SuSE-SA:2004:001: Linux Kernel

The remote host is missing the patch for the advisory SuSE-SA:2004:001 Linux Kernel. The domremap function of the Linux Kernel is used to manage move, resize Virtual Memory Areas VMAs. By exploiting an incorrect bounds check in domremap during the remapping of memory it is possible to create a VM...

Sendmail vulnerabilities fixed

The sendmail packages in Slackware 8.1, 9.0, and -current have been patched to fix security problems. These issues seem to be remotely exploitable, so all sites running sendmail should upgrade right away. Sendmail's 8.12.10 announcement may be found here: http://www.sendmail.org/8.12.10.html Here...

Remote Buffer Overrun WebAdmin.exe

NGSSoftware Insight Security Research Advisory Name: Remote System Buffer Overrun WebAdmin.exe Systems Affected: Windows Severity: High Risk Category: Buffer Overrun Vendor URL: http://www.altn.com/ Author: Mark Litchfield [email protected] Date: 24th June 2003 Advisory number: NISR2406-03...

Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Remote Buffer Overflow (3)

E-DB Note: Updated Exploit https://www.exploit-db.com/exploits/22368/ source: https://www.securityfocus.com/bid/7116/info The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function "RtlDosPathNameToNtPathNameU"...

Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Remote Buffer Overflow (1)

E-DB Note: Updated Exploit https://www.exploit-db.com/exploits/22368/ source: https://www.securityfocus.com/bid/7116/info The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function "RtlDosPathNameToNtPathNameU"...

myphpPagetool (php)

Informations : °°°°°°°°°°°°°° Version : 0.4.3-1 Website : http://myphppagetool.sourceforge.net/ Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° In /doc/admin/, in the files index.php, help1.php, help2.php, help3.php, help4.php, help5.php, help6.php, help7.php, help8.php and help9.p...

rsync fails to properly handle negative values specified for signed integers thereby allowing remote command execution

Overview There exist several signed-integer vulnerabilities in rsync. If rsync is run as a daemon, a remote-root compromise may be possible. Description Included in most distributions of Linux, rsync is a popular tool for synchronizing files across multiple hosts. Though not enabled in the defaul...

ADV/EXP:pic/lpd remote exploit - RH 7.0

Vendor security list has been notified and as of last contact, on Mon July 9 2001, a patch which seemed to work had been worked out. This patch is attached. groff-1.16.1.diff Official patches are sure to follow. ---- begin pic-lpr-remote.c ---- includestdio.h...

Vulnerability in CGI counter 4.0.7 by George Burgyan

I've found no mention of this vulnerability in Bugtraq or in the CVE nor have I been able to contact the author, so I'm posting here to give everyone the opportunity to protect themselves. This vulnerability is being actively exploited and has been reported to CERT. The popular CGI web page acces...

DUO-PSA-2015-003: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2015-003 Original Publication Date: 2015-08-06 Revision Date: 2015-08-10 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue which, under certain configurations, could have enabled attackers to bypass...