SUSE Security Announcement - SUSE-SA:2006:016 - A programming flaw in the X.Org X Server allows local attackers to gain root access when the server is setuid root, as is the default in SUSE Linux 10.0. This flaw was spotted by the Coverity project.
a6a9900c4c24468a7a237eb8cfc8c54dMandriva Linux Security Advisory - Multiple integer overflows in the new_demux_packet function in demuxer.h and the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value.
ede7f568c8889d524e6344db2dcb4b96iDefense Security Advisory 02.24.06 - Local exploitation of an access validation error in SCO Unixware allows attackers to gain root privileges. The vulnerability specifically exists due to a failure to check permissions on traced executables. The ptrace() system call provides an interface for debugging other processes on the system. SCO Unixware's implementation of the ptrace system call fails to check for setuid permissions on binaries before attaching to the process. This results in the complete control of memory and execution for the traced process with root privileges. Attackers can inject data into the running setuid process and execute arbitrary code with root permissions. iDefense has confirmed the existence of this vulnerability in SCO Unixware versions 7.1.3 and 7.1.4. All previous versions of SCO Unixware are suspected to be vulnerable.
759036ff55d21839246e3a04d35ca7bbSUSE Security Announcement - A new release of Heimdal fixes a file ownership flaw and a bug in the telnet server.
25421df7037a142d3b4812b2350a6abaIRM Security Advisory No. 018 - A buffer overflow exists in Winamp's handling of a m3u playlist file. Version 5.13 is affected.
924d244e3e454672d333b985a74df005SpeedCommander version 11.0, ZipStar version 5.1, and Squeez version 5.1 all suffer from directory traversal vulnerabilities when processing malicious JAR and ZIP files.
94bd1d15aa6280bd023b5b9f799381faThe StuffIt and ZipMagic family of products are susceptible to directory traversal attacks when fed malicious ZIP or TAR files.
3d494b20b5df6c1a0a9dba1cbe646e54WinAce Archiver versions 2.6 and below are susceptible to a directory traversal attack when fed a malicious RAR or TAR file.
6f12f7c3cdee6b80b4fb4cd16bf117bcArchive_Zipr is susceptible to a directory traversal attack when fed a malicious ZIP file. Version 1.1 has been found vulnerable.
2eff05fc4a4bee2a4f1edfe2a8f43c4aCrypt::CBC versions 2.16 and below suffer from a ciphertext weakness when using certain block algorithms.
3262de5d8e6b3a69abc5efc3334c2f70NSA Group Advisory - The Bat version 3.60.07 is susceptible to a buffer overflow.
16a18e3b087b6a69e458ab08ce2d482dAdobe Macromedia Shockwave is susceptible to a remote code execution flaw. This specific flaw exists within the ActiveX control with CLSID 166B1BCA-3F9C-11CF-8075-444553540000. Specifying large values for two specific parameters to this control results in an exploitable stack based buffer overflow. Due to the nature of this vulnerability, the target user is not required to have fully completed an installation of Shockwave to be vulnerable.
aa146a3f81da882868d19fcf7e9f69aeSecunia Research has discovered a vulnerability in WinACE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when reading an overly large ARJ header block into a fixed-sized heap buffer. This can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code when a malicious ARJ archive is opened. WinACE version 2.60 is affected. Earlier versions may also be susceptible.
2e37a160a0ff7ff93147a7438af70312Ubuntu Security Notice USN-257-1 - Jim Meyering discovered that tar did not properly verify the validity of certain header fields in a GNU tar archive. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.
3983d648b1aaeeca0a801b90f7d8f35fSecunia Research has discovered a vulnerability in the Visnetic AntiVirus Plug-in for MailServer, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Visnetic AntiVirus Plug-in (DKAVUpSch.exe) not dropping its privileges before invoking other programs. This can be exploited to invoke arbitrary programs on the system with SYSTEM privileges. Versions affected are Visnetic AntiVirus Plug-in for MailServer 4.6.0.4 and 4.6.1.1.
b62cd513eedd8f6388064be8022ae861NSFOCUS Security Advisory - The NSFocus Security Team has discovered a buffer overflow vulnerability when Winamp processes .m3u files, which might cause Winamp to crash or even execute arbitrary code when a user loads a malicious .m3u file and plays it. Affected software includes Nullsoft Winamp version 5.12 and 5.13.
445600afb0a4ead37ec73f5efec66567When feeding zoo a specially crafted archive, an attacker may be able to trigger a stack overflow and seize control of the program.
929e4d3acc5bdf431c2aab70d0817786Mandriva Linux Security Advisory - Ulf Harnhammar discovered a buffer overflow vulnerability in the way that metamail handles certain mail messages. An attacker could create a carefully-crafted message that, when parsed via metamail, could execute arbitrary code with the privileges of the user running metamail.
1a9109a15bc1ca18fe140bdd59a8162eTechnical Cyber Security Alert TA06-053A - A file type determination vulnerability in Apple Safari could allow a remote attacker to execute arbitrary commands on a vulnerable system.
736b608ae9a0707f17a38cf82a9403bbGoogle reader is supposed to display only content that the user has subscribed to however two vulnerabilities has been identified which may allow an attacker to entice it's victim (using the Google reader service) to view unwanted web content carrying malicious payloads.
b24de84c45fd97304d6aa1b792ccb041IRM Security Advisory No. 017 - PortalSE version 2.0 allows a remote attacker to read any file on the filesystem as it runs with root privileges by default. It is also susceptible to a directory revelation issue.
53a6d085c73194ed7e99b4fceb971453SUSE Security Announcement - An update has been released to fix a remotely exploitable stack buffer overflow in the pam_micasa authentication module.
41acb0431df9eb8cb4a8bd971718810aSouth River WebDrive version 6.08 build 1131 is susceptible to a buffer overflow vulnerability.
5a6977841c8d9c9eb0dbba28fcb6b9f6PEAR::Auth version less than 1.2.4 and 1.3.0r4 suffer from SQL injection flaws.
73272548cc7945988381dfc4bdc028faGlobal Hauri Virobot is susceptible to an authentication bypass flaw.
0639d51c4366de335eddf6cc2e229776
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed