This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the szone_free() to overwrite the size() or free() pointer in initial_malloc_zones structure. OSX version.
41df3765c835402280aab01fc03d46c9b2c7b29c3dc978680897dd0fb25af88e
This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method (credit Ramon and Adriano), which only works with Samba versions 3.0.21 through 3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher than "2". Solaris version.
de2f7abb618670f26477578d2cf35a14414c6516b9a7f7271f2d1b1d3ca0ba65
This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method (credit Ramon and Adriano), which only works with Samba versions 3.0.21 through 3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher than "2". Linux version.
ecad9d88ed773b5eba7139281a534e16adc238b07ada385028643a4c54900d67
Mandriva Linux Security Advisory - A vulnerability in the RAR VM in ClamAV allowed user-assisted remote attackers to cause a crash via a crafted RAR archive which resulted in a NULL pointer dereference.
5bd6f768c2ae91923dcae724be1114f97ea01aa9ddc53c7418e3a41d321b7fec
Kiwicon '07 Call For Papers - Kiwicon '07 will be a largely informal conference, organized by the security community for the security community. It will be held in Wellington, New Zealand, on the weekend of the 17th and 18th of November, 2007.
770669ef9174806a2a98bf2bc584b87632fbfa72fede610d04f510c61fed8270
Mandriva Linux Security Advisory - The DNS query id generation code in BIND9 is vulnerable to cryptographic analysis which provides a 1-in-8 change of guessing the next query ID for 50% of the query IDs, which could be used by a remote attacker to perform cache poisoning by an attacker. As well, in BIND9 9.4.x, the default ACLs were note being correctly set, which could allow anyone to make recursive queries and/or query the cache contents.
6b86dfec16962004867daf39c7cfdac46f389704063d633f444e270dcfe9bb1b
Debian Security Advisory 1341-1 - Amit Klein discovered that the BIND name server generates predictable DNS query IDs, which may lead to cache poisoning attacks.
88410bd247777324f4bc7b4a5f630f56927bb335206462a9bc6b463559bd8022
A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of BakBone NetVault Reporter. User interaction is not required to exploit this vulnerability. BakBone NetVault Reporter version 3.5 prior to Update4 is susceptible.
c3eba9e3a239ceea1a75f4975440e4f47f2979ceeb1fcddc729b4d6201491bbc
The Mozilla application platform currently has an unpatched input validation flaw which allows you to specify arbitrary command line arguments to any registered URL protocol handler process. Thunderbird version 2.0.0.5 fixes this. Full exploits included.
b87dd83511bb3193b27560787656bb08cbc129eb12d1eb43241e8ff546fbf7fb
Mitridat's Form Processor Pro suffers from cross site scripting vulnerabilities.
566d7fda7a4e1adf92ab3b359ce8625c0ac40ac810f5d475c731cebe8cbb296e
Gentoo Linux Security Advisory GLSA 200707-11 - kadmind is affected by multiple vulnerabilities in the RPC library shipped with MIT Kerberos 5. It fails to properly handle zero-length RPC credentials (CVE-2007-2442) and the RPC library can write past the end of the stack buffer (CVE-2007-2443). Furthermore kadmind fails to do proper bounds checking (CVE-2007-2798). Versions less than 1.5.2-r3 are affected.
33f574675877e6e34e428ed47ba0d62856a4d1f17a20853263cf9c824e89339f
Gentoo Linux Security Advisory GLSA 200707-10 - Konstantine Shirow reported a vulnerability in default Gentoo configurations of Festival. The daemon is configured to run with root privileges and to listen on localhost, without requiring a password. Versions less than 1.95_beta-r4 are affected.
fe4b3ef3de4f1b7f92b7689b719c1e0cd81f66b4230c08736b7eb4bfe923b085
Gentoo Linux Security Advisory GLSA 200707-09 - Sean Larsson from iDefense Labs discovered multiple integer overflows in various GIMP plugins (CVE-2006-4519). Stefan Cornelius from Secunia Research discovered an integer overflow in the seek_to_and_unpack_pixeldata() function when processing PSD files (CVE-2007-2949). Versions less than 2.2.16 are affected.
b640f357c376ba327779e33a6913b26e034899598eb5cb23b3c1dafd75891c02
Mandriva Linux Security Advisory - An integer overflow in tcpdump could allow a remote attacker to execute arbitrary code via crafted TLVs in a BGP packet.
2f982f2161f3356e5da0b292f0f1e0ef5c469b4c2135e3c8610f27cd40edbfa1
Ubuntu Security Notice 491-1 - A flaw was discovered in Bind's sequence number generator. A remote attacker could calculate future sequence numbers and send forged DNS query responses. This could lead to client connections being directed to attacker-controlled hosts, resulting in credential theft and other attacks.
bff534758165f1f2510a0d68e2038678636558282c0ef43fb9ce4fc837514132
Clever Internet ActiveX Suite version 6.2 arbitrary file download/overwrite exploit that makes use of CLINETSUITEX6.OCX.
d6a392f3c1363b79d87f532f253f55b45415f2dc106c486b6c6e87094b9520c6
IPSwitch IMail server 2006 SEARCH remote stack overflow exploit. Binds a shell to port 1154.
b5435382b53d5e12ca72274477308b144b194b6e9c81f213dbda373a92218328
IndexScript versions 2.8 and below suffer from a SQL injection vulnerability in showcat.php.
1100602100f77adb05ad45735391639e49021305360d88d105d205e3ef2a46fc
Webyapar version 2.0 suffers from multiple SQL injection vulnerabilities.
3ee3e4499cc66037cc1f076b120a23d6da2764f3b7226d1f629898c8d98d9814
ifoto version 1.0 suffers from a directory traversal vulnerability.
515f80aeae4c062e76087e67bcaf8da27e538714cd8b5c87bb1ab74a17b91c67
A denial of service vulnerability exists in CA eTrust Antivirus when parsing .CHM files. The vulnerability is present in CA eTrust Antivirus software previous to file arclib.dll version 7.3.0.9.
456f1593f1c7a4bd074c2182ce0fd75e3dc29468994fc5830bbb56719be5eff6
Denial of service exploit for Microsoft Windows XP and Vista that uses ARP.
521d20576bef0e344d07aa66023e71bc289eb0f833d90bbd647ea744f24f7996
OpenPKG Security Advisory - BIND 9 versions 9.4.1-P1 and below suffer from multiple vulnerabilities that allow for recursive queries and cache poisoning.
c368a04ffba7fa0bd16a6fd660ba328818e7e86d86faf603e8fd15ff53b9f706
Vikingboard version 0.1.2 suffers from multiple cross site scripting vulnerabilities.
4152f6d418d3657569e6f20922d2c74245012db460756216c446753cdd84ecee
Vikingboard may disclose sensitive information via the debug variable.
d8ec1b54380cdc906a660ece72c26a22cdd39b072675e97aa92cad332dc7e9d8