Debian: Security Advisory (DSA-1377-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

apache mod_status cross-site scripting

Cross-site scripting XSS vulnerability in modstatus in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Microsoft Windows TCP/IP ICMP Remote Denial Of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted TCP/IP traffic. Attackers can exploit this issue to cause affected computers to stop responding and to automatically restart. Successful attacks will deny...

CVE-2007-6505

Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities...

CVE-2007-4861

SAXON 5.4, with displayerrors enabled, allows remote attackers to obtain sensitive information via 1 a direct request for news.php, 2 an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in 3 admin/, 4 rss/, and 5 the ro...

DSA-1377-2 fetchmail - null pointer dereference

Bulletin has no description...

DEBIAN-CVE-2006-5752

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

DEBIAN-CVE-2007-1863

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

DEBIAN-CVE-2007-2241

Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service daemon exit via a sequence of queries processed by the queryaddsoa function...

QuickTime < 7.1.6 Multiple Vulnerabilities

Binary data 3975.prm...

Snort 2.6.1.12.6.1.22.7.0 - fragementation Remote Denial of Service

Snort 2.6.1.12.6.1.22.7.0 - fragementation Remote Denial of Service / DOS Snort Inline Affected Versions: 2.6.1.1, 2.6.1.2, 2.7.0beta Requirements : Frag3 Enabled, Inline, Linux, ipconntrack disabled Antimatt3r [email protected] Offset needs to be supplied that would cause reassembly for...

InstallShield InstallFromTheWeb ActiveX Control Multiple Overflows

InstallFromTheWeb IFTW, a web-enabled software installation product from InstallShield, is installed on the remote host. The version of InstallFromTheWeb on the remote host includes an ActiveX control that is reportedly affected by multiple and, as yet, unspecified buffer overflow vulnerabilities...

Design/Logic Flaw

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

CVE-2007-0675

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...

CVE-2006-6488

The CVE-2006-6488 issue is a stack-based buffer overflow in ICONICS Dialog Wrapper Module ActiveX (DlgWrapper.dll) DoModal function, exploited by ICONICS OPC-enabled Gauge/Switch/Vessel ActiveX prior to version 8.4.166.0. An attacker can remotely execute arbitrary code by sending a long FileName ...

CVE-2006-6488

Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control DlgWrapper.dll before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long 1 FileName or 2 Filter argument...

CVE-2006-6488

Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control DlgWrapper.dll before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long 1 FileName or 2 Filter argument...

First Response < 1.1.1 Multiple Vulnerabilities

The remote host contains a version of First Response, an incident response tool, that is affected by multiple vulnerabilities. If the First Response agent fragent is configured to listen for remote SSL-enabled connections, it is reportedly possible to disable the agent remotely by sending a serie...

3comtftp.txt

Doesn't look like SEH is being overwritten so I'm having trouble getting this to work with DEP-enabled XPSP2 and 2K3. Tested on XPSP2 and Win2K. Includes offsets for NT, 2K and XP call esi. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= require 'msf/core' module Msf class...

CVE-2006-6056

Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service crash via a malformed file stream that triggers a NULL pointer dereference in the superblockdoinit function, as demonstrated using an HFS filesystem image...