Oracle clear text passwords (#NISR2122004D)

NGSSoftware Insight Security Research Advisory Name: Oracle 10g clear text passwords Systems Affected: Oracle 10g on all operating systems Severity: Medium Risk Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...

[SA13352] FreeBSD procfs/linprocfs Process Argument Vector Handling Vulnerability

TITLE: FreeBSD procfs/linprocfs Process Argument Vector Handling Vulnerability SECUNIA ADVISORY ID: SA13352 VERIFY ADVISORY: http://secunia.com/advisories/13352/ CRITICAL: Less critical IMPACT: Exposure of system information, Exposure of sensitive information, DoS WHERE: Local system OPERATING...

MS04-032: Security Update for Microsoft Windows (840987)

The remote host is missing a security update for Microsoft Windows 840987. The missing security update fixes issues in the following areas : - Window Management - Virtual DOS Machine - Graphics Rendering Engine - Windows Kernel A local attacker could exploit any of these vulnerabilities to cause ...

MS04-037: Vulnerability in Windows Shell (841356)

The remote version of Windows contains a flaw in the Windows Shell that could allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to lure a victim into visiting a malicious website or into opening a malicious file attachment. C Tenable...

[VulnWatch] Patch available for critical IBM DB2 Universal Database flaws

Researchers at NGSSoftware have discovered multiple critical/high risk vulnerabilities in IBM's DB2 Universal Database. Versions affected include DB2 8.1 Fixpak 7 and earlier IBM has updated Fixpak 6 and 7 to 6a and 7a to include fixes for these flaws. In all, 20 vulnerabilities, mostly remotely...

Mozilla contains heap overflow in UTF8 conversion of hostname portion of URLs

Overview A vulnerability in the way Mozilla and its derived programs handle certain malformed URLs could allow a remote attacker to execute arbitrary code on a vulnerable system. Description A vulnerability exists in the way that some versions of the Mozilla and Firefox web browsers, and...

Sun Enterprise Storage Manager may allow an unprivileged local user to gain root access

Overview A vulnerability exists in Sun StorEdge Enterprise Storage Manager ESM that may allow unauthorized local users to gain root privileges. Description The Sun StorEdge Enterprise Storage Manager ESM version 2.1 for the Sun SPARC platform may allow non-root local users assigned the "EMSUser"...

Fedora Core 1 : mc-4.6.0-8.4 (2004-058)

Sat Jan 31 2004 Jakub Jelinek 4.6.0-8.4 - fix previous patch - Fri Jan 30 2004 Jakub Jelinek 4.6.0-8.3 - update php.syntax file 112645 - fix crash with large syntax file 112644 - Fri Jan 23 2004 Jakub Jelinek 4.6.0-8.2 - update CVE-2003-1023 fix to still make vfs symlinks relative, but with...

vBulletin HTML Injection Vuln

Advisory Name : vBulletin HTML Injection Vulnerability Release Date : June 24,2004 Application : vBulletin Test On : 3.0.1 or others? Vendor : Jelsofthttp://www.vbulletin.com/ Discover : Cheng Peng Suapplesoupatmsn.com Intro: From vendor's website ,it says that ,vBulletin is a powerful, scalable...

roundUP.txt

Vickenty Fesunov 2004-05-27 04:51 random filesystem access Roundup uses /home/@@file/ prefix to get static files from the filesystem. It does not restrict in any way the files that are handled. I have a roundup tracker home at /home/kent/cit, then I do the following: kent@kent:$ nc localhost 8080...

MS04-012: Microsoft Hotfix (credentialed check) (828741)

The remote host has multiple bugs in its RPC/DCOM implementation 828741. An attacker could exploit one of these flaws to execute arbitrary code on the remote system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12206; scriptversion"1.45"; scriptcvsdate"Date:...

[Full-Disclosure] MondoSoft - MsmLink.exe - Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - MsmLink.exe - Denial of Service Application : MondoSearch versions prior to 5.1b Author: Dennis Rand dra at protego.dk Advisory URL: http://www.protego.dk/advisories/200403.html Vendor Name: MondoSoft Vendor URL:...

[Full-Disclosure] VieNuke VieBoard SQL Injection Vulnerability... again

--- http://www.securityfocus.com/bid/8967/info/ ... Solution: VieNuke has released a patch: http://www.vienuke.com/VieBoardPatch.zip ... --- http://www.securityfocus.com/bid/8967/solution/ ... VieNuke VieBoard 2.6 Beta 1: VieNuke Patch VieBoardPatch.zip http://www.vienuke.com/VieBoardPatch.zip...

FreeBSD-SA-03:14.arp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:14.arp Security Advisory The FreeBSD Project Topic: denial of service due to ARP resource starvation Category: core Module: sys Announced: 2003-09-25 Credits:...

VMware Workstation 4.0.1 (for Linux systems) vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Description - ----------- The following products have a vulnerability that can allow a non-root user of the host system to delete files. VMware Workstation 4.0.1 for Linux systems build 5289 and earlier releases Details/Impact - -------------- By...

Microsoft Windows RPC service vulnerable to denial of service

Overview A vulnerability exists in Microsoft's Remote Procedure Call RPC implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. Description Microsoft has released MS03-039 to address a vulnerability...

VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems) vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Description - ----------- The following products have a vulnerability that can allow a user of the host system to start an arbitrary program with root privileges: VMware GSX Server 2.5.1 for Linux systems build 4968 and earlier releases VMware...

MS03-031: Cumulative Patch for MS SQL Server (815495)

The remote Microsoft SQL server is vulnerable to several flaws : - Named pipe hijacking - Named Pipe Denial of Service - SQL server buffer overrun These flaws could allow a user to gain elevated privileges on this host. C Tenable Network Security, Inc. include"compat.inc"; if description...

MS03-039: Microsoft Windows RPC DCOM Interface epmapper Pipe Hijack Local Privilege Escalation (824146) (intrusive check)

It is possible to disable the remote RPC DOM interface by sending it a malformed request. The system will need to be rebooted to recover. A remote attacker could exploit this flaw to remotely disable RPC- related programs on this host. If a denial of service attack is successful, a local attacker...

VMware Workstation 4.0: Possible privilege escalation on the host via symlink manipulation

It is possible for a user to gain an esclation in privileges on a system running VMware Workstation 4.0 for Linux systems by symlink manipulation in a world-writable directory such as /tmp. Affected systems: VMware Workstation 4.0 for Linux systems Dates: This was reported to VMware on 2003-06-17...