RHEL 2.1 : sendmail (RHSA-2003:121)

Updated Sendmail packages are available to fix a vulnerability that allows local and possibly remote attackers to gain root privileges. Sendmail is a widely used Mail Transport Agent MTA which is included in all Red Hat Enterprise Linux distributions. There is a vulnerability in Sendmail versions...

RHEL 2.1 : krb5 (RHSA-2002:250)

A remotely exploitable stack-based buffer overflow has been found in the Kerberos v4 compatibility administration daemon distributed with the Red Hat Linux krb5 packages. Updated 09 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Kerberos is a network authentication system. A...

RHEL 2.1 : sharutils (RHSA-2003:180)

Updated packages for sharutils which fix potential privilege escalation using the uudecode utility are available. The sharutils package contains a set of tools for encoding and decoding packages of files in binary or text format. The uudecode utility creates an output file without checking to see...

phpEscape.txt

SEC-CONSULT Security Advisory - PHP: Hypertext Preprocessor Vendor: PHP http://www.php.net Product: PHP 4.3.6 and below verified in 4.3.5 which was current when the bug was discovered Vendor status: vendor contacted 04-04-2004 Patch status: Problem fixed in 4.3.7 =========== DESCRIPTION =========...

[Full-Disclosure] Bug in PaX Linux Kernel 2.6 Patches

http://www.cr-secure.net Found by: borg ChrisR- A small bug in PaX was found. What is PaX? ----------------------- PaX is a collection of intrusion prevention patches for the Linux Kernel 2.2, 2.4, and 2.6. This advisory only affects the PaX patches for the 2.6 linux kernel. PaX is located at...

PT-2004-1350 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.8.13 through 0.10.2 Description: The issue is related to multiple buffer overflows that can be triggered by remote attackers, potentially leading to a denial of service or the execution of arbitrary code. This can occur vi...

Important: Red Hat Security Advisory: kdelibs security update

Updated kdelibs packages that fix a flaw in cookie path handling are now available. Konqueror is a file manager and Web browser for the K Desktop Environment KDE. Flaws have been found in the cookie path handling between a number of Web browsers and servers. The HTTP cookie standard allows a Web...

Lam3rZ Security Advisory #3/2004: A bug in Confirm leads to remote command execution

Lam3rZ Security Advisory 3/2004 23 Feb 2004 Remote command execution in Confirm Name: Confirm =0.62 Severity: High Software URL: http://freshmeat.net/projects/confirm/ Software author: David Lechnyr davidrl/at/comcast/dot/net Advisory author: Mariusz Woloszyn emsi/AT/GTS/dot/PL Vendor notified: F...

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Overview Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. Description The HTTP Security Servers component of Check Point Firewall-1 contains an HTTP parsing vulnerability that is triggered by...

[SECURITY] [DSA 433-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel)

-------------------------------------------------------------------------- Debian Security Advisory DSA 433-1 [email protected] http://www.debian.org/security/ Martin Schulze February 4th, 2004 http://www.debian.org/security/faq -...

phpBB 2.06 search.php SQL injection

Hello bugtraq readers, A vulnerability exists in phpBB 2.06 that could allow an attacker to manipulate SQL queries and gain administrative control over the forum. The search.php script of the application does not sufficiently sanitize the input of the "searchid" parameter. As a result of this an...

Critical: Red Hat Security Advisory: : Updated Sendmail packages fix vulnerability.

Updated Sendmail packages that fix a potentially-exploitable vulnerability are now available. Sendmail is a widely used Mail Transport Agent MTA and is included in all Red Hat Linux distributions. Michal Zalewski found a bug in the prescan function of unpatched Sendmail versions prior to 8.12.10...

Important: Red Hat Security Advisory: glibc security update

Updated glibc packages that fix a number of bugs as well as a buffer overflow issue are now available. The GNU libc package known as glibc contains the standard C libraries used by applications. A bug in the getgrouplist function can cause a buffer overflow if the size of the group list is too...

Important: Red Hat Security Advisory: : Updated kon2 packages fix buffer overflow

A buffer overflow in kon2 allows local users to obtain root privileges. KON is a Kanji emulator for the console. There is a buffer overflow vulnerability in the command line parsing code portion of the kon program up to and including version 0.3.9b. This vulnerability, if appropriately exploited,...

Oracle9i Application Server 9.0.2 - MOD_ORADAV Access Control

source: https://www.securityfocus.com/bid/14274/info The modoradav module for Oracle HTTP Server included in Oracle9i Application Server is prone to a vulnerability. This is related to access controls on the '/davpublic' and '/davportal' directories, allowing a malicious user to fill up the...

Cyrus Sieve / libSieve buffer overflow

problem ------- Cyrus' Sieve implementation contains a couple of classic string based buffer overflows in script parsing code. Anyone who can execute Sieve scripts can exploit these bugs. Versions up to libSieve 2.1.2 and Cyrus IMAP 2.1.10 are affected. Note that with Cyrus IMAP server exploiting...

[security bulletin] SSRT-547 HP Tru64 UNIX Potential Security Vulnerabilities TPC/IP, FTPD, ARP

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: SSRT-547 HP Tru64 UNIX Potential Security Vulnerabilities TPC/IP, FTPD, ARP REVISION: 0 NOTICE: There are no restrictions for distribution of this Bulletin provided that it remains complete and intact. RELEASE DATE: 10 September, 2002 SEVERITY:...

Sun Solaris ptexec does not adequately validate argument passed via -o option

Overview The Sun Solaris ptexec command is subject to a buffer overflow due to not adequately validating arguments passed via the -o option. Description A locally exploitable buffer overflow exists in the ptexec command which is included in the SUNWvts package. This package is not included in the...

File Transfer Protocol allows data connection hijacking via PASV mode race condition

Overview There is a vulnerability in the File Transfer Protocol FTP that allows an attacker to hijack FTP data connections when the client connects using passive mode PASV. Description In FTP PASV mode, the client makes a control connection to the FTP server typically port 21/tcp and requests a...

Security Bulletin (MS00-060) Re-release

Microsoft Security Bulletin MS00-060 - -------------------------------------- Patch Available for "IIS Cross-Site Scripting" Vulnerabilities Originally posted: August 25, 2000 Updated: November 2, 2000 Summary ======= On August 25, 2000, Microsoft released the original version of this bulletin, t...