[SA12511] Twin FTP Server Directory Traversal Vulnerability

TITLE: Twin FTP Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA12511 VERIFY ADVISORY: http://secunia.com/advisories/12511/ CRITICAL: Highly critical IMPACT: Manipulation of data, Exposure of system information, Exposure of sensitive information WHERE: From remote SOFTWARE: Twin F...

[Full-Disclosure] iDEFENSE Security Advisory 09.09.04: F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability

F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability iDEFENSE Security Advisory 09.09.04 www.idefense.com/application/poi/display?id=137&type=vulnerabilities September 9, 2004 I. BACKGROUND F-Secure Internet Gatekeeper is an antivirus and content filtering solution...

CVE-2002-1141

The CVE-2002-1141 issue is a vulnerability in the Sun Microsystems RPC library Services for Unix 3.0 Interix SD, executed on Windows NT4/2000/XP. It stems from an input validation error that can be exploited by malformed fragmented RPC client packets, enabling a remote denial of service. The docu...

FreeBSD Ports : rsync < 2.6.2_2

The remote host has an old version of rsync installed. There is a flaw in this version of rsync which, due to an input validation error, would allow a remote attacker to gain access to the remote system. An attacker, exploiting this flaw, would need network access to the TCP port. Successful...

Important: Red Hat Security Advisory: acroread security update

An updated Adobe Acrobat Reader package that fixes multiple security issues is now available. The Adobe Acrobat Reader browser allows for the viewing, distributing, and printing of documents in portable document format PDF. iDEFENSE has reported that Adobe Acrobat Reader 5.0 contains a buffer...

RHEL 3 : acroread (RHSA-2004:432)

An updated Adobe Acrobat Reader package that fixes multiple security issues is now available. The Adobe Acrobat Reader browser allows for the viewing, distributing, and printing of documents in portable document format PDF. iDEFENSE has reported that Adobe Acrobat Reader 5.0 contains a buffer...

[Full-Disclosure] iDEFENSE Security Advisory 08.12.04a: Adobe Acrobat Reader &#40;Unix&#41; Shell Metacharacter Code Execution Vulnerability

Adobe Acrobat Reader Unix Shell Metacharacter Code Execution Vulnerability iDEFENSE Security Advisory 08.12.04a www.idefense.com/application/poi/display?id=124&type=vulnerabilities August 12, 2004 I. BACKGROUND Adobe Acrobat Reader is a program for viewing Portable Document Format PDF documents...

acroread uudecoder input validation error

An iDEFENSE security advisory reports: Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader Unix 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded...

FreeBSD : acroread uudecoder input validation error (78348ea2-ec91-11d8-b913-000c41e2cdad)

An iDEFENSE security advisory reports : Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader Unix 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded...

CORE-2004-0714: Cfengine RSA Authentication Heap Corruption

Core Security Technologies Advisory http://www.coresecurity.com Cfengine RSA Authentication Heap Corruption Date Published: 2004-08-09 Last Update: 2004-08-09 Advisory ID: CORE-2004-0714 Bugtraq ID: None currently assigned. CVE Name: None currently assigned. Title: Cfengine RSA Authentication Hea...

RHEL 2.1 : openssh (RHSA-2002:131)

Updated openssh packages are now available for Red Hat Linux Advanced Server. These updates fix an input validation error in OpenSSH. OpenSSH provides an implementation of the SSH secure shell protocol used for logging into and executing commands on remote machines. Versions of the OpenSSH server...

FreeBSD-SA-04:13.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:13.linux Security Advisory The FreeBSD Project Topic: Linux binary compatibility mode input validation error Category: core Module: kernel Announced: 2004-06-3...

Linux binary compatibility mode input validation error

A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation. It may be possible for a local attacker to read and/or overwrite portions of kernel memory, resulting in disclosure of sensitive information or potential privile...

Multiple Vulnerabilities in Invision Power Board v1.3.1 Final.

Description: Multiple Vulnerabilities in Invision Power Board v1.3.1 Final. Compromise: SQL Injection, Cross site Scripting. Vulnerable Systems: Invision Power Board v1.3.1 Final. Details: An Input Validation Error exists in ssi.php. $sqlfields is vulnerable to An Input Validation Error. How to...

Rit Research Labs TinyWeb 1.9.2 - Unauthorized Script Disclosure

source: https://www.securityfocus.com/bid/10445/info TinyWeb Server is affected by an unauthorized script disclosure vulnerability. This issue is due to an input validation error that allows malicious users to bypass standard web server rules. This issue will allow an attacker to download or view...

FreeBSD Security Advisory FreeBSD-SA-04:09.kadmind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:09.kadmind Security Advisory The FreeBSD Project Topic: heimdal kadmind remote heap buffer overflow Category: contrib Module: cryptoheimdal Announced: 2004-05-...

heimdal kadmind remote heap buffer overflow

An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data int...

Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Arbitrary File Overwrite

Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Arbitrary File Overwrite // source: https://www.securityfocus.com/bid/10196/info Reportedly the Unreal Tournament Engine is affected by a local file overwrite vulnerability due to the UMOD manifest.ini file. This issue is due to an input...

Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Arbitrary File Overwrite

// source: https://www.securityfocus.com/bid/10196/info Reportedly the Unreal Tournament Engine is affected by a local file overwrite vulnerability due to the UMOD manifest.ini file. This issue is due to an input validation error that allows a malicious user specify arbitrary files for writing,...

Mod_Survey security advisory: Script injection bug

This was published on the ModSurvey mailing list a few minutes ago. ModSurvey Security Advisory 2004-03-21, Script injection ABOUT MODSURVEY ---------------- ModSurvey is an Apache module which displays and handles questionnaires written in a special XML-based markup language. ModSurvey is...