iDEFENSE Security Advisory 10.02.2002 - The SNMP daemon included in the Net-SNMP (formerly known as ucd-snmp) package crashes if it attempts to process a specially crafted packet. This affects Net-SNMP 5.0.1, 5.0.3 and 5.0.4.pre2. Net-SNMP is no longer affected and can be downloaded here.
5c79243b80e30f146fd1dc449457202730c88daf5ec519bc3267742a3e57f584This document describes how to compromise Solaris systems prior to version 9 by using a telnet client only.
ba05ee6ac0393c5d63a2046f794f28c1c85e51bfa90d2ea02db8150c95501fd7The Apache servers prior to 2.0.43 insecurely include the value of the 'Host:' header field, received from a connected client, into the SSI error pages. This can be abused for remote cross-site scripting. Apache 1.3.x servers are not affected.
d50f05528a29fbb5a05af733fd529fd69f45701adeb8c86c64d8718b418adecdE-Matters security advisory - Several buffer overflows have been found in fetchmail versions prior to 6.1.0. Overflows in the readheaders() and getmxrecord() function can be used in remote denial of service attacks that may cause data loss. An overflow found in the parse_received() function allows remote code execution and may be used to compromise an affected host.
1c6a40ce9f52ec5bad26332b8020746c2492bdf33417e8c825422b64fdfc8d11iDEFENSE Security Advisory 10.01.2002 - It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium's Restricted Shell (SMRSH) and execute a binary of his choosing by inserting a special character sequence into his .forward file. Two attack methods both of which are detailed. Patch available here.
e1968987be598ce21fb8b01554f9dd70ecddae77782675c6591f723f39c2dab1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed