DoS (Denial of Service).
c6396d35a4b82c45a9a125c921515821Secunia Security Advisory - James Bercegay has reported some vulnerabilities in Wordpress, which can be exploited by malicious people to manipulate mail messages, conduct cross-site scripting and SQL injection attacks, and by malicious users to compromise a vulnerable system.
73354fc6b09efd2e808545fca4022e49Secunia Security Advisory - Przemyslaw Frasunek has reported a vulnerability in Solaris, which can be exploited by malicious, local users to gain escalated privileges.
7d854b537a075bec8bcbf5c8f13bf537
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed