[Full-disclosure] dproxy-nexgen remote

attached is an exploit for the latest dproxy-nexgen, seems the latest version is just as bad as the previous dproxy-0.5... problem exists because of lack of NULL checking in dnsdecodereversename... -- mu-b [email protected] "Only a few people will follow the proof. Whoever does will spend the...

FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities

FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities source: https://www.securityfocus.com/bid/22880/info FiSH is prone to multiple remote buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer...

USN-425-1: slocate vulnerability

A flaw was discovered in the permission checking code of slocate. When reporting matching files, locate would not correctly respect the parent directory's "read" bits. This could result in filenames being displayed when the file owner had expected them to remain hidden from other system users...

Debian DSA-1261-1 : postgresql - several vulnerabilities

It was discovered that the PostgreSQL database performs insufficient type checking for SQL function arguments, which might lead to denial of service or information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

DSA-1261-1 postgresql

Bulletin has no description...

A simple analysis of the Linux kernel vulnerabilities-vulnerability warning-the black bar safety net

With Windows compared to Linux is considered to have better security and other extended properties. These features make the Linuxoperating systemfield meteoric rise, more and more attention. As the Linux application to increase the amount of its security has gradually been public, or even hacking...

NCTsoft NCTAudioFile2 ActiveX Control Remote Buffer Overflow Vulnerability

Description NCTsoft NCTAudioFile2 ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer. NCTAudioEditor is a collection of ActiveX controls for...

CA BrightStor ARCserve Backup - Message EngineTape Engine Remote Buffer Overflow

CA BrightStor ARCserve Backup - Message EngineTape Engine Remote Buffer Overflow source: https://www.securityfocus.com/bid/22005/info Computer Associates BrightStor ARCserve Backup is affected by a remote buffer-overflow vulnerability because the application fails to perform proper bounds-checkin...

Microsoft Office 2003 grammar checking memory corruption

Memory corruption on Brazilian and Portuguese grammar checking...

SMS handling OpenSER remote code executing

Synopsis: SMS handling OpenSER remote code executing Product: OpenSER Version: =1.1.0 Issue: ====== A critical security vulnerability has been found in OpenSER SMS handling module. The vulnerable function should read the SMS from the SIM-memory. Details: ======== int fetchsmsstruct modem mdm, int...

OpenSER OSP Module remote code execution

Synopsis: OpenSER OSP Module remote code execution Product: OpenSER Version: =1.1.0 Issue: ====== A critical security vulnerability has been found in OpenSER Open Settlement Protocol OSP module. OSP is an ETSI defined standard for Inter-Domain VoIP pricing,authorization and usage exchange. Detail...

[Full-disclosure] ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability

ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-052.html December 22, 2006 -- CVE ID: CVE-2006-6424 -- Affected Vendor: Novell -- Affected Products: Novell NetMail 3.5.2 -- TippingPointTM IPS Customer Protection: TippingPoint I...

Novell NetMail NMAP STOR Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Novell NetMail. Successful exploitation requires the attacker to successfully authenticate to the affected service. The specific flaw exists in NetMail's implementation of the Network Messaging...

Remote Command Execution

A critical problem has been discovered in plugin class.txrtehtmlareapi1.php that is used for spell-checking in the rtehtmlarea extension. Component Type: System Extension TYPO3 Versions 4.0-4.0.3, 4.1beta Third Party Extension TYPO3 Versions up to 3.8.1. Since TYPO3 Version 4.0 the extension is...

Squid NTLM Authenticate Overflow

This is an exploit for Squid's NTLM authenticate overflow libntlmssp.c. Due to improper bounds checking in ntlmcheckauth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length. Props to iDEFENSE for the advisory. This module requires...

thinkedit-rfi.txt

r0ut3r Presents... Another r0ut3r discovery! writ3r at gmail.com ThinkEdit Remote File Inclusion Exploit Software: ThinkEdit 1.9.2 Vendor: http://www.thinkedit.org/ Released: 2006/12/08 Discovered & Exploit By: r0ut3r writ3r at gmail.com Note: The information provided in this document is for...

CVE-2006-6014

The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PTDUMPCORE request, which allows local users to have an unknown impact...

CVE-2006-6014

The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PTDUMPCORE request, which allows local users to have an unknown impact...

CVE-2006-6014

CVE-2006-6014 affects the NetBSD-current kernel prior to 20061028. The flaw is a bounds-checking issue in the ptrace system call during PT_DUMPCORE, where an unspecified userspace parameter is not properly validated. This allows local users to cause an unknown impact. The vulnerability and its de...

HTTP Upload Tool (download.php) Information Disclosure Vulnerability

Target: HTTP Upload Tool For PHP 1.0 http://uploadtool.sourceforge.net/ Vulnerability: Information disclosure Description: The download.php file in Upload Tool for PHP neither verifies that a requestor has authenticated, nor performs any sanity checking on the file being requested. This allows an...