Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow

The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition. Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Teln...

myBloggie "username" SQL Injection Vulnerability

Secunia Advisory: SA16699 Release Date: 2005-09-05 Critical: Moderately critical Impact: Security Bypass Manipulation of data Where: From remote Solution Status: Vendor Patch Software: myBloggie 2.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it...

[Full-disclosure] mutt buffer overflow

Summary/Impact: There is a buffer overflow in mutt found thanks to ProPolice, which may allow an attacker to execute code by sending a maliciously crafted email. All latest versions appear affected. Mutt is an e-mail client that sucks less according to the headline on http://www.mutt.org/ Details...

Grandstream Budge Tone 101/102 DoS Vulnerability

------------------------------------------------------------------- SySS-Advisory: Grandstream Budge Tone 101/102 DoS Vulnerability - ------------------------------------------------------------------- Problem discovered: July 20th 2005 Vendor contacted: July 21th 2005 Advisory will published on:...

Novell eDirectory Server iMonitor Multiple Remote Overflows

The remote host is running a version of eDirectory iMonitor that is vulnerable to a remote buffer overflow. An attacker may exploit this flaw to execute arbitrary code on the remote host or to disable this service remotely. To exploit this flaw, an attacker would need to send a specially crafted...

[SA16235] Hosting Controller comgetfile.asp Information Disclosure

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

SSA-18695 mutt remote exploit patched

An exploitable overflow has been found in the address handling code of the mutt mail client version 1.2.5i supplied with Slackware 8.0. A new mutt-1.2.5.1 has been released which addresses this problem, and packages are now available for Slackware 8.0 and -current. We urge all Slackware users to...

Slackware 8.1 / 9.0 / current : Sendmail vulnerabilities fixed (SSA:2003-260-02)

The sendmail packages in Slackware 8.1, 9.0, and -current have been patched to fix security problems. These issues seem to be remotely exploitable, so all sites running sendmail should upgrade right away. Sendmail's 8.12.10 announcement may be found here: http://www.sendmail.org/8.12.10.html...

FreeBSD : kstars -- exploitable set-user-ID application fliccd (0512b761-70fb-40d3-9954-aa4565528fa8)

A KDE Security Advisory explains : Overview KStars includes support for the Instrument Neutral Distributed Interface INDI. The build system of this extra 3rd party software contained an installation hook to install fliccd part of INDI as SUID root application. Erik Sjolund discovered that the cod...

Infopop UBB Threads Multiple Vulnerabilities

GulfTech Security Research June 23rd, 2005 Vendor : Infopop Corporation URL : http://www.ubbcentral.com/ubbthreads/ Version : All Versions Prior To 6.5.2 Beta Risk : Multiple Vulnerabilities Description: UBB Threads is a very popular forum system developed by Infopop. There are a number of...

Microsoft Step-By-Step Interactive Training Bookmark Link Buffer Overflow Vulnerability

Description Microsoft Step-By-Step Interactive Training is prone to a buffer overflow vulnerability. This is due to a boundary condition error related to validation of data in bookmark link files. As bookmark link files may originate from an external source, this issue may be remotely exploitable...

Denial of Service vulnerability in GoodTech SMTP Server for Windows NT/2000/XP version 5.14

Summary: Denial of Service vulnerability in GoodTech SMTP Server for Windows NT/2000/XP version 5.14 http://www.goodtechsys.com/ Details: Input to the RCPT TO command is not properly checked and/or filtered. Issuing a single character 'A' as an argument to the RCTP TO command will cause the smtpd...

pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows

gxine remote exploitable . opensource is god .lol windows www.ph4nt0m.org Systems affected: gxine 0.44 0.43 0.42 0.41 no affected no all exploitable 1:why: it is a http hostname format string vulnerability.. new firefox can run gxine in many linux DS... so very dangerous!!!!!!!!!!!!!!!!!! 2:tips:...

[SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow

Advisory Name: Ethereal 0.10.10 SIP Dissector Overflow Release Date: 05/07/05 Application: Ethereal 0.10.10 and Prior Platform: Multiple Severity: A remote attacker can execute arbitrary commands Author: Ejovi Nuwere ejoviATsecuritylab.net Vendor Status: Vendor has published patch Reference:...

[Full-disclosure] [SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow

Advisory Name: Ethereal 0.10.10 SIP Dissector Overflow Release Date: 05/07/05 Application: Ethereal 0.10.10 and Prior Platform: Multiple Severity: A remote attacker can execute arbitrary commands Author: Ejovi Nuwere ejoviATsecuritylab.net Vendor Status: Vendor has published patch Reference:...

Convert-UUlib 1.04/1.05 Perl Module - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/13401/info Convert-UUlib Perl module is prone to a remotely exploitable buffer-overflow vulnerability. A remote attacker may leverage this condition to overwrite sensitive program control variables and thus gain control of the process's execution flow. Th...

Microsoft Windows Kernel Object Management Denial Of Service Vulnerability

Description The Microsoft Windows kernel is prone to a locally exploitable denial-of- service vulnerability. The issue is related to object management in the Windows kernel. Technologies Affected Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows...

iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability

Microsoft Multiple E-Mail Client Address Spoofing Vulnerability iDEFENSE Security Advisory 04.08.05 http://www.idefense.com/application/poi/display?type=vulnerabilities April 8, 2005 I. BACKGROUND Microsoft Outlook provides an integrated solution for managing and organizing e-mail messages,...

GLSA-200503-32 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-32 Mozilla Thunderbird: Multiple vulnerabilities The following vulnerabilities were found and fixed in Mozilla Thunderbird: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete...

- Argeniss - Oracle Database Server Directory transversal

Argeniss Security Advisory Name: Oracle Database Server Directory transversal Affected Software: Oracle Database Server versions 8i and 9i Severity : Medium Remote exploitable: Yes Authentication to Database Server is needed Credits: Cesar Cerrudo Date: 03/07/05 Advisory Number: ARG030501 Details...