Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges. This update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572.
48766d685990315070f438d337357a3ed5e8bf3ab023ea7a9133edf9cbbf5de3Ubuntu Security Notice 549-1 - Various integer overflows, arbitrary code execution, and denial of service vulnerabilities have been fixed in PHP 5.
82dae6b629e189b7e2d3dfbad033c409a70c0f0886d117b786a64d4164df2e82Asterisk Project Security Advisory - A SQL injection vulnerability exists in Asterisk versions prior to 1.4.15. Input buffers were not properly escaped when providing the ANI and DNIS strings to the Call Detail Record Postgres logging engine. An attacker could potentially compromise the administrative database containing users' usernames and passwords used for SIP authentication, among other things.
bea6b18a3ed4c0fb66fe9dbf57a59dd37c48c68de19de9b9e05cc4b4d31f9144Asterisk Project Security Advisory - A SQL injection vulnerability exists in Asterisk versions prior to 1.4.15. Input buffers were not properly escaped when providing lookup data to the Postgres Realtime Engine. An attacker could potentially compromise the administrative database containing users' usernames and passwords used for SIP authentication, among other things.
a6dfd2c5d7a40d837c11582e71764dcde062ba282383e034543da1782c87505bThis patch makes OpenSSH register triplets <host user password> in a temporary file. Revised for versions 4.7 and below.
e0d0de7253fbc8a0fc11d46cad30c386399693cc41cb2af74458be014a27f7c7RatHole is a unix backdoor which compiles cleanly on standard Linux and OpenBSD (probably other BSD flavors also) without additional libraries. It features blowfish encryption, process name hiding and definition of a preferred shell. It spits no error messages (like for sockets already bound) because it is supposed to be stealth. When a client connects to the backdoor a new shell process and two pipe files are created. The I/O of the shell is duped to the pipes and the daemon encrypts the communication.
fbe5c36d731f754dcc4388d276bef0b3b889807efd52695ac4245bf802edad60Ossigeno Suite CMS versions 2.2 and below suffer from remote file inclusion vulnerabilities.
cd3a5fd83140abce7c288c2c60a9cee0fb1afe1cda596e4ce6c9e0a8c6964c74FreeBSD Security Advisory - Insufficient sanity checking of paths containing '.' and '..' allows gtar to overwrite arbitrary files on the system.
dcc19ef1a758f3087be980a876f9e362719306f374c5862dbc64840fe61c16acFreeBSD Security Advisory - Under certain circumstances, a bug in the internal state tracking on the random and urandom devices can be exploited to allow replaying of data distributed during subsequent reads.
79fc48bb0be0a2fc8194b995f8df4fc946ed9da015fb0ef3779e6e7ea6fd4d16APC PDU products appear to be susceptible to a login bypass vulnerability.
cddc046fb1c3ecf8ec09e8c5618b1bb6d2591ae1445c8a726bdb5ac8f79ece9cDebian Security Advisory 1409-3 - This update fixes all currently known regressions introduced with the previous two revisions of DSA-1409. Several local/remote vulnerabilities have been discovered in samba, a LanManager-like file and printer server for Unix. Alin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges. Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service.
5cf11e10c5649423ca621dbf1d4a4566f81cccf2418df1769e870c3d08f35635HP Security Bulletin - A potential security vulnerability has been identified with HP-UX Apache. The vulnerability could be exploited remotely to execute arbitrary code.
f63a9bd5a0698cd681c8b04d2fd5fe18872f24f269fb32468a34000ffd0d74f9HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS).
7dec54325aa0cda506b8cc747e59839eaa392ae4ba61347062f6e4a8419a6582The TIBCO Rendezvous RVD daemon is vulnerable to a memory leak, which when remotely triggered, prevents any further RV communication until the daemon is manually restarted.
9b47c3f0d8d8d8e825a8e2b220b2e9cd6cf11eac58883b543d58a90bfff9de2bApple Quicktime versions 7.2 and 7.3 RTSP response Content-Type header stack buffer overflow exploit for Mac-OSX and Microsoft Windows.
d154c6e12dd365a42668982a18f11a460123575bb7de81ca79d27b0ed0ca101eFTP Admin version 0.1.0 suffers from bypass, local file inclusion, and cross site scripting vulnerabilities.
1859291e1795d3ac49baf5fb6e89514071d68e63fd16ad1c63999b6d2caab4aaSeditio CMS versions 1.21 and below remote SQL injection exploit.
f53e7a30e46b0e8e26ae4f106fb3d029aef94db96279f4e6c65fcfad39c246c7LearnLoop version 2.0beta7 suffers from a remote file disclosure vulnerability in file_download.php.
5e7f1ec0569d3e30501f00dcafd7c91c5c1c41d0f8f6ff09bc9967eb5f6dad26KML Share version 1.1 suffers from a remote file disclosure vulnerability in region.php.
720db40fcf6a7157e2432fd002691514e5c617998bec7b087776d09352e62edfWebED version 0.0.9 suffers from a remote file disclosure vulnerability in index.php.
150a0fc1508eba2f9756b47e06851150974ee8c1ab3841c751e7a4d7a618c1efWeb-MeetMe version 3.0.3 suffers from a remote file disclosure vulnerability in play.php.
9f961294fefd8f6e0c68621a00f214a3e85507c1cd59fd2682db653e46496a93Windows Media Player AIFF divide by zero exception denial of service proof of concept exploit.
453f2cfb6509e25e10dc2a2fef0ec098e68aaefe9e4056477cdbe80676f49d1dWhitepaper detailing Microsoft API function pointer hijacking.
056bec8064de1bf2562b771532fd532fa7fea977fe12de89101bf552a8806647Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the bad hosts for a given amount of time using pfctl.
3788e0b71206eeb9efe51c5e1ec4b2cfccc04e87a74b5d9310a7ebe06ae3500cNuhe is a rule based log monitoring system which is capable of taking action when rules are matched against log activity. By default, Nuhe runs in the background (as a daemon), but it can also be used in the foreground in a log analyzer mode.
a1a3f6cedcab7b2e7afe0cd241c27c5108afad95f1c04c5fec5ef20734fca44e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed