Enable Media Replace WordPress plugin version 2.3 suffers from remote shell upload and SQL injection vulnerabilities.
c704208044e25049fc23310c983128a5a4dd32de8271a106ecf2d492cf255edbSecunia Research has discovered a vulnerability in GNU Enscript, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "read_special_escape()" function in src/psgen.c. This can be exploited to cause a stack-based buffer overflow by tricking the user into converting a malicious file. Successful exploitation allows execution of arbitrary code, but requires that special escapes processing is enabled with the "-e" option. GNU Enscript versions 1.6.1 and 1.6.4 beta are vulnerable.
8a7d447dd69db4f8d793cacd7994b607c6795026d0ed31d75ebc239dfccf920dSecunia Research has discovered a vulnerability in Evolution, which can be exploited by malicious people to potentially compromise a vulnerable system. A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers. Evolution version 2.8.2.1 is affected. Other versions may also be affected.
041da7106d89467969e704e26924c8b857c84a03ce6cb4e5b2b92a09948ef4a5Swedish Security Audit Group - [SSAG#001] :: cURL tftp:// URL Buffer Overflow: There is a buffer overflow in cURL when it fetches a long tftp:// URL with a path that is longer than 512 characters. Successful exploitation of this vulnerability allows attackers to execute code within the context of cURL. It affects cURL 7.15.0, 7.15.1* and 7.15.2*.
36ca04a1f057d6b3c5096a9dd844560eb67a9d261d88dc180d57bde1a777ddd1Proof of concept exploit for the remote format string vulnerability discovered in the xine/gxine CD player. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0. Patch available here.
ae1c511af9c5fd4967684e6f3287c7f4fca6594afee4b7ff717ad17350d3071fPatch for the xine/gxine CD player that was found susceptible to a remote format string bug. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0.
6e77aa5381a31e060d00c8af9e23be5266d5a7c218794981c37b49ec78e5e54bThe xine/gxine CD player is susceptible to a remote format string bug. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0. Patch available here.
1aea14a58fd32bca633044be383cec8a50c14ce68e2981888d358c4b5a246842Elm versions 2.5 PL5 through PL7 suffer from a remotely exploitable buffer overflow when parsing the Expires header of an e-mail message. Patch Included.
a0048706263ba22986c98fc1ac407ea2c9fe958fe2e09c38222c4cd1ea0a4505kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, no matter how malformed HTML input you give it. It also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things.
e9bee41940b31705d7a37e1abef91138bcd038e3f0b86ffc9b0e2ca4c0f451a3ez-ipupdate is susceptible to a format string bug. It, at the very least, affect versions 3.0.11b8, 3.0.11b7, 3.0.11b6, 3.0.11b5 and 3.0.10. It does not affect 2.9.6.
c6b17bb453d52744e3c14270258284ead1e82fe3fff997919a781b5809c62d15LHa versions 1.14d to 1.14i and 1.17 suffer from buffer overflows and directory traversal flaws.
7ae3e4725ed69dd046198c050806c9823138937d3f1cdf941f31a097fd5ab9b4Remote exploit that makes use of a buffer overflow in GNU Anubis. Vulnerable versions: 3.6.2, 3.9.93, 3.9.92, 3.6.0, 3.6.1, possibly others.
6f547b7717fcf62439171559f0223a0358e15ef1457120541045bf8af97228f1GNU Anubis is vulnerable to multiple buffer overflow attacks and format string bugs. Vulnerable versions: 3.6.2, 3.9.93, 3.9.92, 3.6.0, 3.6.1, possibly others
b0fe1f61d8763fc679ba6f83853b5115d77c1101fb9f753f2ba402ca8da4f1e1Patch and test scripts for two format string bugs and two buffer overflows that exist in Metamail versions 2.2 through 2.7.
5c1618c98e6a139bd0f992f39d1dbffadbc0e420c206670fe34abf8a5179ab40Two format string bugs and two buffer overflows exist in Metamail versions 2.2 through 2.7. Patch and test scripts to test for these vulnerabilities are available here.
f87cacd3242fbcf612c56f4eaf1a98087ff149f8e0193954c91e2f2045ff1a8fTwo buffer overflows exist in lftp versions 2.3 to 2.6.9. When using the ls and rels commands during an HTTP/HTTPS connection, an attacker has the opportunity to exploit a sscanf() call in try_netscape_proxy() and try_squid_eplf().
763cfb7b83021a88fea152144b0becd3ae188d5febab74fae428d2aa26a62665kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, no matter how malformed HTML input you give it. It also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things.
650ffa702ed6c8d0c73b7c94d754b38660d482b371122c9d3809924aab1d6f76Alexandria versions 2.5 and 2.0, the open-source project management system used by Sourceforge, has multiple vulnerabilities in its PHP scripts. In the upload scripts there is a lack of input validation that allows an attacker to remotely retrieve any files off of the system, such as /etc/passwd. Other vulnerabilities including the sendmessage.php script allowing spammers to make use of it to mask real source identities and various cross site scripting problems exist as well.
3b8cd898c56ffd9fbcad5f8c4a643c6201ae0184608d07c89c46e5d1ba679c07Hypermail 2, a popular tool that converts mails into html, has two buffer overflows. One exists in the hypermail program itself and another is in the CGI program mail. The overflow in the main program can be overflowed by sending an email while the CGI program can be overflowed by a DNS server being populated with faulty information. Versions affected: 2.1.3, 2.1.4, 2.1.5, possibly others. 2.1.6 is not affected.
61a11ef37ef28b1b5d6f5cb454068252442924f04a265874f41380b4830f4637PHP-Nuke v6.0 allows remote users to send email to any address on the internet by entering malformed email addresses. Patch included.
f324c19dbb506141832f85077a736850e56b7b492f689c7d1dbbcc19a71e156eNocc v0.9.5 contains cross site scripting vulnerabilities which allow an attacker to take over a victim's e-mail account and/or perform actions against the victim's will, by simply sending a malicious e-mail message to the victim. Fix available at http://nocc.sourceforge.net.
9dc7f58e6a84de7afd3c2dc0c1c01e0a92637f30032701f1adde85a1090db208fopen(), file() and other functions in PHP have a vulnerability that makes it possible to add extra HTTP headers to HTTP queries. Attackers may use it to escape certain restrictions, like what host to access on a web server. In some cases, this vulnerability even opens up for arbitrary net connections, turning some PHP scripts into proxies and open mail relays.
5290e8e6790626ca08c64a22a15bf3eaf5ff02cbf45a8623f2fd9c85f94d348fLynx prior to v2.8.4rel.1 contains a vulnerability which allows a web site owner to cause lynx to download files from the wrong site on a webserver with multiple virtual hosts because lynx fails to remove or encode dangerous characters such as space, tab, CR and LF before constructing HTTP queries.
76cadd36c69520fb9295e1e9db5a96658f1721be3a8c838c891d9f76c4a927aeFUDforum is templatable forum with i18n support based on PHP and either MySQL or PostgreSQL. It has got two security holes that allow people to download or manipulate files and directories outside of FUDforum's directories. One of the holes can be exploited by everyone, while the other requires administrator access. The program has also got some SQL Injection problems.
e64f483bbd2b238d0b033fe09136f94a50002a78eace341308a2309094a7302cDouble Choco Latte, a project management package, contains remote vulnerabilities which allow any file on the webserver to be read and cross site scripting bugs.
acb217fc6a980bd564416b4953fee5ba579712a79602d438e7328d8eb8697b65
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed