ACROS Security: Unsanitized Session ID Cookie Allows Modifying Server Response

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2004-10-14-3 ------------------------------------------------------------------------- ASPR 2004-10-14-3: Unsanitized Session ID Cookie Allows Modifying Serv...

ACROS Security: Session Fixation in JRun Management Console

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2004-10-14-2 ------------------------------------------------------------------------- ASPR 2004-10-14-2: Session Fixation in JRun Management Console...

Macromedia JRun Server contains an information disclosure vulnerability

Overview An information disclosure vulnerability exists in the Macromedia JRun that may allow an attacker to view the source code of files in the web root directory. Description Macromedia JRun is an application server that works with most popular web servers such as Apache and IIS. Macromedia...

SA04-002 - Apache config file env variable buffer overflow

SITIC Vulnerability Advisory Advisory Name: Apache config file env variable buffer overflow Advisory Reference: SA04-002 Date of initial release: 2004-09-15 Product: Apache 2.0.x Platform: Linux, BSD systems, Unix, Windows Effect: Code execution when processing .htaccess files Vulnerability...

[VulnWatch] Php Vulnerability N. 2

Let's go for the second one: ========================================= Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Affected: Php = 5.0.1 Not Affected: it seems none Vulnerability Type: Possible write of a downloaded file in an arbitrary location. Vendor Status:...

Moderate: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages that fix a security issue in temporary file handling are now available. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Secunia...

Apple QuickTime Streaming Server vulnerable to DoS

Overview There is a vulnerability in the Apple QuickTime Streaming Server that could allow a remote attacker to cause a denial-of-service condition. Description Apple's QuickTime Streaming Server provides an integrated distribution mechanism for various forms of digital content. There is a...

Samba 3.0.x Denial of Service Flaw

ii A DoS bug in nmbd may allow an attacker to remotely crash the nmbd daemon. Patch Availability The patch file for Samba 3.0.5 addressing both bugs samba-3.0.5-DoS.patch can be downloaded from http://www.samba.org/samba/ftp/patches/security/ The patch has been signed with the "Samba Distribution...

Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service

Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service source: https://www.securityfocus.com/bid/11147/info The Halo Combat Evolved game server is reported prone to a remote denial of service vulnerability. A remote attacker may exploit this vulnerability to deny service...

Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service

source: https://www.securityfocus.com/bid/11147/info The Halo Combat Evolved game server is reported prone to a remote denial of service vulnerability. A remote attacker may exploit this vulnerability to deny service for legitimate game players. Patches are available to address the issue...

[VulnWatch] Patch available for IBM DB2 Universal Database flaws

Researchers at NGSSoftware have discovered multiple critical/high risk vulnerabilities in IBM's DB2 Universal Database. Versions affected include DB2 8.1 Fixpak 6 and earlier DB2 7.x Fixpak 11 and earlier Two of the issues, remotely exploitable buffer overflows, have been fixed in Fixpak 7 for DB...

[VulnWatch] Patch available for multiple critical flaws in Oracle

Researchers at NGSSoftware have discovered multiple critical vulnerabilities in Oracle Database Server and Oracle Application Server. Versions affected include Oracle Database 10g Release 1 Version 10.1.0.2 Oracle9i Database Server Release 2, versions 9.2.0.4 and 9.2.0.5 Oracle9i Database Server...

isakmpd crashes when handling ISAKMP packets with malformed "Security Association Payload"

Overview A vulnerability exists in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security Association and Key Manageme...

Multiple memory leak vulnerabilities in isakmpd

Overview Multiple memory handling vulnerabilities exist in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security...

Winamp <= 5.04 Skin File (.wsz) Remote Code Execution Exploit

No description provided by source. This 0day exploit is known to be circulating in the wild There is no patch for this vulnerability - Do not use Winamp ! http://www.milw0rm.com/sploits/skinhead.rar 171 Ko index.html ----------- html head /head frameset rows=",1" framespacing="0" border="0"...

Hastymail security update

---Software--- Hastymail is a web based IMAP client written in PHP4 released under the GNU GPL. More information about Hastymail can be found at our homepage: http://hastymail.sourceforge.net ---Problem--- A problem was discovered yesterday regarding the use of the "download" link to download...

Fedora Core 1 : kernel-2.4.22-1.2199.nptl (2004-251)

Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversions of 64 to 32-bit file offset pointers and possible race conditions. A local unprivileged user could make use of these flaws to access large portions of kernel memory. The...

CESA-2004-001: libpng

CESA-2004-001 - rev 3 libPNG 1.2.5 stack-based buffer overflow and other code concerns ================================================================ Programs : libpng users including mozilla, konqueror, various e-mail clients, generally lots. Also reports that some versions of IE are vulnerabl...

libpng png_handle_iCCP() NULL pointer dereference

Overview The Portable Network Graphics library libpng contains a remotely exploitable vulnerability that could cause affected applications to crash. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphics Interchange Format...

Mandrake Linux Security Advisory : sendmail (MDKSA-2003:092)

A buffer overflow vulnerability was discovered in the address parsing code in all versions of sendmail prior to 8.12.10 by Michal Zalewski, with a patch to fix the problem provided by Todd C. Miller. This vulnerability seems to be remotely exploitable on Linux systems running on the x86 platform;...