Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)

No description provided by source. !/usr/bin/ruby -w Version 0.1 Public snort 2.4.0 - 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit by xwings at mysec dot org URL : http://www.mysec.org , somebody need to update the page Saying Hi to .... . All the 1337 c0d3r @ pulltheplug.org . Gurus from...

RHEL 3 / 4 : openssl096b (RHSA-2005:830)

Updated OpenSSL096b compatibility packages that fix a remote denial of service vulnerability are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The OpenSSL toolkit implements Secure Sockets Layer SSL v2/v3, Transport Layer...

ADODB.Stream object from Internet Explorer (KB870669)

An ADO stream object represents a file in memory. The stream object contains several methods for reading and writing binary files and text files. When this by-design functionality is combined with known security vulnerabilities in Microsoft Internet Explorer, an Internet Web site could execute...

compat, nss_ldap, openldap security update

CentOS Errata and Security Advisory CESA-2005:767 Updated openldap and nssldap packages that correct a potential password disclosure issue and possible authentication vulnerability are now available. This update has been rated as having moderate security impact by the Red Hat Security Response...

OpenSSL Version Rollback and Weak Cryptographic Algorithm Vulnerabilities

OpenSSL contains vulnerabilities that could allow an unauthenticated, remote attacker to bypass security restrictions. The first vulnerability CVE-2005-2969 affects any application using a SL/TLS server implementation provided by OpenSSL versions 0.9.7g and prior. If these implementations have...

Fedora Core 4 : squirrelmail-1.4.6-0.cvs20050812.1.fc4 (2005-780)

It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4. This snapshot worked on my personal server for the past week, so hopefully it will be good for...

USN-157-2: Updated Mozilla Thunderbird Enigmail plugin for Ubuntu 4.10

USN-157-1 fixed some vulnerabilities in the Mozilla Thunderbird email client. The updated Thunderbird version broke compatibility with the Enigmail plugin. As announced in USN-157-1, the Enigmail package was now updated for Ubuntu 4.10 Warty Warthog to work with the new Thunderbird version...

Linux kernel ia32 compatibility for 64 bit platforms race condtions

Race conditions with heap memory corruption in execve syscall...

[ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) race condition

Suresec Security Advisory - 00004 10/07/05 Linux kernel ia32 compatibility race condition Advisory: http://www.suresec.org/advisories/adv4.pdf http://www.suresec.org/advisories/adv3.pdf Description: A race condition vulnerability has been found in the ia32 compatibility execve systemcall. The rac...

CVE-2005-1768

The CVE-2005-1768 issue is a race condition in the Linux kernel’s IA32 (x86) compatibility execve() handling, affecting amd64/Intel EM64T and Itanium platforms. A concurrent thread can increment a pointer count after nargs has counted pointers but before copying from user space to kernel space, l...

CVE-2005-1765

syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service kernel hang via crafted arguments...

CVE-2005-1765

syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service kernel hang via crafted arguments...

phpFusion501.txt

Note added to this advisory - This is not part of PHP Fusion v5.01 This is an available mod addon supplied by the main developer Digitanium for an IIS Compatibility. This setuser.php will not implemented into PHP Fusion until v5.02 and is not mainstream accross the fusion community. I have notifi...

Solaris 8 (x86) : 109932-10

CDE 1.4x86: sdtimage Patch. Date this patch was last updated by Sun : Mar/24/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

RealPlayer 10 ".smil" File Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ======================================================== RealPlayer 10 ".smil" File Local Buffer Overflow Exploit ======================================================== / RealPlayer .smil file buffer overflow Coded by email protected &...

RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow

/ RealPlayer .smil file buffer overflow Coded by nolimit@CiSO & Buzzdee greets to COREiSO & news & flare & class101 & ESI & RVL & everyone else I forget This uses a seh overwrite method, which takes advantage of the SEH being placed in multiple locations over the different OS's. Because of this, ...

HP-UX PHCO_28481 : s700_800 11.11 cumulative 10.20 libc compatibility support

s700800 11.11 cumulative 10.20 libc compatibility support : The remote HP-UX host is affected by multiple vulnerabilities : - Potential buffer overflow in xdrmemgetbytes and related functions. HPSBUX00252 SSRT2439 - Potential buffer overflow in XDR library. HPSBUX00215 SSRT2336 %NASLMINLEVEL 7030...

HP-UX PHCO_28480 : s700_800 11.00 cumulative 10.20 libc compatibility support

s700800 11.00 cumulative 10.20 libc compatibility support : The remote HP-UX host is affected by multiple vulnerabilities : - Potential buffer overflow in XDR library. HPSBUX00215 SSRT2336 - Potential buffer overflow in xdrmemgetbytes and related functions. HPSBUX00252 SSRT2439 %NASLMINLEVEL 7030...

RHEL 3 : kernel (RHSA-2005:043)

Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available. The Linux kernel handles the basic functions of the operating system. This advisory includes fixes for several security issues : iSEC Security Research discovered a VMA handling flaw in the...

Veritas Backup Exec Agent 8.x/9.x - Browser Overflow

/ Got to give it to class101 on this one. Tested and penetrated. / str0ke / / VERITAS Backup Exec v9.1.4691.SP1 v9.1.4691.SP0 v8.5.3572 Agent Browser Service, Remote Stack Overflow Highly Critical All credits to: -iDEFENSEdiscovery-www.iDEFENSE.com, -Thor Doomeniat-syscallatinbox.lv, -H.D...