Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service

Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service source: https://www.securityfocus.com/bid/11147/info The Halo Combat Evolved game server is reported prone to a remote denial of service vulnerability. A remote attacker may exploit this vulnerability to deny service...

Gearbox Software Halo Combat Evolved 1.x - Game Server Remote Denial of Service

source: https://www.securityfocus.com/bid/11147/info The Halo Combat Evolved game server is reported prone to a remote denial of service vulnerability. A remote attacker may exploit this vulnerability to deny service for legitimate game players. Patches are available to address the issue...

[VulnWatch] Patch available for IBM DB2 Universal Database flaws

Researchers at NGSSoftware have discovered multiple critical/high risk vulnerabilities in IBM's DB2 Universal Database. Versions affected include DB2 8.1 Fixpak 6 and earlier DB2 7.x Fixpak 11 and earlier Two of the issues, remotely exploitable buffer overflows, have been fixed in Fixpak 7 for DB...

[VulnWatch] Patch available for multiple critical flaws in Oracle

Researchers at NGSSoftware have discovered multiple critical vulnerabilities in Oracle Database Server and Oracle Application Server. Versions affected include Oracle Database 10g Release 1 Version 10.1.0.2 Oracle9i Database Server Release 2, versions 9.2.0.4 and 9.2.0.5 Oracle9i Database Server...

Multiple memory leak vulnerabilities in isakmpd

Overview Multiple memory handling vulnerabilities exist in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security...

isakmpd crashes when handling ISAKMP packets with malformed "Security Association Payload"

Overview A vulnerability exists in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security Association and Key Manageme...

Winamp <= 5.04 Skin File (.wsz) Remote Code Execution Exploit

No description provided by source. This 0day exploit is known to be circulating in the wild There is no patch for this vulnerability - Do not use Winamp ! http://www.milw0rm.com/sploits/skinhead.rar 171 Ko index.html ----------- html head /head frameset rows=",1" framespacing="0" border="0"...

Hastymail security update

---Software--- Hastymail is a web based IMAP client written in PHP4 released under the GNU GPL. More information about Hastymail can be found at our homepage: http://hastymail.sourceforge.net ---Problem--- A problem was discovered yesterday regarding the use of the "download" link to download...

Fedora Core 1 : kernel-2.4.22-1.2199.nptl (2004-251)

Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversions of 64 to 32-bit file offset pointers and possible race conditions. A local unprivileged user could make use of these flaws to access large portions of kernel memory. The...

CESA-2004-001: libpng

CESA-2004-001 - rev 3 libPNG 1.2.5 stack-based buffer overflow and other code concerns ================================================================ Programs : libpng users including mozilla, konqueror, various e-mail clients, generally lots. Also reports that some versions of IE are vulnerabl...

libpng png_handle_iCCP() NULL pointer dereference

Overview The Portable Network Graphics library libpng contains a remotely exploitable vulnerability that could cause affected applications to crash. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphics Interchange Format...

Mandrake Linux Security Advisory : sendmail (MDKSA-2003:092)

A buffer overflow vulnerability was discovered in the address parsing code in all versions of sendmail prior to 8.12.10 by Michal Zalewski, with a patch to fix the problem provided by Todd C. Miller. This vulnerability seems to be remotely exploitable on Linux systems running on the x86 platform;...

Mandrake Linux Security Advisory : cvs (MDKSA-2004:048)

Stefan Esser discovered that malformed 'Entry' lines in combination with Is-modified and Unchanged can be used to overflow malloced memory in a way that can be remotely exploited. The updated packages contain a patch to correct the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[Full-Disclosure] [VSA0402] OpenFTPD format string vulnerability

VSA0402 - openftpd - void.at security notice Overview ======== We have discovered a format string vulnerability in openftpd http://www.openftpd.org:9673/openftpd. OpenFTPD is a free, open source FTP server implementation for the UNIX platform. FTP4ALL is not vulnerable it doesnt use that message...

EEYE: RealPlayer embd3260.dll Error Response Heap Overflow

RealPlayer embd3260.dll Error Response Heap Overflow Release Date: June 10, 2004 Date Reported: May 14, 2004 Severity: High Remote Code Execution Vendor: RealNetworks Systems Affected: RealOne Player RealOne Player v2 RealPlayer 10 RealPlayer 8 RealPlayer Enterprise Description: eEye Digital...

Trend Officescan local privilege escalation

Product: Trend OfficeScan Product Description: Trend OfficeScan is a Corporate Antivirus product from Trend Microsystems Versions affected: Tested on 5.5 others may be vulnerable Vulnerability type: Local privilege escalation Vendor URL: http://www.trendmicro.com OS tested Windows XP + SP1 others...

[security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBMA01045 REVISION: 0 SSRT4719 rev.0 hp OpenView Select Access remote unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin...

[UNIX] OpenBSD Procfs Memory Disclosure Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

[Full-Disclosure] CSA-200402-1: Previous Open Webmail vulnerability is exploitable

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cycom AB Security Advisory CSA-200402-1 www.cycom.se Advisory: Previous Open Webmail vulnerability is exploitable Date: Sat Feb 21 15:18:21 CET 2004, updated: Thu May 6 10:37:29 CEST 2004 Application: Open Webmail 2.20, 2.21 and 2.30 and -current...

Gaim contains a buffer overflow vulnerability in the gaim_quotedp_decode() function

Overview There is a buffer overflow vulnerability in the Gaim gaimquotedpdecode function, which could cause a pointer to reference memory beyond the terminating null byte. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It includes a feature tha...