Multiple tools within the Netpbm package create temporary files in an insecure manner

Overview Multiple tools within the Netpbm package create temporary files in an insecure manner. Description Netpbm is a toolkit that contains over 220 separate tools for manipulating graphic images. Multiple tools within the Netpbm package create temporary files insecurely. --- Impact A local...

Linux kernel IP stack incorrectly calculates size of an ICMP citation for ICMP errors

Overview The Linux 2.0 kernel contains a vulnerability in the way it processes ICMP errors. This could lead to portions of memory being leaked to a malicious user. Description The Linux 2.0 kernel versions 2.0 through 2.0.39 inclusive contains an error in the calculation of the size for an ICMP...

Venturi Client 2.1 confirmed as open relay [Verizon Wireless Mobile Office]

Product: Fourelle|Venturi Wireless Venturi Client all versions prior to 2.2 Brief Description: Acts as an open proxy for protocols including SMTP. Description: Venturi Client is a multi-protocol proxy that operates in conjunction with a proprietary transcoding server. It inserts itself into the...

sendmail 8.12.8 available

-----BEGIN PGP SIGNED MESSAGE----- Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.12.8. It contains a fix for a critical security problem discovered by Mark Dowd of ISS X-Force; we thank ISS X-Force for bringing this problem to our attention. Sendmail urges al...

Multiple IPsec implementations do not adequately validate authentication data

Overview IPsec implementations from multiple vendors do not adequately validate the authentication data in IPsec packets, exposing vulnerable systems to a denial of service. Description For background: RFC 2401 Security Architecture for the Internet Protocol RFC 2402 IP Authentication Header RFC...

Microsoft Windows 2000 vulnerable to DoS via malformed packets sent to port 445/tcp

Overview The default configuration of Microsoft Windows 2000 does not properly handle malformed packets received on TCP port 445. As a result, Windows may cease to function normally upon receipt of malformed packets on this port. Description Microsoft LAN Manager LANMAN is enabled by default on...

thttpd-219.txt

thttpd 2.19 and earlier server-side-includes CGI program ssi allows retrieval of arbitrary world-readable files Date: October 2, 2000 Application: thttpd 2.19 and before Author: ghandi Vendor Status: merged patches into thttpd 2.20 Fix: upgrade into thttpd 2.20 1. Description The included cgi-bin...

Michael Sandrof IrcII 4.4-7 - Remote Buffer Overflow

Michael Sandrof IrcII 4.4-7 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1046/info IrcII is a well-known Internet Relay Chat IRC client for unix. Version 4.4-7 and possibly previous versions are known to be vulnerable to a buffer overflow condition in their direct...

Michael Sandrof IrcII 4.4-7 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/1046/info IrcII is a well-known Internet Relay Chat IRC client for unix. Version 4.4-7 and possibly previous versions are known to be vulnerable to a buffer overflow condition in their direct client-to-client DCC chat implementation. It may be possible...