During the typical installation of the Windows Skype client, several URI handlers are installed. This allows for easy access to the Skype client through various URI types. Due to a flaw in the handling of one of these types, it is possible to include additional command line switches to be passed to the Skype client. One of these switches will initiate a file transfer, sending the specified file to an arbitrary Skype user. All releases prior to and included 2.0.*.104 and releases 2.5.*.0 to and including 2.5.*.78 are affected.
fe8684d0edbac32afb8e4bff76ec9538762c80234c607c689d1420885cc275e9PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
5b9b16feef9c73ca2c84610cef13be1f63d81790e0ac6de5dfb1b8f395860710Gentoo Linux Security Advisory GLSA 200605-15 - Konstantin V. Gavrilenko discovered two flaws in the Routing Information Protocol (RIP) daemon that allow the processing of RIP v1 packets (carrying no authentication) even when the daemon is configured to use MD5 authentication or, in another case, even if RIP v1 is completely disabled. Additionally, Fredrik Widell reported that the Border Gateway Protocol (BGP) daemon contains a flaw that makes it lock up and use all available CPU when a specific command is issued from the telnet interface. Versions less than 0.98.6-r1 are affected.
b0a8d5cd48eeb8de0e203c43e8dc7712e25afcd672b6e05de2783d51c087bc00Gentoo Linux Security Advisory GLSA 200605-14 - Luigi Auriemma has found two heap-based buffer overflows in libextractor 0.5.13 and earlier: one of them occurs in the asf_read_header function in the ASF plugin, and the other occurs in the parse_trak_atom function in the Qt plugin. Versions less than 0.5.14 are affected.
f973e11d8595d68f65bc8261c04c0bf5060deb74a01b421ccc03728facce541bSimple tool written in Perl that creates ISO images for OpenBSD releases.
e234cca5b3aefcb2ab7990e01db7316174e5c7b311923ef1deee23229a8a2befXAMPP version 1.5.2 is susceptible to multiple privilege escalation flaws and a rogue autostart vulnerability.
7297df138d18e6eb6c7c38264ddf0a821e1cc6c91cdd646bca96f9ef24a832d5A remote stack-based buffer overrun exists in Cyrus-imapd pop3d. Details and an exploit are included.
82161cf883e561f19427245498c6582519e5016503ff74be5188231044a685f5VP-ASP versions 6.00 through 6.08 suffer from a remote SQL injection vulnerability.
1b5495f9c3740506d9edae8c1736c015f16f163c6fc0bb4ef38ccbaa0eb08332Zix Forum versions 1.12 and below suffer from SQL injection vulnerabilities.
bdf69dc66c8e8f459c378175b7daf6e0f8c6262e5f8ffbd77f07cb44499f3cadphpBazar versions 2.1.0 and below suffer from remote file inclusion and credential access flaws.
00478fbdb5351eefeb5d81be1a5d6c27097cd5480e00b7af2d27e8fd503c9031RaceEventManagement version 0.7.6 is susceptible to SQL injection and cross site scripting attacks.
eae1cab37f222ee56b41cd2dc14d93a3307e898d69f32be0db85d225c3653de6IP3 NetAccess password decoder.
007ccb7e31d98a988f6328dd6b9ad29e032e5b20fe0f53d46bf737c7f50071bbnews_information.php in Interlink is susceptible to cross site scripting.
7cdcea199cf51b0f39bafe2ea1ffb36340fd1f556431cc8668ef2e5ec8342c97Technical Cyber Security Alert TA06-139A - Microsoft Word contains a buffer overflow vulnerability. Opening a specially crafted Word document, including documents hosted on web sites or attached to email messages, could trigger the vulnerability.
377ebcb7f82d4865992dcc13aa090f8adeb67a777241c75002a8de8f1dba8eb0Xtremescripts Topsites version 1.1 is susceptible to cross site scripting and SQL injection attacks.
fdaaa1b904f3d4668f745b3ce9dc725128e626ae965c46aa95120f59be707693HP Security Bulletin - Potential security vulnerabilities have been identified in Firefox for HP Tru64 UNIX and in the Mozilla Application Suite for HP Tru64 UNIX. The vulnerabilities could result in possible remote execution of arbitrary code or Denial of Service (DoS).
dd049efa818fdca04bd5bb38f3e96d52d39f9b915dc1965f8f5e023b39235ff2HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the BINDv4 Domain Name Server (DNS). The vulnerability could be exploited to poison the DNS cache leading to remote unauthorized access or Denial of Service (DoS).
0d5d444541a44ed20570261c9e25d81c924f55ca73f9005bbdca66ee3c74ff69HP Security Bulletin - A vulnerability has been identified in Sendmail which may allow a remote attacker to execute arbitrary code.
c4aa87665ea964bf5390f12fa0caa35e086e16afc4f14fc2f57d1291216c90d9A vulnerability exists in Apple Safari 2.0.3 (417.9.3) and perhaps in prior versions which shows up the SRCOD (Spinning Rainbow Cursor Of Death).
64b97db60958045d4f85727b0ccb2b460d2415343e0f67865cdd803727e5aa8eDebian Security Advisory 1070-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
abfcfec9c5426c958a64908deb18952c3f845f8445134d03db74cbc25cfdf681Debian Security Advisory 1069-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
fab714dc124579d951ee366f6385b72113496733cdf4deee7907e87627abd79fDebian Security Advisory 1068-1 - Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks.
d91cd93f6b5c08df6471d6f383665ab228d015f5dfcd95210badd7235c616b72Debian Security Advisory 1067-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
cf16a95da35f3097d98388731b9cf890a3bd55ad5244f960416c44754c15f95eDebian Security Advisory 1066-1 - It was discovered that phpbb2, a web based bulletin board, does insufficiently sanitize values passed to the "Font Colour 3" setting, which might lead to the execution of injected code by admin users.
26b3194ce79c5ecacaff8a5d1cc1eb91b6bd6d8cf30771d6931218a1efce7284Debian Security Advisory 1065-1 - Matteo Rosi and Leonardo Maccari discovered that hostapd, a wifi network authenticator daemon, performs insufficient boundary checks on a key length value, which might be exploited to crash the service.
0309d7161a568e1f72760c9de546122e8b740ed73f8ea6cf700313fe311708ec
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed