Novell Netware Client code execution

Invalid pointer dereference on named pipe message parsing...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

RHEL 5 : kernel (RHSA-2009:0326)

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

DSA-1705-1 netatalk - arbitrary code execution

Bulletin has no description...

IBM DB2 db2rcmd.exe Command Execution Vulnerability

This module exploits a vulnerability in the Remote Command Server component in IBM's DB2 Universal Database 8.1. An authenticated attacker can send arbitrary commands to the DB2REMOTECMD named pipe which could lead to administrator privileges. This module requires Metasploit:...

ms-sql-info NSE Script

Attempts to determine configuration and version information for Microsoft SQL Server instances. SQL Server credentials required: No will not benefit from mssql.username & mssql.password. Run criteria: Host script: Will always run. Port script: N/A NOTE: Unlike previous versions, this script will...

Denial of service

srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service system crash or possibly have unspecified other impact via an SMB WRITEANDX packet with an offset that is...

Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS

Some days ago i have discovered a DoS in Windows Vista. Here is the advisory with a detailed description about the vulnerability that will help to Microsoft they have been already notified about the bug to correct it as soon as possible, and it will help you if you need to add any rule for your...

Postfix < 2.4.9 2.5.5 2.6-20080902 (.forward) Local DoS Exploit

No description provided by source. / http://www.wekk.net/research/CVE-2008-4042/CVE-2008-4042-exploit.c http://www.wekk.net/research/CVE-2008-3889/CVE-2008-3889-exploit.c Exploit for Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel...

mswritesmb-dos.txt

Some days ago i have discovered a DoS in Windows Vista. Here is the advisory with a detailed description about the vulnerability that will help to Microsoft they have been already notified about the bug to correct it as soon as possible, and it will help you if you need to add any rule for your...

FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj

The remote host is missing an update to the system as announced in the referenced advisory. VID 72da8af6-7c75-11d9-8cc5-000854d03344 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

GLSA-200808-03 : Mozilla products: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200808-03 Mozilla products: Multiple vulnerabilities The following vulnerabilities were reported in all mentioned Mozilla products: TippingPoint's Zero Day Initiative reported that an incorrect integer data type is used as a CSS...

Design/Logic Flaw

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' pipe characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely...

Firefox 3.x < 3.0.1 Multiple Vulnerabilities

The installed version of Firefox is affected by various security issues : - By creating a very large number of references to a common CSS object, an attacker can overflow the CSS reference counter, causing a crash when the browser attempts to free the CSS object while still in use and allowing fo...

Firefox command line URL launches multi-tabs

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' pipe characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely...

Firefox command line URL launches multi-tabs

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' pipe characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely...

AST-2008-009: &#40;Corrected subject&#41; Remote crash vulnerability in ooh323 channel driver

Asterisk Project Security Advisory - AST-2008-009 +------------------------------------------------------------------------+ | Product | Asterisk-Addons | |--------------------+---------------------------------------------------| | Summary | Remote crash vulnerability in ooh323 channel | | | driv...

VMware Server 1.0.5多个安全漏洞

BUGTRAQ ID: 28276 CVECAN ID: CVE-2008-1361,CVE-2008-1362,CVE-2008-1363 VMware Server是一款简单易用的服务器虚拟工具。 VMware Server中存在多个安全漏洞，允许恶意的本地用户获得权限提升或导致拒绝服务。 恶意的Windows用户可以通过导致authd进程连接到打开的受恶意用户控制的命名管道获得LocalSystem权限，还可能利用不安全的命名管道对象获得权限提升或导致拒绝服务。在这种情况下，攻击者可以扮演成为authd并获得Authd所执行的权限。...

CVE-2008-1361

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that...

Code injection

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by...