[SA17134] PHP Advanced Transfer Manager HTML Upload Vulnerability

TITLE: PHP Advanced Transfer Manager HTML Upload Vulnerability SECUNIA ADVISORY ID: SA17134 VERIFY ADVISORY: http://secunia.com/advisories/17134/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PHP Advanced Transfer Manager 1.x...

Microsoft Windows MSDTC Memory Corruption Vulnerability

Description The Microsoft Windows MSDTC Microsoft Distribution Transaction Coordinator service is prone to a memory corruption vulnerability. This issue could allow for execution of arbitrary code in the context of the service. The vulnerability may be remotely exploitable in some circumstances,...

Microsoft MSDTC TIP Distributed Denial Of Service Vulnerability

Description The Microsoft MSDTC Microsoft Distribution Transaction Coordinator service is prone to a vulnerability that may permit denial of service attacks against the service or facilitate distributed denial of service attacks against other computers. The vulnerability exists in the TIP...

Microsoft Windows XP20002003 - MSDTC TIP Denial of Service (MS05-051)

Microsoft Windows XP20002003 - MSDTC TIP Denial of Service MS05-051 source: https://www.securityfocus.com/bid/15058/info The Microsoft Windows MSDTC Microsoft Distribution Transaction Coordinator service is prone to a denial of service vulnerability. The vulnerability exists in the TIP Transactio...

FL Studio 5 (.flp file processing) Heap Overflow

Release Date:-- 26th September 2005 Severity:-- High Arbitrary Code Execution Vendor:-- Image-Line Software Vendor Status:-- Vendor Contacted --- No Response Systems Affected:-- Fl Studio v5.0.1 Confirmed Vulnerability may also exist in previous and current versions Background:-- FL Studio is a...

Online Dating Software by AEwebworks - aeDating Script <= 4.0 Version Vulnerability

Online Dating Software by AEwebworks - aeDating Script = 4.0 Version I have found Vulnerability in Online Dating Software by AEwebworks - aeDating Script = 4.0 version which is exploitable when you are searching for your soulmate at aeDating service Software. For example : www.target.com/search.p...

freeradius -- multiple vulnerabilities

The freeradious development team reports: Multiple issues exist with version 1.0.4, and all prior versions of the server. Externally exploitable vulnerabilities exist only for sites that use the rlmsqlcounter module. Those sites may be vulnerable to SQL injection attacks, similar to the issues...

Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow

The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition. Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Teln...

myBloggie "username" SQL Injection Vulnerability

Secunia Advisory: SA16699 Release Date: 2005-09-05 Critical: Moderately critical Impact: Security Bypass Manipulation of data Where: From remote Solution Status: Vendor Patch Software: myBloggie 2.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it...

[Full-disclosure] mutt buffer overflow

Summary/Impact: There is a buffer overflow in mutt found thanks to ProPolice, which may allow an attacker to execute code by sending a maliciously crafted email. All latest versions appear affected. Mutt is an e-mail client that sucks less according to the headline on http://www.mutt.org/ Details...

Grandstream Budge Tone 101/102 DoS Vulnerability

------------------------------------------------------------------- SySS-Advisory: Grandstream Budge Tone 101/102 DoS Vulnerability - ------------------------------------------------------------------- Problem discovered: July 20th 2005 Vendor contacted: July 21th 2005 Advisory will published on:...

Novell eDirectory Server iMonitor Multiple Remote Overflows

The remote host is running a version of eDirectory iMonitor that is vulnerable to a remote buffer overflow. An attacker may exploit this flaw to execute arbitrary code on the remote host or to disable this service remotely. To exploit this flaw, an attacker would need to send a specially crafted...

[SA16235] Hosting Controller comgetfile.asp Information Disclosure

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

SSA-18695 mutt remote exploit patched

An exploitable overflow has been found in the address handling code of the mutt mail client version 1.2.5i supplied with Slackware 8.0. A new mutt-1.2.5.1 has been released which addresses this problem, and packages are now available for Slackware 8.0 and -current. We urge all Slackware users to...

Slackware 8.1 / 9.0 / current : Sendmail vulnerabilities fixed (SSA:2003-260-02)

The sendmail packages in Slackware 8.1, 9.0, and -current have been patched to fix security problems. These issues seem to be remotely exploitable, so all sites running sendmail should upgrade right away. Sendmail's 8.12.10 announcement may be found here: http://www.sendmail.org/8.12.10.html...

FreeBSD : kstars -- exploitable set-user-ID application fliccd (0512b761-70fb-40d3-9954-aa4565528fa8)

A KDE Security Advisory explains : Overview KStars includes support for the Instrument Neutral Distributed Interface INDI. The build system of this extra 3rd party software contained an installation hook to install fliccd part of INDI as SUID root application. Erik Sjolund discovered that the cod...

Infopop UBB Threads Multiple Vulnerabilities

GulfTech Security Research June 23rd, 2005 Vendor : Infopop Corporation URL : http://www.ubbcentral.com/ubbthreads/ Version : All Versions Prior To 6.5.2 Beta Risk : Multiple Vulnerabilities Description: UBB Threads is a very popular forum system developed by Infopop. There are a number of...

Microsoft Step-By-Step Interactive Training Bookmark Link Buffer Overflow Vulnerability

Description Microsoft Step-By-Step Interactive Training is prone to a buffer overflow vulnerability. This is due to a boundary condition error related to validation of data in bookmark link files. As bookmark link files may originate from an external source, this issue may be remotely exploitable...

Denial of Service vulnerability in GoodTech SMTP Server for Windows NT/2000/XP version 5.14

Summary: Denial of Service vulnerability in GoodTech SMTP Server for Windows NT/2000/XP version 5.14 http://www.goodtechsys.com/ Details: Input to the RCPT TO command is not properly checked and/or filtered. Issuing a single character 'A' as an argument to the RCTP TO command will cause the smtpd...

pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows

gxine remote exploitable . opensource is god .lol windows www.ph4nt0m.org Systems affected: gxine 0.44 0.43 0.42 0.41 no affected no all exploitable 1:why: it is a http hostname format string vulnerability.. new firefox can run gxine in many linux DS... so very dangerous!!!!!!!!!!!!!!!!!! 2:tips:...