Buffer overrun in NSS host lookup Winbind

Description NOTE: This security advisory only affects Sun Solaris systems running Samba's winbindd daemon and configured to make use of the nsswinbind.so.1 library for gethostbyname and getipnodebyname name resolution queries. For example, /etc/nsswitch.conf ... ipnodes: files winbind hosts: file...

[Full-disclosure] MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MHL-2006-002 - Public Advisory +-----------------------------------------------------------+ | Call-Center-Software Multiple Security Issues | +-----------------------------------------------------------+ PUBLISHED ON October 11th, 2006 PUBLISHED AT...

PT-2006-5349 · Joomla +1 · Joomla! +1

Name of the Vulnerable Software and Affected Versions: Mambo and Joomla Description: A remote file inclusion issue allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter in the JIM component. Recommendations: For Mambo and Joomla, as a temporary...

ERNW-02-2006.txt

ERNW Security Advisory 02-2006 Buffer Overflow in SIP Foundry's SipXtapi Author: Michael Thumann Homepage: www.ernw.de 1. Summary: The sipXtapi library from sip foundry contains a buffer overflow when parsing the CSeq field. This flaw can be used by an attacker to gain control over EIP and execut...

PT-2005-2742 · Linux +1 · Davfs2 +1

Name of the Vulnerable Software and Affected Versions: davfs2 version 0.2.3 Description: The issue is related to the improper enforcement of Unix permissions in the WEB-DAV Linux File System davfs2, allowing local users to write arbitrary files on a davfs2 mounted filesystem. Recommendations: For...

PT-2005-1582 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.10 through 2.6.11rc1-bk6 Description: The issue arises from the Linux kernel using different size types for offset arguments to the proc file read and locks read proc functions. This discrepancy leads to a heap-based...

RHEL 2.1 / 3 : mailman (RHSA-2005:136)

Updated mailman packages that correct a mailman security issue are now available. The mailman package is software to help manage email discussion lists. A flaw in the truepath function of Mailman was discovered. A remote attacker who is a member of a private mailman list could use a carefully...

PT-2004-2782 · Ipswitch · Ipswitch Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: Ipswitch WS FTP Server version 4.0.2 Description: The issue involves multiple buffer overflows that allow remote authenticated users to execute arbitrary code. This can be achieved by causing a large error string to be generated by the ALLO...

[SAMBA] CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x = 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-R...

[SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Possible Buffer Overrun in smbd CVE : CAN-2004-0882 Affected Versions: Samba 3.0.x = 3.0.7 Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability - - ------------------ A patch for Samba...

High Risk Vulnerability in Quicktime for Windows

John Heasman of NGSSoftware has discovered a high risk vulnerability in Quicktime for Windows. Versions affected include: Quicktime 6.5.2 and earlier The flaw permits execution of arbitrary code from an HTML environment. The patch can be downloaded from...

Macromedia JRun Server is vulnerable to buffer overflow

Overview A buffer overflow vulnerability exists in the Macromedia JRun web server that may allow an attacker to cause a denial-of-service condition. Description JRun is an application server that works with most popular web servers, such as Apache and IIS. The JRun web server is vulnerable to a...

ERRATA: Potential Arbitrary File Access (CAN-2004-0815)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ERRATA - ------ The original announcement for the Samba vulnerability identified by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5 inclusive were subject the remote file access bug. Later research has confirmed that only Samba 3.0.x = 3.0.2a...

Samba Security Announcement -- Potential Arbitrary File Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Potential Arbitrary File Access Affected Versions: Samba 2.2.x = 2.2.11 and Samba 3.0.x = 3.0.5 Summary: A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable ...

[Full-Disclosure] Cross-Site Scripting Vulnerability in Newtelligence DasBlog

ERNW Security Advisory Cross-Site Scripting Vulnerability in Newtelligence DasBlog Author: Dominick Baier [email protected] 1. Summary: A XSS Cross-Site-Scripting Vulnerability in DasBlog's Event and Activity Viewer allows to inject and execute code on the client's machine. This allows an attacker t...

[NT] Nexgen FTP Server Directory Traversal Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

IIS WebDav Denial of Service attacks - Update to SPI Dynamics

In SPI Dynamics own advisory it mentions that IIS will restart itself - whilst this is true, by supplying a specific number of bytes, we can terminate all the threads, but leaving INETINFO still alive. Despite INETINFO not dying, the process will no longer serve any requests. This provides a more...

NetPBM contains multiple buffer overflow vulnerabilities

Overview NetPBM is a set of graphics conversion tools and has been found to contain multiple buffer overflow vulnerabilities. Description A code review of NetPBM has revealed multiple buffer overflow vulnerabilities. These vulnerabilities could be exploited by loading malicious image files. ---...

DSA-260 file - buffer overflow

Bulletin has no description...

E-theni (PHP)

Informations : °°°°°°°°°°°°°° Version : ? Website : http://www.theni.freesurf.fr Problems : - Include file - phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° /admint/include/afflistelangue.php : ----------------------------------------- require $repinclude."paralangue.php";...