[SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow

Advisory Name: Ethereal 0.10.10 SIP Dissector Overflow Release Date: 05/07/05 Application: Ethereal 0.10.10 and Prior Platform: Multiple Severity: A remote attacker can execute arbitrary commands Author: Ejovi Nuwere ejoviATsecuritylab.net Vendor Status: Vendor has published patch Reference:...

[Full-disclosure] [SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow

Advisory Name: Ethereal 0.10.10 SIP Dissector Overflow Release Date: 05/07/05 Application: Ethereal 0.10.10 and Prior Platform: Multiple Severity: A remote attacker can execute arbitrary commands Author: Ejovi Nuwere ejoviATsecuritylab.net Vendor Status: Vendor has published patch Reference:...

Convert-UUlib 1.04/1.05 Perl Module - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/13401/info Convert-UUlib Perl module is prone to a remotely exploitable buffer-overflow vulnerability. A remote attacker may leverage this condition to overwrite sensitive program control variables and thus gain control of the process's execution flow. Th...

Microsoft Windows Kernel Object Management Denial Of Service Vulnerability

Description The Microsoft Windows kernel is prone to a locally exploitable denial-of- service vulnerability. The issue is related to object management in the Windows kernel. Technologies Affected Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows...

iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability

Microsoft Multiple E-Mail Client Address Spoofing Vulnerability iDEFENSE Security Advisory 04.08.05 http://www.idefense.com/application/poi/display?type=vulnerabilities April 8, 2005 I. BACKGROUND Microsoft Outlook provides an integrated solution for managing and organizing e-mail messages,...

GLSA-200503-32 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-32 Mozilla Thunderbird: Multiple vulnerabilities The following vulnerabilities were found and fixed in Mozilla Thunderbird: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete...

- Argeniss - Oracle Database Server Directory transversal

Argeniss Security Advisory Name: Oracle Database Server Directory transversal Affected Software: Oracle Database Server versions 8i and 9i Severity : Medium Remote exploitable: Yes Authentication to Database Server is needed Credits: Cesar Cerrudo Date: 03/07/05 Advisory Number: ARG030501 Details...

-==phpBB 2.0.13 Full path disclosure==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 09 - 03/03/05 -------------------------------------------------------- Program: phpBB 2.0.13 Homepage: http://www.phpbb.com Vulnerable Versions: phpBB 2.0.13 & Lower versions Risk: Low Risk!! Impact: Full...

phpMyAdmin261.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpMyAdmin 2.6.1 Remote file inclusion and XSS cXIb8O3.4 Author: Maksymilian Arciemowicz cXIb8O3 Date: 24.2.2005 - --- 0.Description --- phpMyAdmin 2.6.1 is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently i...

HP-UX PHSS_27477 : s700_800 11.04 Virtualvault 4.5 Inside Admin Server Update

s700800 11.04 Virtualvault 4.5 Inside Admin Server Update : The remote HP-UX host is affected by multiple vulnerabilities : - Remotely exploitable potential vulnerabilities have been reported in CA-2002-21 and CVE-2002-0658. - A potential remotely exploitable vulnerability in handling of large da...

[Full-Disclosure] Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1

Savant web server Buffer Overflow Exploit Discovered by : Mati Aharoni Coded by : Tal Zeltzer and Mati Aharoni www.see-security.com FOR RESEACRH PURPOSES ONLY! import struct import socket sc = "x90" 21 win32adduser - PASS=pwd EXITFUNC=thread USER=X Size=232 Encoder=PexFnstenvSub...

DilAurDimag-Advisory-07-20-12-2004.txt

------------------------------------------------------------------------------------ DilAurDimag - Advisory 07 - 20/12/04 ------------------------------------------------------------------------------------ Program: ChangePassword, a YP/Samba/Squid password-changing tool Homepage:...

Jef Moine abcm2ps 3.7.20 - '.ABC' File Remote Buffer Overflow

source: https://www.securityfocus.com/bid/12022/info abcm2ps is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data into sensitive process buffers. It is reported that this...

[SA13012] TortoiseCVS "SSH2_MSG_DEBUG" Packet Handling Buffer Overflow

TITLE: TortoiseCVS "SSH2MSGDEBUG" Packet Handling Buffer Overflow SECUNIA ADVISORY ID: SA13012 VERIFY ADVISORY: http://secunia.com/advisories/13012/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: TortoiseCVS 1.x http://secunia.com/product/4183/ DESCRIPTION: A...

zgv -- exploitable heap overflows

infamous41md reports: zgv uses malloc frequently to allocate memory for storing image data. When calculating how much to allocate, user supplied data from image headers is multiplied and/or added without any checks for arithmetic overflows. We can overflow numerous calculations, and cause small...

Patch available for multiple high risk vulnerabilities in RealPlayer

John Heasman of NGSSoftware has discovered multiple high risk vulnerabilities in RealPlayer. Versions affected include RealPlayer 10.5 6.0.12.1040 RealPlayer 10.5 Beta 6.0.12.1016 RealPlayer 10 RealOne Player v1, v2 RealPlayer 8 RealPlayer Enterprise The flaws, that include remotely exploitable...

[Full-Disclosure] [HV-HIGH] MS Word multiple exceptions, at least one exploitable

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MS Word multiple exceptions, at least one exploitable. Classification: =============== Level: low-MED-high-crit ID: HEXVIEW200410061 Overview: ========= MS Word is a highly overrated and widely used text processor, a part of monstrous collection of...

samba -- remote file disclosure

According to a Samba Team security notice: A security vulnerability has been located in Samba 2.2.x = 2.2.11 and Samba 3.0.x = 3.0.5. A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for th...

WordPress 1.2 - wp-login.php Multiple Cross-Site Scripting Vulnerabilities

WordPress 1.2 - wp-login.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize...

CVE-2001-0612

CVE-2001-0612 affects McAfee Remote Desktop 3.0 and earlier. The vulnerability allows a remote attacker to cause a denial of service (crash) by sending a large number of packets to port 5045. The NVD entry lists a CVSS v2 base score of 5.0 (Medium) with network access, no authentication, and part...