openSUSE 10 Security Update : krb5 (krb5-3820)

This update fixes a stack-based buffer overflow in kadmind which can be exploited by authenticated remote users to gain root. CVE-2007-2798 Additionally two bugs in the RPC library of kadmind were fixed that can lead to remote system compromise. CVE-2007-2442, CVE-2007-2443 Note that third-party...

Tencent QQ scene vulnerability to the hack of the law-vulnerability and early warning-the black bar safety net

According to analysys international released the 2 0 0 7 in the first 2 quarters of China im market quarterly monitoring report shows, Chinese active IM software account has reached 3. 7 6 million, which has 2. 9 million active user accounts for Tencent QQ is well deserved IM the king. But did yo...

Microsoft Windows DNS Server 0-day buffer overflow

Buffer overflow in RPC-based interface is used for remote system compromisation...

Asterisk SIP通道驱动应答零代码远程拒绝服务漏洞

Asterisk是一个开放源代码的软件VoIP PBX系统。 Asterisk处理包含code 0的应答消息存在问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 从远程系统接收到部分SIP应答如SIP Response code 0，可导致Asterisk崩溃，造成拒绝服务攻击。 Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.2.16 Asterisk Asterisk 1.2.15 Asterisk Asterisk 1.2.14 Asterisk Asterisk 1.2.13 Asterisk Asterisk 1.2.11...

MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741) (uncredentialed check)

The remote host has multiple bugs in its RPC/DCOM implementation 828741. An attacker may exploit one of these flaws to execute arbitrary code on the remote system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid21655; scriptversion"1.25"; scriptcvsdate"Date: 2018/11/...

SUSE-SA:2006:056: gzip

The remote host is missing the patch for the advisory SUSE-SA:2006:056 gzip. The gzip tool does not handle some specific values correctly when unpacking archives. This leads to vulnerabilities like buffer overflows or infinite loops. Various different programs like mail clients, file explorer, et...

kernel security update

CentOS Errata and Security Advisory CESA-2007:0014 Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...

[Full-disclosure] Computer Terrorism (UK) :: Incident Response Centre - Microsoft Outlook Vulnerability

Computer Terrorism UK :: Incident Response Centre www.computerterrorism.com Security Advisory: CT09-01-2007 ======================================================= Microsoft Outlook Advanced Find - Remote Code Execution ======================================================= Advisory Date: 11th...

Computer Terrorism (UK) :: Incident Response Centre - Microsoft Publisher Font Parsing Vulnerability

Computer Terrorism UK :: Incident Response Centre www.computerterrorism.com Security Advisory: CT12-09-2006-2.htm ============================================== Microsoft Publisher Font Parsing Vulnerability ============================================== Advisory Date: 12th, September 2006...

Computer Terrorism (UK) :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability

Computer Terrorism UK :: Incident Response Centre www.computerterrorism.com Security Advisory: CT12-09-2006 ============================================================ Adobe/Macromedia Flash Player - Remote Code Execution ============================================================ Advisory Date...

[Full-disclosure] phpSysInfo arbitrary file identification

phpSysInfo is a popular webscript for displaying stats about a webserver available from http://phpsysinfo.sourceforge.net/ with 365012 downloads to date. A vulnerability which allows an attacker to identify if a file exists on the remote system has been identified. By supplying a directory...

Secunia Research: Servant Salamander unacev2.dll Buffer Overflow Vulnerability

====================================================================== Secunia Research 28/04/2006 - Servant Salamander unacev2.dll Buffer Overflow Vulnerability - ====================================================================== Table of Contents Affected...

msie-createTextRang-script.txt

shellcode =...

Microsoft Internet Explorer - createTextRang Download Shellcode (2)

Microsoft Internet Explorer - createTextRang Download Shellcode 2 / Internet Explorer "createTextRang" Download Shellcoded Exploit 2 Bug discovered by Computer Terrorism UK http://www.computerterrorism.com/research/ct22-03-2006 Affected Software: Microsoft Internet Explorer 6.x & 7 Beta 2 Severit...

Microsoft Internet Explorer - 'createTextRang' Download Shellcode (2)

/ Internet Explorer "createTextRang" Download Shellcoded Exploit 2 Bug discovered by Computer Terrorism UK http://www.computerterrorism.com/research/ct22-03-2006 Affected Software: Microsoft Internet Explorer 6.x & 7 Beta 2 Severity: Critical Impact: Remote System Access Solution Status: Unpatche...

MS Internet Explorer (createTextRang) Download Shellcoded Expl (2)

Exploit for unknown platform in category remote exploits ===================================================================== MS Internet Explorer createTextRang Download Shellcoded Exploit 2 ===================================================================== / Internet Explorer "createTextRan...

SPIP < 1.8.2-g SQL Injection and XSS Flaws

The remote web server has a PHP application that is affected by multiple flaws. Description: The remote host is running SPIP, an open-source CMS written in PHP. The remote version of this software is prone to SQL injection and cross site scripting attacks. An attacker could send specially crafted...

PHPSurveyor sid SQL Injection Flaw

The remote version of PHPSurveyor is prone to a SQL injection flaw. SPDX-FileCopyrightText: 2006 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MS Internet Explorer (createTextRang) Download Shellcoded Exploit

Exploit for unknown platform in category remote exploits ================================================================= MS Internet Explorer createTextRang Download Shellcoded Exploit ================================================================= / Internet Explorer "createTextRang" Downloa...

Microsoft Internet Explorer - &#039;createTextRang&#039; Download Shellcode (1)

/ Internet Explorer "createTextRang" Download Shellcoded Exploit Bug discovered by Computer Terrorism UK http://www.computerterrorism.com/research/ct22-03-2006 Reliable exploitation by Darkeagle of Unl0ck Research Team http://www.milw0rm.com/exploits/1606 Affected Software: Microsoft Internet...