Debian Security Advisory 1586-1 - Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player. Integer overflow vulnerabilities exist in xine's FLV, QuickTime, RealMedia, MVE and CAK demuxers, as well as the EBML parser used by the Matroska demuxer. Insufficient input validation in the Speex implementation used by this version of xine enables an invalid array access and the execution of arbitrary code by supplying a maliciously crafted Speex file. Inadequate bounds checking in the NES Sound Format (NSF) demuxer enables a stack buffer overflow and the execution of arbitrary code through a maliciously crafted NSF file.
7355be718f57b1c08e1f04edd7309ae95359f8b6a3dba2dc3d07285db02c23a0AbleDating version 2.4 suffers from SQL injection and cross site scripting vulnerabilities.
73a15086564c5355c9428489912632b3ac252a24044e4a322414cee0cb3253e3FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.
c80f537d9db5de71dad583228ece831d62aa03bdd394f927c6567112d6ccfa84Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.
30c7765b960b131246bfe8c25b79d20eae49f282dd0ac3b7e1e293233a446f99BMForum Remote version 5.6 suffers from multiple cross site scripting vulnerabilities.
8f595250462eb8e1b20ff9980e0c4ffe0fb9e72739420988134d936fb176a7eeExteen Blog suffers from a cookie disclosure flaw using a cross site scripting vulnerability.
9773d823ba5cb2ce67daadc1aedaff09c9ec6b57d0bf06397bfa75cb870454e6HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running HP-UX Secure Shell. The vulnerability could be exploited locally to gain unauthorized access and create a Denial of Service (DoS).
2cd46811be74b61931443d90b14f854ab729ee479e5a774b1d8a65ea85ff55fbphpSQLiteCMS version 1 RC2 suffers from a cross site scripting vulnerability.
e2c0022d7c7bb0a81228bd239b46b326e42f265be1c47704ece49c01bdfda1adPHPFreeForum versions 1.0 RC2 and below suffer from a cross site scripting vulnerability.
a7f164b952ba42cba0a2e8d0046bdf409748965eac017aec3b2060b0cacc3effThe BT Home Hub has now changed the default access password from admin to the serial number of the device, but allows retrieval of the number via a simple MDAP request in the same network.
5a3ba5771f669f0d36e2e14d02605ae45cde0985a569ac6b24a5e403fcc692c7The Barracuda Spam Firewall device web administration interface is vulnerable to a reflected cross site scripting vulnerability which may allow theft of administrative credentials or downloading of malicious content. IRM confirmed the presence of this vulnerability in Barracuda Spam Firewall 600 Firmware 3.5.11.020. The vendor has confirmed the issue exists in all versions prior to 3.5.11.025.
9f40b815888c87cdeb682e726a415b2f57a0e4e96a16e1c928489289784a80fbIBM Lotus Sametime StMUX stack overflow exploit that binds a shell to port 4444.
70ad7c5c6d5f9fcf5bb0e2e9cde8e152fa49ef8e0aa91c1fb05503ce176602eaSecunia Security Advisory - A vulnerability has been reported in Snort, which can be exploited by malicious people to bypass certain security restrictions.
bb3c8b291059e3c69795d519613c6bdd2bd64d7e2ce1b84a3c2eda08a90ba88eSecunia Security Advisory - Red Hat has issued an update for nss_ldap. This fixes a security issue, which can be exploited by malicious people to manipulate certain data.
70e58be39bc5901d935629d61a8d1c8251f6ac97ab4a5b655ccda02d588513d0Asterisk Project Security Advisory - Asterisk installations using cryptographic keys generated by Debian-based systems may be using a vulnerable implementation of OpenSSL.
9e1a273be0fa164aae613d72d1ac5770291a36e329b0ef6f8f88dc52d55212aeMandriva Linux Security Advisory - Multiple race conditions have been addressed in the Linux 2.6 kernel.
7a3fe08bf3eec20d06755c9431d74aa4ce09ca2fec57d36ec7991fa23b4f3f9bA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the header parsing code for the msn protocol. When processing the X-MMS-IM-FORMAT header, certain attributes are copied into a buffer located on the stack without any length verification which can eventually lead to code execution with the privileges of the user that is running the application.
4d0a6af5e44d2bdd56945b744c3b6f4b89a2d5e8d4768d943eb3bfc81d350476A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within XML parsing in talk.dll. When processing certain malformed attributes within an 'IMG' tags, it is possible to overwrite past an allocated heap chunk which can eventually lead to code execution under the context of the currently user.
8fdf950b0f377ce0f861aa8e4fbbf191238473172e4170a987fa019d0aa05e97A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trillian. User interaction is required to exploit this vulnerability in that the target must open a malicious image file. The specific flaws exists during the parsing of messages with overly long attribute values within the FONT tag. The value for any attribute is copied into a stack based buffer via sprintf() which can result in a buffer overrun and can be subsequently leveraged to execute arbitrary code under the privileges of the logged in user. Exploitation may occur over the AIM network or via direct connections.
5d989512a7ddd1bb4faf147b19da9f8fc2c822c256c6593dbf81d50f70814e65A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Sametime. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of long URLs in the Community Services Multiplexer (StMux.exe) listening on TCP port 1533. A specially crafted URL can be passed into a vulnerable sscanf() function that will result in a stack overflow resulting in the ability to execute arbitrary code.
8ed7a6fdc52c86303cf6d9ba98be2cbe194fea9fb4821f008b8660ae7a801511iDefense Security Advisory 05.21.08 - Remote exploitation of a design error vulnerability in Snort, as included in various vendors' operating system distributions, could allow an attacker to bypass filter rules. Due to a design error vulnerability, Snort does not properly reassemble fragmented IP packets. When receiving incoming fragments, Snort checks the Time To Live (TTL) value of the fragment, and compares it to the TTL of the initial fragment. If the difference between the initial fragment and the following fragments is more than a configured amount, the fragments will be silently discard. This results in valid traffic not being examined and/or filtered by Snort. iDefense has confirmed the existence of this vulnerability in Snort 2.8 and 2.6. Snort 2.4 is not vulnerable.
71694e299caa136a88ff4553f89f1078e330d6913b0b76957abb0e2e9cfa6bffCore Security Technologies Advisory - Three vulnerabilities discovered in the iCal application may allow un-authenticated attackers to execute arbitrary code on vulnerable systems with (and potentially without) the assistance from the end user of the application and may cause a denial of service condition. iCal version 3.0.1 on MacOS X 10.5.1 (Leopard) is affected.
50d4793f2baf710c1c56d4c0a79886923259f972a87d94aa8b20feaedbd4b114Gentoo Linux Security Advisory GLSA 200805-20 - Multiple vulnerabilities might allow for the execution of arbitrary code in daemons using GnuTLS. Versions less than 2.2.5 are affected.
e37e04b526b4b0b5bb000df629ceab208e43543a12e0226906b04744ba9ae394Debian Security Advisory 1585-1 - It was discovered that speex, The Speex codec command line tools, did not correctly did not correctly deal with negative offsets in a particular header field. This could allow a malicious file to execute arbitrary code.
58ba5f6f2087b0475b32666839ed85079aae9b23d864adaa42fe7bc7447bf0e4Debian Security Advisory 1584-1 - It was discovered that libfishsound, a simple programming interface that wraps Xiph.Org audio codecs, didn't correctly handle negative values in a particular header field. This could allow malicious files to execute arbitrary code.
87491f9f366dac141525b69c9cb64ea9a5018739043844747a58d03549743c13
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed