Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
5cb76f182845605c9b8bd477556f453533874ace780dcb908c0bfe3f4ecefa63Secunia Security Advisory - Mandriva has issued an update for gdm. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
cea4378345d98bdb2a717e9f34982722543a08b40e9d46731c9faeb2a64fa846Secunia Security Advisory - Some vulnerabilities have been reported in italkplus, which potentially can be exploited by malicious people to compromise a vulnerable system.
1ed2a8ad5c77a1027e20cfb6d1fa606d4caedf309adb614c5588b466258066a9Multiple CRLF injection aka HTTP response splitting vulnerabilities have been identified in Google AdWords which may be exploited to inject arbitrary HTTP headers.
062562a8590bce4277ad7237fb661cbe785c2f43af14a6b3863075554454d6bdMandriva Linux Security Advisory MDKSA-2006-231 - Local exploitation of a format string vulnerability in GNOME Foundation's GNOME Display Manager host chooser window (gdmchooser) could allow an unauthenticated attacker to execute arbitrary code on the affected system.
0c112cceaa040d6b5745441618446c47e2238310ec1b95f898cf24d1bf76a4cdsqlmap is an automatic blind SQL injection tool capable of enumerating entire remote databases, performing an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application security flaws.
0853916caa03e6bd3a882a8a311e991ff641b37315415096cb6755d48f8b090dUbuntu Security Notice 396-1 - A format string vulnerability was discovered in the gdmchooser component of the GNOME Display Manager. By typing a specially crafted host name, local users could gain gdm user privileges, which could lead to further account information exposure.
487405d810702e54aed8b64095819c6455709886be82d5a7157e73a96e8467eaKerio MailServer version 6.2.2 preauth remote denial of service exploit.
06693eabdbec0e07d5c362d68827a5701df047b339ad16062f4a59c06535f14biDefense Security Advisory 12.14.06 - Local exploitation of a format string vulnerability in GNOME Foundation's GNOME Display Manager host chooser window (gdmchooser) could allow an unauthenticated attacker to execute arbitrary code on the affected system. This vulnerability has been confirmed to exist in the gdm-2.14.1-1 RPM from Red Hat Fedora Core 5. The vulnerability was introduced into the gdmchooser.c file in version 1.78 of gdm2/gui/gdmchooser.c in the GNOME CVS source code repository.
60e13d7ba3ec336f69ef6b3c60e8c771e80e26eff375096edace3ed83b991b25Hyper Access version 8.4 suffers from multiple command execution vulnerabilities.
f80fc49dfe1d0c19441f024ce5707fa40f9889fac4146b376d88524c20396f30GenesisTrader version 1.0 suffers from source code disclosure, arbitrary file upload, and cross site scripting vulnerabilities.
ee7e2884ae63b593717c14addfc45ea732e00d65bd6aed60db1ec42f4540b836Call For Papers for the eighth annual CanSecWest applied technical security conference - where the eminent figures in the international security industry will get together share best practices and technology - will be held in downtown Vancouver at the the Marriott Renaissance Harbourside on April 18-20, 2007.
6054c1c326863609ebd14bd8dcfb750dcb9445781692c9046b4a44dbf4c99112Secunia Security Advisory - Ubuntu has issued an update for gdm. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
4db147a0a8418a0e00afab553f3a10233c5f34286afdb95f1b949219bcda8451Secunia Security Advisory - A vulnerability has been reported in the gdmchooser application of the GNOME Display Manager, which can be exploited by malicious, local users to gain escalated privileges.
742a5a593cd89f7c2ef7f93e8c3226492e087a0dc7b23c5f2a824bc4905b95baSecunia Security Advisory - Gentoo has issued an update for links. This fixes a vulnerability, which can be exploited by malicious people to expose sensitive information and manipulate data.
2b028ea4ba5c4cbecee679de129a439963cb2ba2e8e5e3260e3abbb206e3914aCore Security Technologies Advisory - A locally exploitable stack overflow vulnerability has been found in the mod_ctrls module of ProFTPD server. ProFTPD versions 1.3.0a and 1.3.0 are affected.
d36acaee71f87bea897777e3ff93edf6478e47c07c9a9d32a58514040e1ae1cfIBM's DB2 suffers from a remote denial of service condition during CONNECT processing.
e3fb513c3bd7301e0e847c155ed0caa6b969013f311609b7d19963f17e1da5d3Coolplayer versions 215 and below suffer from multiple boundary error conditions.
df5c5375bc2513702a3db5629c8089df53be7c6c76658ba4068f25baf3aac941IIS 5.1 suffers from a flaw where it allows an ASP shell to be spawned via execute rights for IUSR_Machine.
5a7c990b18f1d8d2164f708100f81623d7bd6a8ef8350f992cd9f06143afe20aSecunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the exception handling of script errors. This can be exploited to corrupt memory via an HTML document containing specially crafted JavaScript that triggers certain errors simultaneously. Microsoft Internet Explorer 6.0 is affected.
dd22c9ed6d25b103da6b72c0e33253fcf2f55360ddb41df5df49a8f3b264a4d9iDefense Security Advisory 12.12.06 - Local exploitation of a directory traversal vulnerability in ld.so could potentially allow a non root user to execute arbitrary code as root. iDefense has confirmed that Solaris 10 for both x86 and SPARC is vulnerable. It is speculated that older versions of Solaris are vulnerable as well.
6a56303b2aea9deebd5cd8cd085fcba5d42d35526149bcaa8c66c36de075f914iDefense Security Advisory 12.12.06 - Local exploitation of a buffer overflow vulnerability in ld.so could potentially allow a non root user to execute arbitrary code as root. iDefense has confirmed that Solaris 10 for both x86 and SPARC is vulnerable. Older versions of Solaris are likely to be vulnerable as well.
21a9a1fb7b07e47ddb789eb978a278eb538aa3eaed4094520c4e5cac4e97a314Rad Upload version 3.02 suffers from a remote file inclusion vulnerability.
ca59ec9dd17403e450af918832e392ef2d826537152c07fce23358a20094cbdfA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Anti-Virus. The specific flaw exists in the parsing of SIT archives. When a long non-null terminated filename is processed by veex.dll, a heap overflow occurs due to the miscalculation of the string's actual size. Exploitation is possible leading to remote code execution running under the SYSTEM context.
113bb902ae3854e7000b6296de7caa6c006d48c11e4e7e15ba976dc6d4b73102Exploit for a buffer overflow in the Kerberos KBIND authentication code in the OpenLDAP slapd server for versions 2.4.3 and below. Note that the vulnerable code only exists in versions compiled with the --enabled-kbind option.
caeceb13a21843c70ef44e4acb32c112873063011f8be8a62366988ea194cee7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed