FreeBSD : bmon -- unsafe set-user-ID application (18)

The following package needs to be updated: bmon %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg938f357c16dd11d9bc4a000c41e2cdad.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-200...

FreeBSD : cyrus-sasl -- dynamic library loading and set-user-ID applications (35)

The following package needs to be updated: cyrus-sasl %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg92268205194711d9bc4a000c41e2cdad.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

CVE-2004-0844

Internet Explorer 6 on Double Byte Character Set DBCS systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability."...

Microsoft Internet Explorer vulnerable to address bar spoofing on double byte character set systems

Overview Microsoft Internet Explorer contains a vulnerability in how it processes URLs on Double Byte Character Set DBCS systems. This could allow an attacker to spoof the address of a web site. Description Microsoft Internet Explorer contains a canonicalization error when it parses special...

Debian DSA-554-1 : sendmail - pre-set password

Hugo Espuny discovered a problem in sendmail, a commonly used program to deliver electronic mail. When installing 'sasl-bin' to use sasl in connection with sendmail, the sendmail configuration script use fixed user/pass information to initialise the sasl database. Any spammer with Debian systems...

[SECURITY] [DSA 554-1] New sendmail packages fix potential open relay

-------------------------------------------------------------------------- Debian Security Advisory DSA 554-1 [email protected] http://www.debian.org/security/ Martin Schulze September 27th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 554-1] New sendmail packages fix potential open relay

-------------------------------------------------------------------------- Debian Security Advisory DSA 554-1 [email protected] http://www.debian.org/security/ Martin Schulze September 27th, 2004 http://www.debian.org/security/faq -...

linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes

linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes. Shellcode exploit for linx86 platform / Linux/x86 /bin/cp /bin/sh /tmp/katy ; chmod 4555 /tmp/sh using fork / include char shellcode = "\xeb\x5e\x5f\x31\xc0\x88\x47\x07\x88\x47\x0f\x88\x47\x19\x89\x7f"...

cyrus-sasl -- dynamic library loading and set-user-ID applications

The Cyrus SASL library, libsasl, contains functions which may load dynamic libraries. These libraries may be loaded from the path specified by the environmental variable SASLPATH, which in some situations may be fully controlled by a local attacker. Thus, if a set-user-ID application such as chsh...

Sun Solaris dtmail contains a format string vulnerability

Overview A vulnerability in the way dtmail handles command-line arguments could allow an attacker to execute arbitrary code. Description The dtmail program is a mail user agent MUA for the Common Desktop Environment CDE. It provides a graphical user interface for reading, sending, and managing...

ifmail -- unsafe set-user-ID application

Niels Heinen reports that ifmail allows one to specify a configuration file. Since ifmail runs set-user-ID news', this may allow a local attacker to write to arbitrary files or execute arbitrary commands as the news' user...

CVE-2004-0667

Rule Set Based Access Control RSBAC 1.2.2 through 1.2.3 allows access to syscreat, sysopen, and sysmknod inside jails, which could allow local users to gain elevated privileges...

Oracle 9i - Multiple Vulnerabilities

Oracle 9i - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/10871/info Reportedly, multiple unspecified Oracle products contain multiple unspecified vulnerabilities. The reported vulnerabilities include SQL-injection issues, buffer-overflow issues, and others. There have also...

Oracle 9i - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/10871/info Reportedly, multiple unspecified Oracle products contain multiple unspecified vulnerabilities. The reported vulnerabilities include SQL-injection issues, buffer-overflow issues, and others. There have also been reports that issues covered in th...

Gallery 1.4.4 - Remote Server-Side Script Execution

Gallery 1.4.4 - Remote Server-Side Script Execution source: https://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the...

bmon -- unsafe set-user-ID application

Jon Nistor reported that the FreeBSD port of bmon was installed set-user-ID root, and executes commands using relative paths. This could allow local user to easily obtain root privileges...

Centrinity FirstClass HTTP Server 5/7 - 'TargetName' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9950/info It has been reported that FirstClass HTTP Server may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. The issue presents itself due to insufficient...

CVE-2004-2080

Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier SSID to a single space, which prevents Red-Alert from correctly identifying the SSID...

Microsoft Internet Explorer contains buffer overflow in Type attribute of OBJECT element on double-byte character set systems

Overview Certain versions of Microsoft Internet Explorer IE that support double-byte character sets DBCS contain a buffer overflow vulnerability in the Type attribute of the OBJECT element. A remote attacker could execute arbitrary code with the privileges of the user running IE. Description...

[NT] Internet Explorer Object Type Buffer Overflow in Double-Byte Character Set Environment

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...