samba code injection

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the 1 SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute...

Easily crack open the Lost Password laptop-vulnerability warning-the black bar safety net

For laptops, it is best not easily set a password, because the laptop's boot password is not like a PC that stored in CMOS circuit can through the discharge clear, at the moment a new laptop is the password stored on the motherboard of a few blocks of the logic circuit, our personal is not...

Printer Job Language (PJL) Detection

Nessus had detected that the service running on the remote host will answer an HP Printer Job Language PJL request, which indicates that it is a printer device running HP JetDirect. By using the PJL protocol, users can submit printing jobs, transfer files to or from the printer, and change...

Stack overflow

Stack-based buffer overflow in Corel WordPerfect Office X3 13.0.0.565 allows user-assisted remote attackers to execute arbitrary code via a long printer selection PRS name in a Wordperfect document...

CVE-2007-1735

Stack-based buffer overflow in Corel WordPerfect Office X3 13.0.0.565 allows user-assisted remote attackers to execute arbitrary code via a long printer selection PRS name in a Wordperfect document...

CVE-2007-1735

Stack-based buffer overflow in Corel WordPerfect Office X3 13.0.0.565 allows user-assisted remote attackers to execute arbitrary code via a long printer selection PRS name in a Wordperfect document...

[Full-disclosure] Remote DOS HP JetDirect Print Servers

Vulnerability : Remote DOS HP JetDirect Print Servers Product : HP JetDirect Print Servers "HP LaserJet Series" By: Handrix handrixatmorxorg 26 March 2007 MorX security research team www.morx.org +-------------+ | Description...

Corel Wordperfect Office X3 Stack Overflow

Product Name: Wordperfect X3 13.0.0.565 Vendor: http://www.corel.com Date: 28 March, 2007 Author: Jonathan So jonny @ nop-art dot net Advisory URL: http://www.nop-art.net/advisories/wpwinX3.txt I. DESCRIPTION A stack overflow vulnerability has been found in Wordperfect X3. The vulnerability could...

Easily crack open the Lost Password laptop-vulnerability warning-the black bar safety net

For laptops, it is best not easily set a password, because the laptop's boot password is not like a PC that stored in CMOS circuit can through the discharge clear, at the moment a new laptop is the password stored on the motherboard of the few pieces of logic circuits, we personally are unable to...

Code injection

Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files...

CVE-2007-0728

Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files...

CVE-2007-0728

CVE-2007-0728 affects Apple Mac OS X 10.3.9 and 10.4 up to 10.4.8. It describes an insecure file-creation flaw during USB printer initialization, allowing local users to create or overwrite arbitrary files. The available source summarizes impact as local access with partial confidentiality/integr...

CVE-2007-1218

Off-by-one buffer overflow in the parseelements function in the 802.11 printer code print-80211.c for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service crash via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based...

[Full-disclosure] tcpdump: off-by-one heap overflow in 802.11 printer

There's an off-by-one heap-overflow in the ieee802.11 printer, which can be triggered by a maliciously crafted 802.11 frame. The link type must have been explicitly specified for this to work. The function parseelements in print-80211.c checks the length pbody-tim.length from the frame for too...

MDKA-2006:056 : drakxtools

Several bugs were fixed in drakxtools: - it was not possible to start rpmdrake from the menu 26383 - it was not possible to set up updates media and then distro media or the reverse in edit-urpm-sources - drakauth: o add encrypted home and pammount support o hide password when calling 'net join' ...

Mandrake Linux Security Advisory : gtk+2.0 (MDKSA-2007:039)

The GdkPixbufLoader function in GIMP ToolKit GTK+ in GTK 2 gtk2 allows context-dependent attackers to cause a denial of service crash via a malformed image file. CVE-2007-0010 The version of libgtk+2.0 shipped with Mandriva Linux 2007 fails various portions of the lsb-test-desktop test suite, par...

samba security update

CentOS Errata and Security Advisory CESA-2007:0060 Updated samba packages that fix a denial of service vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Samba provides file and printer sharing services to SMB/CIF...

[SECURITY] Fedora Core 6 Update: samba-3.0.24-1.fc6

Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of available files and printers. The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows,...

Multiple Printer Providers (spooler service) Privilege Escalation Exploit

No description provided by source. /Private exploit- internal use only Title: Universal exploit for vulnerable printer providers spooler service. Vulnerability: Insecure EnumPrintersW calls Author: Andres Tarasco Acu [email protected] Website: http://www.514.es This code should allow to gain SYSTEM...

Multiple Printer Providers (spooler service) Privilege Escalation Exploit

Exploit for unknown platform in category local exploits ========================================================================= Multiple Printer Providers spooler service Privilege Escalation Exploit ========================================================================= /Private exploit-...